yoplaityum
yoplaityum
PostsComments
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
oh wow okay. it's 8 pm here. I am watching a lot of stuff and reading books. But in terms of identity and how to design the stuff is quite hard to get
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
can we go back to the app role in the manifest of app reg1, and adding user to the app reg2 with that 'write'role ?
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
yeah exactly
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
yeah something like that
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
I haven't tried yet
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
Yeah the one you showed me to validate
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
not sure MI, I think without MI, just pass jwt token Authorization Bear blahblah. Then azure function validate that
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
the external app user client credential in their own app registration
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
how long have you been in the field?
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
are you azure developer?
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
programatically
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
got it. Thanks. In terms of application role. App reg1 has a role called 'write' and in the second app reg2, can I add that role to the users in the app reg2?
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
that's correct. External service does nothing other than sending jwt token for auth and user Id so that azure function to assign the role to the user
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
what about this. Second app reg add secret to keyvault and azure function gets that secret to call graph api to add a role to the second app registration
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
No description
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
does that make sense? or I am crazy lol
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
No description
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
give me a moment. I might be missing something but thank you for answering
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
external service calls azf using client crendential . azf need to assign the user a role called 'write'. That write is from the manifest of the first app registration.
111 replies
CC#
Created by yoplaityum on 4/16/2024 in #help
trying to plan validating azure ad token and calling graph api in azure function
cuz it's an external service called azf. I believe I can validate this from azf and focus on the business logic. Can I ask you another question? Now that everything is fine and got into the function. What I need to do is I have two app reggistrations. One app registration has appRoles assigned in the manifest. In the another app registration, I need add that allRoles called "write" to the user itself. I kind of get the idea abut I am not sure cuz it's hard to find sample code. I might first get client secret for second app registration to and call graph api using client credential flow, then assign the role (not sure how can I can assign roles). Do I need to get the role separately from the first app registration?
111 replies