Skip to content

Authentication/Authorization - Conceptual Questions #1888

Discussion options

You must be logged in to vote

Not sure how Azure AD works, I assume it is using OAuth 2.0 / OpenID Connect with a bearer token since you are referring to claims transformation.

the fastest possible solution is if the downstream services don't do shit, we configure the Azure AD auth on Ocelot level only

That's a way to do it.

That's fine I guess, but with this way claims won't be extracted automatically by the downstream services (...) I couldn't find any simple solution on the Internet to make a downstream service to accept the JWT token coming from the gateway.

By default Ocelot is forwarding headers, so Authorization header should forward the access-token as-is to downstream apis. You could parse the token there…

Replies: 1 comment 1 reply

Comment options

You must be logged in to vote
1 reply
@raman-m
Comment options

Answer selected by raman-m
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
question Initially seen a question could become a new feature or bug or closed ;)
3 participants
Converted from issue

This discussion was converted from issue #1530 on January 06, 2024 14:39.