堆栈内存溢出
  简体   繁体   English

使用 Azure Active Directory 作为身份验证方法时,SqlClient 如何获取 Azure SQL 服务器的“范围”?

[英]How does SqlClient gets 'scope' of Azure SQL Server when using Azure Active Directory as authentication method?

 原文  2022-07-25 06:39:31       azure-active-directory/ azure-sql-server/ sqlclient/ microsoft-data-sqlclient

问题描述

As I understand that for getting selective authorization for a protected resource using Azure AD based OAuth 2.0 mechanism, client application need to mandatorily provide the scope URL for getting access token. As I understand that for getting selective authorization for a protected resource using Azure AD based OAuth 2.0 mechanism, client application need to mandatorily provide the scope URL for getting access token. Other parameters usually include client ID, client secret (in case of Service Principal auth flow), Azure AD username and password, etc.其他参数通常包括客户端 ID、客户端密码(在服务主体身份验证流的情况下)、Azure AD 用户名和密码等。

SqlClient has integrated Azure AD OAuth mechanism with SqlClient for authorizing a database connection. SqlClient 已将 Azure AD OAuth 机制与 SqlClient 集成,用于授权数据库连接。 So, I guess SqlClient also need these parameters for establishing an connection to Azure SQL server using Azure Active Directory authentication method.所以,我猜 SqlClient 也需要这些参数来使用 Azure Active Directory 身份验证方法建立与 Azure SQL 服务器的连接。 But I don't see that it accepts any scope from the client application.但我没有看到它接受来自客户端应用程序的任何 scope。 How does SqlClient gets scope for a particular Azure SQL server instance? SqlClient 如何为特定的 Azure SQL 服务器实例获取 scope? I see that it gets something as Federated Authentication Info from server but I don't understand it completely.我看到它从服务器获得了联合身份验证信息,但我不完全理解。

1 个解决方案

解决方案1
 0  2022-07-26 03:34:40

The scope required for SQL Servder Authentication access tokens is https://database.windows.net/.default which stands for default scopes/permissions for https://database.windows.net/ resource. The scope required for SQL Servder Authentication access tokens is https://database.windows.net/.default which stands for default scopes/permissions for https://database.windows.net/ resource.

Once an access token is obtained you pass it trough the SqlConnection.AccessToken property.获得访问令牌后,您通过SqlConnection.AccessToken属性将其传递。

Cheers干杯

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用Active Directory身份验证在databricks中连接到Azure SQL Server - How to connect to Azure SQL Server in databricks using active directory authentication Azure SQL 使用 Azure Active Directory 进行身份验证 - Azure SQL authentication using Azure Active Directory 如何使用 Active Directory 身份验证从 Tableau Desktop 访问 Azure SQL 服务器/数据库 - How to Access Azure SQL Server/Database from Tableau Desktop using Active Directory Authentication 将 Liquibase 与 Azure SQL 和 Azure Active Directory 身份验证结合使用 - Using Liquibase with Azure SQL And Azure Active Directory Authentication 使用 Azure Active Directory 进行身份验证 - Authentication using Azure Active Directory 使用 Azure Active Directory 的 Azure Function 身份验证 - Azure Function authentication using Azure Active Directory 使用 Azure Active Directory Service Principal 身份验证为 Keycloak 配置 SQL 服务器 - Configure SQL Server with Azure Active Directory Service Principal authentication for Keycloak 当身份验证类型为 azure 活动目录时,通过 Python 连接到 sql-server - connecting to sql-server via Python when authentication type is azure active directory 您可以使用 sql server 别名通过活动目录集成身份验证连接到 azure 吗? - Can you use a sql server alias to connect to azure using active directory integrated authentication? Azure SQL 数据库活动目录密码认证使用 powershell - Azure SQL Database Active Directory password authentication using powershell
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM