{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Anthone 的问题《Howto login to Azure hosted and Active Directory p》','https://www.manongdao.com/q-733711.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am trying to login to my Java API backend app hosted in Azure and protected with Activty Directory.
In this article I read to make this call for receiving the token:
But how to find out which state and which nonce to set for my own API backend app?
Just using the state and nonce from above example leads me to a response with a so called flowToken. Is this the type of token I have to send as also stated in the referred article? See this part:
I just would like to have a frontend app to securely connect to the backend app automatically without typing in user credentials.
Please do NOT tell me to use ADAL. Because that's what I already tried and what did not work. As you can see here.
As the authorization grand flow contains several url redirects, which is difficult to implement on SPA. You need to implement OAuth2 implicit grant flow in Azure Active Directory (AD) on client side by your own, which is also ADAL for JS done. You can refer to https://docs.microsoft.com/en-us/azure/active-directory/active-directory-authentication-scenarios#single-page-application-spa for more info about the work flow.
And the easiest way to go through the AAD in SPA is to use ADAL for JS. And according to your question Access to azure hosted API App denied by CORS policy, you can try to set the configuration of the AAD application which is protecting your backend server. I.E.
Try to use the client id in
theEndpointsvariable to set into theadalAuthenticationServiceProvider.initfunction. It works fine on my test project.Any further concern, please feel free to let me know.