Authentication and Authorization

• Authentication is process of verifying the username and password.
• The lifetime of access token is between 60-90 minutes.

API and Authorization

• Having multiple API and DB also helps with security since there are different auth token for every resource,

user_claims,groups_claims

• The short answer is that claims are in most cases the same as an attribute or property of the user object. Claims are usually key/value-pairs attached to the user object in some way. For instance the user Bob could have a claim with the name “email” and the value “bob@contoso.com”
• Good article aboutMicrosoft_Graph_API and claims, https://aadguide.azurewebsites.net/claims/

OAuth 2.0

• oauth.net
• Authorization code flow.
• 
• 
• 
• man_in_the_middle attack can happen if token comes to UI.
• 
• 

Authentication bypostman

• 
• There are different type ofgrant_types in OAuth 2.0 and we will be looking at Authorization Code flow here,
• There are different API in Azure, to get the blob in Azure Storage Accounts, here is the API that gives URL with request details,

Lab- CB- Adding Authentication

• Add redirect URI in the configuration,
• Application permission can be configured here.
• Put callback URL inappsettings_json

Lab- CB- Adding Sign-in-out

• These libraries can be used to add Authentication and Authorization in Azure,
• The Nuget package is Microsoft.Identity.Web.UI, I don’t want for Azure Web App, is this for same?
• IsRazor_pages required for AZ204? To get answer for same I can either go through a mock exam or ask in reddit. Same is getting included here,
• Q. What is the difference betweenRazor_pages and Azure Web App?

Lab- CB- Getting User Claim

Lab- CB- Getting Group claims

Lab- CB- Protecting our Web API

Questions

• Do user has access for an image for an account, how to check this?
• Check for permission for Azure Storage Account.
• OAuth doc to be checked on oauth.com
• What is authorization code flow here? Onwer is owner of resource and user is someone trying to accesss app.
• Q. How do Authorization code flow work?
• Q. What isman_in_the_middle attack in Hacking?
• Q. How do OAuth work when we login to Azure?
• Q. What aregrant_types in OAuth?
• Q. In Program.cs where is the key vault code?
• Q. Is there any SQL Nuget package for Azure? Azure identity and key vault have different package but for SQL, system package is getting used, System.Data.SqlClient.