Can custom (non-azure) service be a accessed using Azure managed identity?
Question
I am trying to utilize azure managed identities to provide me a way to authenticate/authorize actions on a non-azure service. I want to integrate my own service - as an oauth2 resource server.
I would like to be able to validate the received oauth2 token (assigned to an azure managed identity) in my own service, and based on the information in the valid token decide on further action.
I was trying to use an app registration for that purpose, but i haven't found a way how to link this with my desired managed identity.
I would appreciate an advise in this topic very much.
Thanks, Lukas
1 answers
solution1
0 2020-08-26 19:20:11
Every managed identity is backed by a service principal which can request permissions exposed trough Azure AD applications (resources). You just need to register an Azure AD Application and declare some roles (AKA application permissions) . In your token request add the resource=<your resource app id uri> or scopes=<your resource app id uri>/.default parameter.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.