How can Azure Service Bus authenticate clients using Azure AD
Question
I created Azure service bus and clients are able to access the service bus using Shared Access Token . All this is working fine and now we want to implement authentication using Azure AD.
This is what we know so far:
- Using Azure AD we will register client(s).
- Each registered client will get an ID and Secret.
- We will use this ID, Secret and AppId (Id of service bus) to get access token from Azure AD
- This call will return an access token.
- We then pass the access token to Azure Service Bus using request headers to post or get messages.
My question is how does Azure service bus actually validates this token ? I have seen another example where API or Service which is consumed by the client, validates the access token using a program like this: https://github.com/mauliksoni/aad-token-validation/blob/main/DotNetFramewrork/validate.cs & then only user is allowed to access the token.
Ideally Service should validate the access token on its own and there should not be any need to validate tokens by externals programs.
1 answers
solution1
0 2022-08-31 00:34:07
You don't need to do any external validation, as long as the service principal got the right RBAC role to perform the desired operation(send/receive/management), the service will do the remaining token validation for you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.