API Authentication with OAuth using Azure AD

Показать описание

Join this session to learn how to secure Web API’s using OAuth2 and Azure Active Directory using Client Credential flow ( Client ID + Secret ). The most common scenario is when your application has a resource ( api ) that needs to be securely consumed by one or more non interactive clients (e.g console apps or bash scripts). This pattern allows each client to have their own credentials to access the secure resource. With this approach, app team can control each client and provides ability to rotate the client secret or disable access to resource entirely.

Рекомендации по теме

Комментарии

One of the best presentations I've ever heard in a short duration. Outstanding. hope more such videos will be made.

nagbalkur

Excellent talk! Succinctly hit on the core points, showing exactly how to implement the security setup. Thank you!

wayneschroder

I spent close to 4 days looking for a good demo on client + API registration and usage. This video saved me finally! Thanks a lot. It's amazing how many talentless people upload tech videos these days.

jshriram

Great explanation. Concise, straight to the point, clear. I was confused a bit after reading Zscaler's guide to OAuth2.0 setup and this video put everything in order. Thank you.

tymofiidmytrenko

This video tutorial was so good. Got clear understanding of how app registrations work and most importantly how resource side integration with AAD works. Essentially AAD is a middle trusted entity that both client and resource registers, and then we introduce the concept of roles to better manage permissions, which would have been a hassle otherwise as we'd have to assign and validate permissions from resource code side for each client on a case to case basis.

o_nana

One of the best presentation so far I have learnt OAuth and utilisation in APIM. Thank you !!

sumitdas

Excellent, core points well explained with no workarounds. Thanks for the tutorial

amarantes

Thank you very much for this tutorial gentlemen!

horariojoselo

Thanks for sharing this resource, I am implementing this in a new system and it helps me a lot!

morelias

You're a life saver. I spend an insane amount of time on this.

SlamSector

Great presentation. Very clear explanation.

alanmangroo

Really good video! Thanks for sharing!

OCARBALO

Excellent content and presentation too!! Thanks for shating

dineshghegade

This a really good tutorial, thank you so much. !!!!

faithyintii

Finally found the step to setup azure ad and step to get access token without the need to login.

hiicharles

Honestly really great presentation. I almost feel a bit bad because it looks like people didn't have any questions and looks like they were a bit disengaged from the presentation because of that, but maybe that's not the case and they were paying attention in the call. Either way I just wanted to say thanks, your presentation was incredible, exactly what I needed for my use case.

The only thing that I'd say is I wish you showed the Graph Explorer right after assigning the role when you said there's multiple ways of doing this. Because when I heard I need that consent to move forward I stopped, looked for the admin, sent a bunch of emails, waited a couple days to get the access, and then I continued the video and found out it was possible to do it by myself using the Graph Explorer. That would be the only thing that I'd change, I'd just put that right after that manual role assignment so that people know right away that there is another way without waiting for admin approval and how to do it.

But really great demo, loved it, keep up the good work!

os-ng

very interesting video. Do you have a video or sample with net core 5 web api and client? using the actual AD B2C?

samuelgit

How to use Bearer <token> Oauth using ADF pipeline ? I tried but not clear about how to do it...

Kunal

Nice video.... A perfect explanation, this is what I was looking for. Hit the like gonna share with my colleagues and also Channel Subscribed channel as i'm gonna need more such understanding related to Azure. Thank You!

niteshkhambe

This was very helpful. Any idea on how to configure scopes when there are 2 App registrations involved? Should the scope of Consumer match the Resource?

harshildoshi

API Authentication with OAuth using Azure AD

API Authentication with OAuth using Azure AD

Protect an API in Azure API Management using OAuth - Step-by-Step Tutorial

Web API Security | Basic Auth, OAuth, OpenID Connect, Scopes & Refresh Tokens

OAuth 2 Explained In Simple Terms

OAuth 2.0 explained with examples

oAuth for Beginners - How oauth authentication🔒 works ?

OAuth 2.0 access tokens explained

Implement OAuth 2.0 Authorization, ASP.NET web API

What is OAuth? How does Open Authorization Work?

Securing Your APIs with OAuth 2.0 - API Days

How to OAuth 2.0 Authorization with Postman | Generate Google Access Token in Postman | Step By Step

Authorize Google APIs Using OAuth 2.0

OAuth 2.0: An Overview

Implement OAuth 2.0 in Python using your Client Credentials

24. OAuth 2.0: Explained with API Request and Response Sample | High Level System Design

Generating access token for OAuth 2.0 programmatically automation purpose

What is OAuth2 Authentication Example | Short Explanation | Tutorial for Beginners

OAuth 2.0 Implementation with Spring Security and Spring Boot | Full Example

Auth0 in 100 Seconds // And beyond with a Next.js Authentication Tutorial

Setup Google OAuth sign in 6 minutes

Authentication to Google API Services | Enable Credentials for Google API Services

OAuth Vs JWT | What is the difference? | Tech Primers

Exploring API Authentication Methods: From HTTP Basic to OAuth 2.0

OAuth 2.0 Explained - Authentication Example using OpenID, JWT and Opaque Tokens