I would really thanks for this valuable content on azure, I just have one question about this implicit flow that is this the openid connect protocol that we used ?
@@azureteachnet Hi , I really enjoyed your content! It would be great if you could continue to provide us with more information on Auth code flow and Client Credential flow. I’m particularly interested in understanding how, once a user is authenticated using any flow in a web app, they can use the same token to call a secure web API endpoint. I’m not sure what this process is called, but I’d love to learn more about it. Keep up the great work! Please Use dark mode for Visual Studio.
@@TellaTrix Thanks for your time in providing the detailed feedback. The channel already have multiple videos on delegated and client credentials flow. I will explain auth code flow in one of my future videos. Thanks.
Super helpful. I had trouble getting my head around how was the postmanApp able to access WebAPIangluarDemo. My thought/guess is that since postmanAPP is requesting token on resource(WebAPIangularDemoApp) on behalf of the signed in user who has an app role(scope) inside the WebAPIangularDemoApp. Please correct me if i am wrong.
Hej, In this video you have created two app registrations: first is AzAngularDemoApp, second: PostmanClientApp, but you have not updated client ID in the application, so that in asp net core api is still client id of AzAngularDemoApp, when we receive the token using postman token ID in it is client ID of postman app registration The question is: How web api fetches the token if client ID in appsettings does not match the client ID in token itself? Or it is done via scope in token?
Excellent video in short.. Thanks for sharing the knowledge.. It would be so great if you could make a video on creating azure yml pipeline with a sample application. Thanks.
Thank you. Sure. I have it in my list. I have a plan to create yml pipelines for Docker build and Kubernates deployment using Azure pipelines too. Here is a video on deploying Angular Applications to Azure Storage account using Azure Pipelines(Not yml based). Please check it if you have not watched yet. ruclips.net/video/9PTFz_hTEpU/видео.html Thank you.
Thank you so much for the video. I follow this video but get an 401 error when calling the api via postman. Is there any possible reasons that I can look into? BTW, I am using .Net 6 for the web api
1. check if the user has roles assigned. 2. verify you are passing the proper scope as shown in the video. 3. Check if the client application (postman) has permissions to access the api. If not, Go to Expose an Api and add postman app registrations client id as client application. 4. grab the token and decode it in jwt.io site to verify if the token has the required scopes and roles. Ideally, If you replicate the video there should not be any issue. There are other videos in the channel in which I had to use the same concept 🙂. Please let me know if you still face the error. Subscribe to the channel, if you have not subscribed yet. There are more azure videos in the channel and more to come in future. Thank you
yup. we can do that. We can use powershell/Azure CLI or even .net programs as well. Please subscribe to the channel if you have not subscribed yet. Thank you.
Thanks for sharing the video. It is very helpful!! I have one question How can we access API from another API (without collection username and password)
Here is a video on Facebook login. Google authentication will be similar if you want to add through the azure. Check if it helps -ruclips.net/video/sd6pmmNY1PY/видео.html otherwise will post a video soon. Thank you.
Yup we can do that. However, In this video, I have shown generating the token on behalf of user (Delegated permissions flow). If you want to use Clinet_Credentials, you need to pass client_id and client_secret. Here is the video which may help. ruclips.net/video/PskWSEdc6v4/видео.html Please subscribe to the channel if you have not subscribed yet. Thank you.
@@azureteachnet Can we create AAD application using Powershell/CLI and set Acccess tokens (used for implicit flows) and ID tokens (used for implicit and hybrid flows)
Here is the source code - github.com/AzureTeachNet/AzureTeachTutorials/tree/Angular_WebAPI_AzureAD_Authentication_Authorization/WebApiAngularAdDemo
This is a great tutorial. One of the few ones that actually show what I needed.
Thanks for the feedback. Please subscribe to the channel if you have not subscribed yet.
Amazing, the Postman integration is clean! 😎
Azure As whole series are excellent
God Bless you, good man! 🧐👌
Thanks for feedback. please subscribe to the channel if you have not subscribed yet. The channel have a lot of realtime videos on azure. Thanks
Very nice Tutorial. The Postman part was extremely helpful. Thanks a lot.
Thanks. Please subscribe to the channel, if you have not subscribed yet.
Thanks for the video, very helpful
I would really thanks for this valuable content on azure, I just have one question about this implicit flow that is this the openid connect protocol that we used ?
Azure AD uses standard complaint implementations of Oauth2.0 and Open Id connect(OIDC)1.0.
@@azureteachnet Hi , I really enjoyed your content! It would be great if you could continue to provide us with more information on Auth code flow and Client Credential flow. I’m particularly interested in understanding how, once a user is authenticated using any flow in a web app, they can use the same token to call a secure web API endpoint. I’m not sure what this process is called, but I’d love to learn more about it. Keep up the great work! Please Use dark mode for Visual Studio.
@@TellaTrix Thanks for your time in providing the detailed feedback. The channel already have multiple videos on delegated and client credentials flow. I will explain auth code flow in one of my future videos. Thanks.
Wow, Naga awesome learning today for me. I was always thinking how this custom role does works in azure AD. Thank you Naga
Thanks for this video. Excellent overview of getting authentication up and running quickly and seamlessly. Kudos for the Postman setup part too.
