0

I want to fetch the token in a way where I can use username password of the users added in the Azure AD for fetching the token without redirecting it to the microsoft or google login page and without using Azure AD B2C or without creating a seperate login api in .net web api project.

I have created a web api project in .net 6. I have publised the same in Azure APP Service along with API Management.

I have added the Azure AD Microsoft Authentication layer in the APP Service where my web apis are published. Now to access the Web APIs I have to fetch the access token from the token endpoints given in the App Registrations where I have to add client id and secret for the fetching the token.

What all things I need to change or update in order to create such type of login authentication?

Shailja Atkotiya
  • 21
  • 2
  • see if this is what you are looking for https://stackoverflow.com/questions/65971268/securing-rest-api-calls-in-spas-using-msal-js-with-azure-active-directory-how – Anand Sowmithiran Aug 03 '23 at 07:58
  • Refer this [MSDoc](https://learn.microsoft.com/en-us/azure/active-directory/develop/scenario-web-app-call-api-acquire-token?tabs=aspnetcore) once. – Harshitha Aug 03 '23 at 11:33

1 Answers1

0

What you are looking for is called the Resource Owner Password Credentials flow.

But as mentioned thoroughly in the documentation, this flow is not recommended unless no other flow fits your scenario.

While it may be a little extra overhead in the beginning, Azure AD B2C with its ability to customize the login page is usually the perfect choice for most user facing applications.

And if the UI itself is not the problem and it is not a B2C scenario, the Authorization Code Flow is the most used flow with not only Azure AD but most other OAuth 2.0 / OpenID Connect identity services.

PramodValavala
  • 6,026
  • 1
  • 11
  • 30