It is known that applications from the office365 package exchange an authorization token among themselves, which is obviously somehow formed on the basis of user accounts in the Azure Active Directory. If you create a new application in Azure and select the type of authorization through the cloud in it, then in theory everything should work in the same way. In fact, if you go into any office365 application, and then go from it to my application, then the token is transferred to it. And if you try to enter my application directly, then the token also seems to form, but with errors. What is the principle of authorization in office365? Is it possible to do the same in your application?
Walter nuss
1,311 7 20
Sergey Tambovtsev Sergey Tambovtsev
292 2 nineteen
- In Office365, a token can be generated either by Azure AD or by your ADFS Server. How is the authorization of users? Through ADFS or is it just Cloud Users? - Walter Nuss
- @WalterNuss through ADFS - Sergey Tambov participants
- Then the token generates ADFS - Walter Nuss
- @WalterNuss comes out, in my application you also need to make authorization through adfs? and then the tokens will be identical? - Sergey Tambovites
- And why should the tokens be identical? How is the business task set? - Walter Nuss
|
1 answer
Since authorization occurs through the ADFS Server, it is necessary to implement authorization in the application through this server. The ADFS server generates a token (cookie) that is stored in the browser. Then, when trying to access Office365 or your application, it checks for the presence and validity of this cookie.
In the ADFS server, you will need to configure the new Claim, and then bind authentication through this key in the application. Here is the official tutorial on this topic. Here is another useful tutorial.
Walter nuss walter nuss
1,311 7 20
|