Thanks for your comment. There are more videos on Azure in the channel. Please subscribe to the channel if you have not subscribed yet.
Thank you brother ❤
please subscribe to the channel if you not subscribed yet. Thanks
Great tutorial!, exactly what I was looking for. Thanks !
Super helpful. I had trouble getting my head around how was the postmanApp able to access WebAPIangluarDemo. My thought/guess is that since postmanAPP is requesting token on resource(WebAPIangularDemoApp) on behalf of the signed in user who has an app role(scope) inside the WebAPIangularDemoApp. Please correct me if i am wrong.
yes. please subscribe to the channel if you have not subscribed yet. Thank you.
Hej, In this video you have created two app registrations: first is AzAngularDemoApp, second: PostmanClientApp, but you have not updated client ID in the application, so that in asp net core api is still client id of AzAngularDemoApp, when we receive the token using postman token ID in it is client ID of postman app registration
The question is: How web api fetches the token if client ID in appsettings does not match the client ID in token itself? Or it is done via scope in token?
I think it’s via the JWT itself. The original request from the SPA should contain the scope of the target resource no?
That was an awesome tutorial. Helped me a lot.
Thanks for the feedback. Please subscribe to the channel if you have not subscribed yet.
Cool. Exactly what I was looking for. Thanks
Thanks for the feedback. Please subscribe to the channel if you have subscribed yet. Thanks
Excellent video in short.. Thanks for sharing the knowledge.. It would be so great if you could make a video on creating azure yml pipeline with a sample application.
Thanks.
Thank you. Sure. I have it in my list. I have a plan to create yml pipelines for Docker build and Kubernates deployment using Azure pipelines too. Here is a video on deploying Angular Applications to Azure Storage account using Azure Pipelines(Not yml based). Please check it if you have not watched yet.
ruclips.net/video/9PTFz_hTEpU/видео.html
Thank you.
thanks bro, this was really helpful.
Thanks for the feedback. Please subscribe to the channel if you have not subscribed yet. Thanks.
Can you a post a Python3 and Flask3 receiving token from Angular sample, please?
I am sorry. My Technical stack is specific to Microsoft Technologies only. I am not experienced with Python. Thanks.
very clear. thank you
awesome! thank you so much
Thank you for the feedback. Please subscribe to the channel if you have not subscribed yet.
I am getting need admin approval for other non manager role users. Can you please help me on that part? Thanks in advance.
Thank you so much for the video. I follow this video but get an 401 error when calling the api via postman. Is there any possible reasons that I can look into? BTW, I am using .Net 6 for the web api
1. check if the user has roles assigned.
2. verify you are passing the proper scope as shown in the video.
3. Check if the client application (postman) has permissions to access the api. If not, Go to Expose an Api and add postman app registrations client id as client application.
4. grab the token and decode it in jwt.io site to verify if the token has the required scopes and roles.
Ideally, If you replicate the video there should not be any issue. There are other videos in the channel in which I had to use the same concept 🙂. Please let me know if you still face the error.
Subscribe to the channel, if you have not subscribed yet. There are more azure videos in the channel and more to come in future. Thank you
Nice explanation, Can we add users to the security group programmatically?
yup. we can do that. We can use powershell/Azure CLI or even .net programs as well. Please subscribe to the channel if you have not subscribed yet. Thank you.
Thanks for sharing the video. It is very helpful!! I have one question How can we access API from another API (without collection username and password)
Do you want to access the other api delegated(on behalf of user) ? Otherwise you can use an app registration and mention the api scope in startup.cs
@@azureteachnet yes, I wanted to call api on behalf of user . Either from class library or any other console app.
@@kancharla13 ok. Will post a video soon.
@@azureteachnet ok sure , thank you !! Is there any other services you offer ?
@@kancharla13 Thanks for asking. Right now busy with other commitments and hardly finding time.
Buen video!! Justo lo que necesitaba. Gracias!!!
Thanks a lot for the feedback. Please subscribe to the channel
Nice...can you please add the video for normal email & passowrd, sigin with google option based autentication? please.... :)
Here is a video on Facebook login. Google authentication will be similar if you want to add through the azure. Check if it helps -ruclips.net/video/sd6pmmNY1PY/видео.html otherwise will post a video soon. Thank you.
Thanks
Hi, Can we use Grant Type as client_credentials here?
Yup we can do that. However, In this video, I have shown generating the token on behalf of user (Delegated permissions flow). If you want to use Clinet_Credentials, you need to pass client_id and client_secret. Here is the video which may help.
ruclips.net/video/PskWSEdc6v4/видео.html
Please subscribe to the channel if you have not subscribed yet. Thank you.
@@azureteachnet Can we create AAD application using Powershell/CLI and set Acccess tokens (used for implicit flows) and ID tokens (used for implicit and hybrid flows)
@@rakeshkaddi Yes. It is possible.
@@azureteachnet Can you please provide me the link or commands
@@rakeshkaddi can you check this - schwabencode.com/blog/2022/03/09/azure-cli-create-azure-active-directory-app-registration . I did not tried it.
how about manages identity?
Yes. We can use managed Identity too.
Please subscribe to the channel if you have not subscribed yet. Thanks