Chapter 9. Consuming and exposing a web API protected by Azure Active Directory

The emphasis on API-centric scenarios is probably the characteristic that most of all sets modern authentication apart from classic federation approaches that focus on single sign-on.

The first part of this chapter explores what it takes for one app to gain access to a web API protected by Azure AD. I will explore the phases of the OpenID Connect hybrid flow that come after the authentication phase, picking up the discussion about OAuth2 where I left it back in Chapter 2, "Identity protocols and application types," and filling in the remaining details. In the code samples, you’ll learn how to use ASP.NET OWIN middleware and the Active Directory Authentication Library ...

Get Modern Authentication with Azure Active Directory for Web Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.