Microsoft cloud engineer - SharePoint, Office 365, Azure, DotNet, Angular, JavaScript.
Microsoft cloud engineer - SharePoint, Office 365, Azure, DotNet, Angular, JavaScript.

VIDEO – AngularJS SPA and WebAPI SQL database secured with Azure AD – SECURITY GROUP (Part 2 of 3)

Continuing series with more detail on security.   Add C# code to detect Azure AD group membership.   When REST API call for data is made to WebAPI HTTPS endpoint we already validate Azure AD authentication token (user part of AAD).

Building upon this, we can add AAD Security Group membership detection for business logic “If user is member of HELLOWORLD group then provide data.  Otherwise access denied.”

For that, we translate the AAD Security Group into GUID number by locating the group at https://portal.azure.com.   Steps cover how to update AAD token, C# dot net code for WebAPI endpoint, and verify secrurity with Postman.  Cheers.  

shades_smile_thumb

This post is part of series with three posts:

HTTP API Test Responses

API Permission Grants

  • GroupMember.Read.All
  • User.Read

Video

Screenshots

image
image
image
image
image

References

© Copyright 2016
@ SPJeff

Return to Top ▲Return to Top ▲