Skip to content

Instantly share code, notes, and snippets.

@kevinhillinger
Created October 24, 2019 18:38
Show Gist options
  • Save kevinhillinger/ee6408f85cfd3411ace3945ae49f0eb3 to your computer and use it in GitHub Desktop.
Save kevinhillinger/ee6408f85cfd3411ace3945ae49f0eb3 to your computer and use it in GitHub Desktop.
Azure Active Directory - Securing an API with Azure API Management
{
"id": "f54fd36e-57c8-4408-a870-3ef2b3b4b685",
"acceptMappedClaims": null,
"accessTokenAcceptedVersion": null,
"addIns": [],
"allowPublicClient": null,
"appId": "da66ee7b-d762-4e19-8d7c-66a9974baeab",
"appRoles": [
{
"allowedMemberTypes": [
"Application"
],
"description": "Application permission to do something",
"displayName": "API Permission",
"id": "3ea51f40-2ad7-4e79-aa18-12c45156dc6a",
"isEnabled": true,
"lang": null,
"origin": "Application",
"value": "contributor"
}
],
"oauth2AllowUrlPathMatching": false,
"createdDateTime": "2019-10-24T15:18:13Z",
"groupMembershipClaims": null,
"identifierUris": [
"api://da66ee7b-d762-4e19-8d7c-66a9974baeab"
],
"informationalUrls": {
"termsOfService": null,
"support": null,
"privacy": null,
"marketing": null
},
"keyCredentials": [],
"knownClientApplications": [],
"logoUrl": null,
"logoutUrl": null,
"name": "Secured API",
"oauth2AllowIdTokenImplicitFlow": false,
"oauth2AllowImplicitFlow": false,
"oauth2Permissions": [],
"oauth2RequirePostResponse": false,
"optionalClaims": null,
"orgRestrictions": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [],
"preAuthorizedApplications": [],
"publisherDomain": "microsoft.onmicrosoft.com",
"replyUrlsWithType": [],
"requiredResourceAccess": [
{
"resourceAppId": "00000003-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
"type": "Scope"
}
]
}
],
"samlMetadataUrl": null,
"signInUrl": null,
"signInAudience": "AzureADMyOrg",
"tags": [],
"tokenEncryptionKeyId": null
}
<validate-jwt header-name="Authorization" failed-validation-httpcode="401" failed-validation-error-message="Unauthorized. Access token is missing or invalid.">
<openid-config url="https://login.microsoftonline.com/contoso.onmicrosoft.com/.well-known/openid-configuration" />
<audiences>
<audience>api://f54fd36e-57c8-4408-a870-3ef2b3b4b685</audience>
</audiences>
<required-claims>
<claim name="roles" match="all">
<value>contributor</value>
</claim>
</required-claims>
</validate-jwt>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment