I am a little unsure of the workflow/use scenario of this component? Is this for an enterprise that uses Azure AD, and wants to have their users login against that specific Azure AD instance? Or is this for something like the Google and Facebook logins, where the system comes back and says "yes, I have confirmed that this user is a valid user in their Azure AD, and here is a token confirming that, or here is their user information so you can run Login on your end using this information", where we would use it in a SaaS or consumer app situation?
Thanks!
J.Ja
Or is this for something like the Google and Facebook logins, where the system comes back and says "yes, I have confirmed that this user is a valid user in their Azure AD, and here is a token confirming that, or here is their user information so you can run Login on your end using this information"
Yes. The login connector uses the openID Connect inlog flow from Microsoft. After succesfull login you can retrieve a token for the logged in user to access other services.
Hi Justin,
This is an component that you can use to authenticate your users with Azure AD. You can compare it with iDP if you like with the biggest difference that iDP uses SAML to authenticate your users and MLC uses oAuth, a different authorization method.
We use this as an enterprise for all applications that require access to another internal API. All internal APIs are protected via oAuth providing a secure and seamless integration with the base application.
I hope this helps.
Greetings,
Vincent
Hello Vincent,
Can we use this component only for authorization to access Microsoft Rest APIs configured using OAuth Token? Actually, we are doing main login using IDP (SAML) and want to keep it as is and just for API authentication which has been configured using OAuth use this component?
Thanks & Kind Regards,
Sachin
Hi Sachin,
If you mean with an SPN (this application to application authentication) then no, not at this time. I will add this to the component in due time but the workload at my company is currently very high so I don't have any spare time to work on these kind of things. We have it already working in an application so we know how to do this but that is not managed via this component.