Chandra sekhar
Reputation: 406
Can we use Id token to access webapi
I am totally confused with id token and access token. I saw in many articles saying access token can be used to call webapi but can we use id token aswell to call and authenticate webapi
Upvotes: 1
Views: 356
Answers (1)
SunnySun
Reputation: 1935
You should not use id token to access a protected Web API.
ID Tokens should be used to get information about a user - it should not be used for authorization in place of an access token.
Access tokens enable clients to securely call APIs protected by Azure.
Note that Access tokens are signed (and might get encrypted), whereas ID tokens are not.
Upvotes: 2
Related Questions
- ASP.NET Web API - How to acquire access token in Azure AD's token URL
- Asp.net core API authenticate with AzureAD Token
- Login to my API using an Azure AD JWT (id_token)
- how to validate azure active directory token in webapi
- Azure AD using token from client application in Web API
- How to fetch Azure ID Token to use for authorization within webapi?
- Azure Active Directory Token
- Azure AD and Group-based authorization with token in Web API
- How to generate token for WebAPI who is hosted on Azure AD?
- Azure Active Directory Verify Access Token in Web Api outside of Azure