How can we improve Microsoft Azure API Apps?

Access to a populated User.Identity

It would be very valueable to have Access to a "populated" User.Identity in the Controllers. Most of the the time, at least in my apps, my Apis will present user specific Content. Having a populated User.Identity would help alot.

59 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Matthias WartenbergMatthias Wartenberg shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    unplanned  ·  Azure App Service TeamAdminAzure App Service Team (Admin, Microsoft Azure) responded  · 

    Hello!

    At the moment our recommended method for checking the identity of the current user is to check several attributes added to incoming requests. This is to allow your application to go completely in and out of memory on lower priced tiers without “always-on.” Check out the tutorial below for the header names.
    https://docs.microsoft.com/en-us/azure/app-service-api/app-service-api-authentication

    We would like to have language specific auth functionality like this in the future. I am placing this item in “unplanned” to be used in future planning sessions.

    thanks for your feedback!
    Alex
    Azure App Service Team

    1 comment

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Brett StylesBrett Styles commented  ·   ·  Flag as inappropriate

        It really limits the usefulness of the API if a REST endpoint gives all users the same access rights and scope. The scenario where it returns data specific to the logged in user or group (user v admin etc) currently means two API apps one Admin and one user exposing the same REST endpoint.

        The gateway already intercepts the request to validate the token when accessing the endpoint so handing that token on to the WebApi to run an OAuth2 authorize cycle to the gateway would at least give us a way to access the claims principal.

      Feedback and Knowledge Base