Search code examples
facebookazureazure-web-app-serviceazure-app-service-plansazure-authentication

azure app authentication/authorization between apps

I have an azure mobile all that uses authentication/authorization with facebook, everything is setup and working on my mobile app, I’m able to authenticate with facebook and get an access token.

I also have a web app (ODATA) hosted in azure and also uses authentication/authorization with facebook and its also working fine if I try to access the ODATA service it redirects me to facebook to login.

According to this article (https://azure.microsoft.com/en-us/blog/announcing-app-service-authentication-authorization/) I should be able to silently or programmatically send the access token from the mobile app to the web app by sending a json with acces_token key.

The may question is how I do this, is that access token in the header or where should I write it I can find any information from it. I would really appreciate a code example or an article that can guide me to accomplish my task

Solution

  • The may question is how I do this, is that access token in the header or where should I write it I can find any information from it. I would really appreciate a code example or an article that can guide me to accomplish my task.

    Based on my understanding, you are using Client-managed authentication for independently contacting the facebook then retrieve the access_token from facebook, then you could leverage the access_token to login with your azure mobile app backend.

    Also, you have a Azure Web App uses authentication/authorization with facebook and use the same facebook App ID. Then you want to leverage the access_token in your mobile client to access your another Azure Web App. At this point, you could login with your azure web app and retrieve the authenticationToken as follows:

    POST https://{your-app-name}.azurewebsites.net/.auth/login/facebook
Body {"access_token":"******"}

    enter image description here

    Then, you could leverage the authenticationToken and set it as the x-zumo-auth header when accessing your azure web app as follows:

    Get https://{your-app-name}.azurewebsites.net/api/values
Header x-zumo-auth:{authenticationToken}

    enter image description here

    Additionally, you could create your custom Web API endpoints within your azure mobile app, details you could follow adrian hall's book about Custom HTTP Endpoints.