How to Authorize a Scheduled Task with a B2C protected Web API?
Question
I have a B2C protected Web API hosted on Azure. I need to create a Scheduled Task (or web Service) which will need to consume resources from the Web Api. What is the recommended approach to get the Scheduled Task to authenticate with the Web Api?
I don't think that I can use B2C in this scenario. I was thinking of using secret keys but I can't quite figure out how to set this up in Azure as well as how to update the Web Api OWIN middleware to handle both B2C and key authentication.
Here is my current Startup.Auth:
public void ConfigureAuth(IAppBuilder app)
{
TokenValidationParameters tvps = new TokenValidationParameters
{
// Accept only those tokens where the audience of the token is equal to the client ID of this app
ValidAudience = ClientId,
AuthenticationType = Startup.DefaultPolicy
};
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
{
// This SecurityTokenProvider fetches the Azure AD B2C metadata & signing keys from the OpenIDConnect metadata endpoint
AccessTokenFormat = new JwtFormat(tvps, new OpenIdConnectCachingSecurityTokenProvider(String.Format(AadInstance, Tenant, DefaultPolicy)))
});
}
Cheers!
1 answers
solution1
0 ACCPTED 2019-01-31 18:39:19
You can use Resource Owner Password Credenetial(ROPC) user flow
https://docs.microsoft.com/en-us/azure/active-directory-b2c/configure-ropc
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.