Is there an user-friendly way to authenticate users to my Azure API without having to pass a subscription key or token?

huangapple go评论82阅读模式
英文:

Is there an user-friendly way to authenticate users to my Azure API without having to pass a subscription key or token?

问题

我目前在Azure APIM中有一个API,需要通过在API的标头/URL中提交订阅密钥来进行身份验证。我的一个要求是尽量使API用户友好,因为不太懂技术的人将使用这个API。我想要消除输入订阅密钥的需求,而是让用户进行登录,以增加用户友好性。

我还没有获得公司的访问权限来创建Azure AD B2C租户,但通过研究(以及之前在这里提问),我认为使用Azure AD B2C可能是我的解决方案。据我了解,使用B2C,用户需要使用其登录信息获取JWT令牌,并使用该令牌对其进行身份验证。问题是,对于不习惯处理密钥和访问令牌的人来说,仍然不够用户友好。

我想知道是否有一种方法可以在用户尝试访问我的API时对其进行身份验证,而无需提供某种授权令牌/密钥,只需一个简单的登录系统。如果我对Azure AD B2C的理解有误,请告诉我,因为我对它仍然非常不熟悉。

英文:

I currently have an API in Azure APIM that requires authentication through submitting a subscription key through the header/url of the API. One of my requirements is that I make the API as user-friendly as possible, as less tech-savvy individuals are going to use this API. I want to remove the need to input a subscription key, and rather just have the users sign in for user-friendliness.

I have not gained access yet through my company to create an Azure AD B2C tenant, however through research (and previously asking asking here) I thought that using Azure AD B2C would be my solution. From what I understand with B2C, users need to obtain a JWT token using their login information and use this token to authenticate themselves with the API. The issue is that it's still not very user-friendly for people who aren't used to dealing with keys and access tokens.

I was wondering if there was a way to authenticate users when they try to access my API without providing some sort of authorization token/key, with just a simple login system. Also if my understanding of Azure AD B2C is incorrect please let me know as I am still very inexperienced with it.

答案1

得分: 1

你可以在调用APIM中的API时取消输入订阅密钥的需求,方法如下:

Is there an user-friendly way to authenticate users to my Azure API without having to pass a subscription key or token?

如果您想要使用任何产品但不想使用订阅密钥进行身份验证,请取消选中该特定产品的订阅密钥选项。

Is there an user-friendly way to authenticate users to my Azure API without having to pass a subscription key or token?

Is there an user-friendly way to authenticate users to my Azure API without having to pass a subscription key or token?

自动启用用户使用Azure AD登录到API管理

Is there an user-friendly way to authenticate users to my Azure API without having to pass a subscription key or token?

请注意,一旦启用Azure AD提供程序,指定Azure AD实例中的用户可以使用Azure AD帐户访问APIM中的API。有关更多详细信息,请参阅此github链接

英文:

You can remove the need to input a subscription key while calling an API in APIM as below-

Is there an user-friendly way to authenticate users to my Azure API without having to pass a subscription key or token?

If you want to use any Product but don't want to use the subscription key authentication, then uncheck the subscription key option from that specific Product.

Is there an user-friendly way to authenticate users to my Azure API without having to pass a subscription key or token?

Is there an user-friendly way to authenticate users to my Azure API without having to pass a subscription key or token?

> Automatically enable the user sign-in to the API management using Azure AD

Is there an user-friendly way to authenticate users to my Azure API without having to pass a subscription key or token?

Please note, once the Azure AD provider is enabled, users in the specified Azure AD instance can access the API in the APIM using an Azure AD account. Refer this github link for more details.

huangapple
  • 本文由 发表于 2023年6月22日 03:49:21
  • 转载请务必保留本文链接:https://go.coder-hub.com/76526681.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定