daohualiuxiang
/
AspNetCore.Docs
mirror of https://github.com/dotnet/AspNetCore.Docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update azure-ad-b2c-webapi.md (#5785) 

* Update azure-ad-b2c-webapi.md

Adding information about **Scope** url - how it is constructed. as this *api* part was causing a lot of issues in our dev team.

* Update azure-ad-b2c-webapi.md

removing unnecessary comas.

* Minor tweaks

* More verbiage changes

* Truncate wording

* Add missing word
pull/5786/head
Jakub Gutkowski 2018-03-23 16:01:00 +01:00 committed by Scott Addie
parent cdaa9f7ad8
commit d069d5df54
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
aspnetcore/security/authentication/azure-ad-b2c-webapi.md
View File

@ -18,7 +18,7 @@ By [Cam Soper](https://twitter.com/camsoper)
[Azure Active Directory B2C](/azure/active-directory-b2c/active-directory-b2c-overview) (Azure AD B2C) is a cloud identity management solution for web and mobile apps. The service provides authentication for apps hosted in the cloud and on-premises. Authentication types include individual accounts, social network accounts, and federated enterprise accounts. Additionally, Azure AD B2C can provide multi-factor authentication with minimal configuration.
> [!TIP]
> Azure Active Directory (Azure AD) Azure AD B2C are separate product offerings. An Azure AD tenant represents an organization, while an Azure AD B2C tenant represents a collection of identities to be used with relying party applications. To learn more, see [Azure AD B2C: Frequently asked questions (FAQ)](/azure/active-directory-b2c/active-directory-b2c-faqs).
> Azure Active Directory (Azure AD) and Azure AD B2C are separate product offerings. An Azure AD tenant represents an organization, while an Azure AD B2C tenant represents a collection of identities to be used with relying party applications. To learn more, see [Azure AD B2C: Frequently asked questions (FAQ)](/azure/active-directory-b2c/active-directory-b2c-faqs).
Since web APIs have no user interface, they're unable to redirect the user to a secure token service like Azure AD B2C. Instead, the API is passed a bearer token from the calling app, which has already authenticated the user with Azure AD B2C. The API then validates the token without direct user interaction.
@ -170,10 +170,10 @@ To make an authenticated request to the web API, a bearer token is required. Pos
| **Token Name** | *<token name>* | Enter a descriptive name for the token. |
| **Grant Type** | Implicit | |
| **Callback URL** | `https://getpostman.com/postman` | |
| **Auth URL** | `https://login.microsoftonline.com/<tenant domain name>/oauth2/v2.0/authorize?p=B2C_1_SiUpIn` | Replace *&lt;tenant domain name&gt;* with the tenant's domain name without angle brackets. |
| **Auth URL** | `https://login.microsoftonline.com/<tenant domain name>/oauth2/v2.0/authorize?p=B2C_1_SiUpIn` | Replace *&lt;tenant domain name&gt;* with the tenant's domain name. |
| **Client ID** | *&lt;enter the Postman app's <b>Application ID</b>&gt;* | |
| **Client Secret** | *&lt;leave blank&gt;* | |
| **Scope** | `https://<tenant domain name>/api/user_impersonation openid offline_access` | Replace *&lt;tenant domain name&gt;* with the tenant's domain name without angle brackets. |
| **Scope** | `https://<tenant domain name>/<api>/user_impersonation openid offline_access` | Replace *&lt;tenant domain name&gt;* with the tenant's domain name. Replace *&lt;api&gt;* with the Web API project name. You can also use Application ID. The pattern for the URL is: *https://{tenant}.onmicrosoft.com/{app_name_or_id}/{scope name}*. |
| **Client Authentication** | Send client credentials in body | |
3. Select the **Request Token** button.