Spending some time this week getting my head around how the heck you secure a web application and web API with an Azure AD identity.
We are busy planning a modernisation architecture for our legacy workflow (Nintex on MOSS2007) and in-house developed systems (mostly C# .NET WPF smart clients). With more and more of our supported apps moving to SaaS (with single sign on pointing to our Azure AD ) we need a way to securely host our internal services in a similar model out in the wild (public internet).
We are targeting Microsoft.Graph to create some Office365 integrated services as part of our workflow replacements.
Here’s a few links I’ve been working through to get started:
- Sample of a .Net core Web API authenticting against Azure AD then MS Graph… here
- Protecting a Web API… here
So far so good I’ll post some more in-depth information on what I discover on the journey.