Check out DefaultAzureCredential part of the new Azure SDK's to connect and retrieve Azure Managed Identity tokens. ruclips.net/video/TU82BTmeNeU/видео.html This is an alternative to using AzureServiceTokenProvider used in this video. The rest of the video is still relevant!
I am here because my husband - who does not have an account - sent me. He wanted me to like your video, because you really helped him with his work today! So, thank you very much! Keep doing this 😊
Nice one, thanks for sharing. However what would be really interesting is, how can I assign USER-DELEGATED permissions to the MSI? What you're doing is working with APPLICATION permissions, that require admin-consent because they are all-or-nothing permissions. But not everyone will be granted these from IT. Rightfully so, because they are too much in most cases. E.g. my service only needs to access one or two sharepoints (corresponding to the permissions a specific user has) instead of ALL sharepoints there are in the tenant.
Glad you liked it. Yes in this scenario I am using application-level permissions. If you are running in the context of a user, can you not use the same token to make the request to the resources you are trying to access? What difficulties are you facing with that?
Hi, Using the same method I was able to fetch the Groups but not the member details. MSI has the User.Read.All permissions as well, still API returns only the user ID and all other user details are null. Could you please help here.
What specific user details are looking at? Did you try this with a different azure AD application? (just to make sure it is not an setting on existing on that is causing the issue)
Hi Rahul, I like your videos and I recently subscribed to your channel, I am new to ASP NET authentication and I have a problem, I develop an app that creates users using a local jwt token that must also work with mircrosoft graph to access files, without However, the 2 tokens cannot coexist in memory (AddInMemoryTokenCache), how can I authorize a controller with 2 tokens that both coexist in memory? How can I implement the MS Graph token in a sql server cache?
Hi, Rahul that was such a piece of good information!!! I want to know can we have "users Risk" data which is shown in the analysis data(risk and their kind's) and how can we achieve it. Can u make a video for the same? It will be helpful for me as well as many more. thanks
Glad you like it. Can you detail out by what you mean by 'Users Risk' data? Is the PII/sensitive information you are referring to? Or if you are referring to the data within the Graph (in that case I haven't done that before).
Sure you can - Check out this video on how you can set up your local environment when using Manged Identity. ruclips.net/video/GAcFnnPxGow/видео.html The video also uses the newer Azure SDK's DefaultAzureCredential to connect the Managed Identity and get the token. Learn more in this video ruclips.net/video/TU82BTmeNeU/видео.html Let know if that helps and in case you need more info.
Check out DefaultAzureCredential part of the new Azure SDK's to connect and retrieve Azure Managed Identity tokens. ruclips.net/video/TU82BTmeNeU/видео.html
This is an alternative to using AzureServiceTokenProvider used in this video. The rest of the video is still relevant!
I am here because my husband - who does not have an account - sent me. He wanted me to like your video, because you really helped him with his work today! So, thank you very much! Keep doing this 😊
Thank you for your comment - Made my day! Glad it helped your husband 😊
I had same requirement for my work , thanks for showing us using MI
No problem 👍Glad it helped.
Nice one, thanks for sharing. However what would be really interesting is, how can I assign USER-DELEGATED permissions to the MSI? What you're doing is working with APPLICATION permissions, that require admin-consent because they are all-or-nothing permissions. But not everyone will be granted these from IT. Rightfully so, because they are too much in most cases. E.g. my service only needs to access one or two sharepoints (corresponding to the permissions a specific user has) instead of ALL sharepoints there are in the tenant.
Glad you liked it. Yes in this scenario I am using application-level permissions. If you are running in the context of a user, can you not use the same token to make the request to the resources you are trying to access? What difficulties are you facing with that?
Could make videos for user assigned manageidentities
Hi, Using the same method I was able to fetch the Groups but not the member details. MSI has the User.Read.All permissions as well, still API returns only the user ID and all other user details are null. Could you please help here.
What specific user details are looking at? Did you try this with a different azure AD application? (just to make sure it is not an setting on existing on that is causing the issue)
Hi Rahul, I like your videos and I recently subscribed to your channel, I am new to ASP NET authentication and I have a problem, I develop an app that creates users using a local jwt token that must also work with mircrosoft graph to access files, without However, the 2 tokens cannot coexist in memory (AddInMemoryTokenCache), how can I authorize a controller with 2 tokens that both coexist in memory? How can I implement the MS Graph token in a sql server cache?
thankyou this video really help me.. !
Thank you for letting know and glad it helped 😀
Hi, Rahul that was such a piece of good information!!!
I want to know can we have "users Risk" data which is shown in the analysis data(risk and their kind's) and how can we achieve it.
Can u make a video for the same?
It will be helpful for me as well as many more.
thanks
Glad you like it. Can you detail out by what you mean by 'Users Risk' data? Is the PII/sensitive information you are referring to? Or if you are referring to the data within the Graph (in that case I haven't done that before).
@@RahulNath Exactly I want that It within Graph risky users and risk detection.
Thank you for responding. Such a good contain you have.
@@RAZOR3181 Sorry I haven't done this before, so don't have a answer straight away.
@@RahulNath ok!!! In future are you planning for it?
Keep it up
If we use Managed Identity in the web app, then we can't run it locally anymore?
Sure you can - Check out this video on how you can set up your local environment when using Manged Identity. ruclips.net/video/GAcFnnPxGow/видео.html
The video also uses the newer Azure SDK's DefaultAzureCredential to connect the Managed Identity and get the token. Learn more in this video ruclips.net/video/TU82BTmeNeU/видео.html
Let know if that helps and in case you need more info.