i have a react web app
i want to get active directory user information and check it if in a AD group
is that possible ?
What would be the way to make thid kind of api?
Yes, it's possible. You can use Microsoft Graph API. IMHO, you want to use AD as a Single Sign-On Authentication Server. If you haven't found a good post or tutorial how to do this yet, you can refer: Sign in users and call the Microsoft Graph API from a React single-page app (SPA)
Related
We have a chat interface that we allow our partners to embed into their websites and web apps using a JS snippet. We want to expand to integrating with native apps using WebViews.
I am seeking an approach to verify that our snippet is only running in specific apps.
As an example: A similar functionality that is easily achieved in web apps is a domain check.
A partner / client gets a JS snippet or a URL and a key,
on page load it looks up the partner details using the key,
if they're active and approved for this service,
check the requesting domain against a list of whitelisted domains for this key.
Is it possible to uniquely identify a native app from a JavaScript function that is running in a WebView to verify the app? Perhaps - are app store unique app IDs accessible from within a WebView?
Thank you
No, it is not possible to uniquely identify a native app from a JavaScript function that is running in a WebView.
"No" is a hard answer to find on the web. Phone a friend informed me that while some native information and functionality is accessible from within WebViews, the app ID or bundle identifier is not exposed programmatically. Of course a developer could add it, but that's not helpful in verification.
I would like to add an Azure AD configuration to my React&Node.js project. What I want is to log in on Frontend using Azure AD and then send a request with f.e axios to my backend written in Node.js, so that Node.js knows that the user is logged in and can perform the request. I was reading tutorials/documentation on Microsoft site for all day, but I still don't know how and where to start. Basically, almost every Microsoft Tutorial is either to call a Microsoft Graph API from Node.js or from React.js. I completely do not want to use Microsoft Graph. I just want to have simple login on frontend and protected endpoints from un-logged user on backend. The other tutorials that I find are too complicated f.e https://github.com/Azure-Samples/ms-identity-javascript-react-tutorial/tree/main/3-Authorization-II/1-call-api . I understand the concept of App registration, client id, tenant id and etc. but I simply don't know how to write a code that: login, send the request with token - then is accepted/declined by Node.js .
If by any chance, somehow did an application like that, or can provide me a link to a well written tutorial, so I would understand and recreate it in my scenario, I would be grateful.
I've currently got a REST API (written in Java using Spring) and a frontend for that API (written in Javascript using Express) which will query that API for the data to display. I've not gotten too far along in the frontend, and wanted to add in my Authorization/Authentication. I would like to use Azure Active Directory (AAD) for this - we have users in AAD, so this is what we're pursuing. I understand that I can use the MSAL.js library to get an access_token that I can then send to my Java REST API for validation. However, I'm not able to find any decent documentation or examples for this specific case, though. I see a some Javascript Single Page Application (SPA) documentation and examples, but seeing as this is AuthN/AuthZ, I don't want to have a kinda correct solution, because this is important stuff. I also want to make sure I'm handling caching, sign outs, etc, in the right manner.
If anyone could point me in the direction of some documentation, examples, readings, etc, I'd be very appreciative!
Thanks!
You can use MSAL.js to easily integrate with the front end of your API for authentication/authorization of your users.
For java web apps, you can use the MSAL4J authentication library, so that the application can be integrated with the Microsoft identity platform. It allows you to log in to a user or application using a Microsoft identity (Azure AD, Microsoft account, and Azure AD B2C account) and obtain a token to call the Microsoft API.
For more details, please check:here.
I am creating a meteor app. I successfully implemented the facebook login but now the last feature I should implement is to create a chat (involving facebook messenger) between the page(admin) and the user. It should happen through the app. Could I do that with meteor or I should use javascript. The second question, if it is not possible with meteor is how to initialize the messenger conversation, if I by using the facebook user Id which I already know from the registration. I know that there are a lot of discussions about the graph-api but I could not find anything which includes meteor.
You can utilize in app deep linking to direct a user to the messenger.
fb-messenger://user/%s
the %s represents the user-id of the user who will receive the message!
Android as well as iOS will handle these requests properly.
We are looking for your input regarding architectural design of a Javascript API and a .Net (Rest) API.
Background
We are building an enterprise solution with several different channels (Site, App etc) that are consuming data through a service layer, or API. The API is on one hand a .Net WebAPI that are communicating with the business layer but we are also thinking of wrapping external Javascript services (Communication with Google Maps, Google Analytics, Social Login etc) in some sort of API, or maybe SDK. The idea is to have the possibility to quick change components in the Javascript Library (Replace Social Login Provider with someone else).
What is your ideas regarding the Javascript? Should that just be a SDK that wraps other libraries?
Thank you,
Robert
I think it will depend on how much control you want to give to your client side development groups. If the UI development group is faster (and on different release schedules) than the group that manages this SDK, then the SDK will just get in the way (unless they are in lock step with the UI group). It would be better to just give them access to the server side APIs then let me compose the page as they see fit.