Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

How can we improve Azure Active Directory?

← Azure Active Directory

Allow signed JWT Bearer token flow (get user access token without password / SAML)

We will need Oauth support to get user access token without having to provide the user name password or saml assertion from ADFS.

The trust would be the certificate trust.

Other implementations from other vendors -

https://tools.ietf.org/html/rfc7523


  1. Google https://www.jhanley.com/google-cloud-creating-oauth-access-tokens-for-rest-api-calls/
    Refer to --

def createsignedjwt(pkey, pkeyid, email, scope): and
exchange that for the user access token in
def exchangeJwtForAccessToken(signedjwt):

Docusign https://developers.docusign.com/esign-rest-api/guides/authentication/oauth2-jsonwebtoken


  1. Atlassian https://developer.atlassian.com/cloud/jira/software/oauth-2-jwt-bearer-token-authorization-grant-type/


  2. Box https://developer.box.com/docs/construct-jwt-claim-manually#section-3-create-jwt-assertion


  3. Saleforce - https://help.salesforce.com/articleView?id=remoteaccessoauthjwt_flow.htm&type=0


3 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Narsi shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment

Azure Active Directory: Azure AD API

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice