question

DucciAlbertoDuccio-7246 avatar image
0 Votes"
DucciAlbertoDuccio-7246 asked surabhimathur commented

correct flow of authentication in flask api and angular frontend

Hello,
i have an angular SPA as a frontend of an API written with flask. I want to protect my API with login with microsoft accounts of my organization.
What is the best way to do that?
I tried to authenticate in angular and then send the authentication token to the API but i don't know if it is safe. In addition i need role based authorization (set up in azure application) but i found that the information is only in the id_token and not in the authentication token. I read in the documentation that authentication with id_token is to be avoided because is not secure. How can i do?
Thanks for the reply,
Alberto

azure-webappsazure-ad-app-registrationazure-rbacazure-ad-microsoft-account
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

what oauth flow is being used here ?

0 Votes 0 ·

0 Answers