Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
711 questions
correct flow of authentication in flask api and angular frontend
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 75%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDA%3C/text%3E%3C/svg%3E)
Ducci Alberto Duccio
1
Reputation point
Hello,
i have an angular SPA as a frontend of an API written with flask. I want to protect my API with login with microsoft accounts of my organization.
What is the best way to do that?
I tried to authenticate in angular and then send the authentication token to the API but i don't know if it is safe. In addition i need role based authorization (set up in azure application) but i found that the information is only in the id_token and not in the authentication token. I read in the documentation that authentication with id_token is to be avoided because is not secure. How can i do?
Thanks for the reply,
Alberto
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 65%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Surabhi Mathur 1 Reputation point2021-06-06T18:09:03.427+00:00 what oauth flow is being used here ?
Sign in to comment