英文:
Is there an user-friendly way to authenticate users to my Azure API without having to pass a subscription key or token?
问题
我目前在Azure APIM中有一个API,需要通过在API的标头/URL中提交订阅密钥来进行身份验证。我的一个要求是尽量使API用户友好,因为不太懂技术的人将使用这个API。我想要消除输入订阅密钥的需求,而是让用户进行登录,以增加用户友好性。
我还没有获得公司的访问权限来创建Azure AD B2C租户,但通过研究(以及之前在这里提问),我认为使用Azure AD B2C可能是我的解决方案。据我了解,使用B2C,用户需要使用其登录信息获取JWT令牌,并使用该令牌对其进行身份验证。问题是,对于不习惯处理密钥和访问令牌的人来说,仍然不够用户友好。
我想知道是否有一种方法可以在用户尝试访问我的API时对其进行身份验证,而无需提供某种授权令牌/密钥,只需一个简单的登录系统。如果我对Azure AD B2C的理解有误,请告诉我,因为我对它仍然非常不熟悉。
英文:
I currently have an API in Azure APIM that requires authentication through submitting a subscription key through the header/url of the API. One of my requirements is that I make the API as user-friendly as possible, as less tech-savvy individuals are going to use this API. I want to remove the need to input a subscription key, and rather just have the users sign in for user-friendliness.
I have not gained access yet through my company to create an Azure AD B2C tenant, however through research (and previously asking asking here) I thought that using Azure AD B2C would be my solution. From what I understand with B2C, users need to obtain a JWT token using their login information and use this token to authenticate themselves with the API. The issue is that it's still not very user-friendly for people who aren't used to dealing with keys and access tokens.
I was wondering if there was a way to authenticate users when they try to access my API without providing some sort of authorization token/key, with just a simple login system. Also if my understanding of Azure AD B2C is incorrect please let me know as I am still very inexperienced with it.
答案1
得分: 1
你可以在调用APIM中的API时取消输入订阅密钥的需求,方法如下:
如果您想要使用任何产品但不想使用订阅密钥进行身份验证,请取消选中该特定产品的订阅密钥选项。
自动启用用户使用Azure AD登录到API管理
请注意,一旦启用Azure AD提供程序,指定Azure AD实例中的用户可以使用Azure AD帐户访问APIM中的API。有关更多详细信息,请参阅此github链接。
英文:
You can remove the need to input a subscription key while calling an API in APIM as below-
If you want to use any Product but don't want to use the subscription key authentication, then uncheck the subscription key option from that specific Product.
> Automatically enable the user sign-in to the API management using Azure AD
Please note, once the Azure AD provider is enabled, users in the specified Azure AD instance can access the API in the APIM using an Azure AD account. Refer this github link for more details.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论