azureAD

Azure AD OBO Flow With App Proxy And Azure API Manager

ArchitectureBackend App: App ProxyService Principal ConfigurationAzure APIM Configuration and PolicyComparing Access TokensOBO Flow LimitationsConclusionArchitecture The end-user makes an autheticated request to the middle tier/OBO application. Token audience: OBO application The OBO application validates the access token from the user The OBO application requests a new access token from the backend application on behalf of the user the OBO application forwards the request on-behalf of the user with the new token that has its (the OBO app) client ID as audience Backend App In my use-case, I configured an internal backend app using Azure AD App Proxy
Read more