Reputation: 958
How to use Azure AD for authenticate users for third-party applications?
I didn't touch AAD before, but I have to use it for authenticate users for my REST service.
I have a mobile client that can authenticate a user on AAD with OAuth2. As a result it has a bearer token.
This bearer token mobile client should use as a parameter in a request for protected REST service.
REST service is a Java-based application (spring-boot) and it was registered in AAD as a Web application, but I can not find a way how it can connect to AAD for check is token valid or not.
I expected to have something like /oauth2/check_token endpoint that can take a token value and return a user data, but I didn't find anything.
Is it possible to use AAD for authentication users for third-party applications and if yes, how to do it?
Upvotes: 0
Views: 1616
Answers (1)
Reputation: 23436
The token issued by AAD is a signed JWT token. You do not need to communicate with AAD to verify the token is valid. If you trust the issuer (AAD) and the token is valid (correct audience, valid signature, not expired etc.), you accept the claims in the token.
See this article for the steps to validate the JWT token.
Upvotes: 2
Related Questions
- How can I use Azure AD to authenticate for Azure .net API calls?
- Azure AD Authentication through restful api
- Create API to authenticate users to azure active directory
- Azure oauth with external authentication service
- Proper OAuth flow using Azure AD to authenticate a internal, single-tenant mobile app
- How is it possible to authenticate an application using Azure AD
- Authenticating a user in Azure AD through a web api?
- Azure AD and Office 365 authentication for apps
- Azure API APP authentication using Azure AD
- Need Guidance Implementing OAuth 2.0 in ASP.NET App