lurumad/openid.md

Last active September 25, 2018 12:13

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/lurumad/db92578de091a6301778078920edc610.js"></script>
Save lurumad/db92578de091a6301778078920edc610 to your computer and use it in GitHub Desktop.

Download ZIP

Protecting APIM with OpenId Connect

Raw

openid.md

Add OpenID Connect server

https://idsrv/.well-known/openid-configuration

Client credentials:

implicit
https://{service}.portal.azure-api.net/docs/services/idsvr/console/openidconnect/authorizationcode/callback
https://{service}.portal.azure-api.net/docs/services/idsvr/console/openidconnect/implicit/callback

Configure API in Azure Portal

Enable OpenId Connect

Explain how to configure Identity Server 4

Add new policy to validate JWT token

<validate-jwt header-name="Authorization" failed-validation-httpcode="401" failed-validation-error-message="Unauthorized. Access token is missing or invalid.">
            <openid-config url="{{OpenIdConfigUrl}}" />
        </validate-jwt>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment