Comments on: How to use custom scopes for admin consent in Entra ID/2018/02/07/azure-active-directory-v2-endpoint-custom-scope-for-admin-consent-and-application-permissions/Professional Development, Data ScienceThu, 13 Jul 2023 04:53:21 +0000hourly1http://wordpress.com/By: Tsuyoshi Matsuzaki/2018/02/07/azure-active-directory-v2-endpoint-custom-scope-for-admin-consent-and-application-permissions/comment-page-1/#comment-39515Fri, 05 Nov 2021 07:20:32 +0000/?p=6144#comment-39515In reply to JeffR.

You can define your own scope and generate a token with that custom token. But this token should be validated with certificate in Azure AD, and “SaaS app outside of Azure” must then be federated with Azure AD in SaaS platform’s identity mechanism. (Then this validation will be submitted in SaaS application.) As you know, a variety of SaaS (Google, Saleforce, etc) has these federation mechanism along with open standards.
For details about token validation, see below.

How to verify token in Azure Active Directory


Does that (my answer) make sense?

Like

]]>By: JeffR/2018/02/07/azure-active-directory-v2-endpoint-custom-scope-for-admin-consent-and-application-permissions/comment-page-1/#comment-39494Thu, 04 Nov 2021 15:29:45 +0000/?p=6144#comment-39494Ok. Good article. Thanks a lot. But what about custom permissions defined outside of Azure.
Let’s say my app is a SaaS from a third party provider. And I would like to use AAD to manage authN & authZ to emit JWT token that contains permissions (claim “scopes”) associated to app roles or permissions allowed (consent) by admin at the time of registration of the app. Is it possible ?

Like

]]>By: peliculas latino/2018/02/07/azure-active-directory-v2-endpoint-custom-scope-for-admin-consent-and-application-permissions/comment-page-1/#comment-29716Mon, 20 Jan 2020 08:42:43 +0000/?p=6144#comment-29716I feel that is among the such a lot significant info for me.
And i am satisfied reading your article. But should observation on some common things,
The web site style is great, the articles is really great : D.
Just right task, cheers

Like

]]>By: Tsuyoshi Matsuzaki/2018/02/07/azure-active-directory-v2-endpoint-custom-scope-for-admin-consent-and-application-permissions/comment-page-1/#comment-24749Thu, 06 Jun 2019 02:03:18 +0000/?p=6144#comment-24749In reply to Random visitor.

Thank you, Random visitor-san. You’re right and now I fixed my post.
(Thanks again for your feedback !)

Like

]]>By: Random visitor/2018/02/07/azure-active-directory-v2-endpoint-custom-scope-for-admin-consent-and-application-permissions/comment-page-1/#comment-24746Wed, 05 Jun 2019 22:14:51 +0000/?p=6144#comment-24746The list of GUIDs is incorrect, e.g. one GUID is repeated twice, I guess a copy/paste error. The GUID for profile is 14dad69e-099b-42c9-810b-d002981feec1, not 37f7f235-527c-4136-accd-4a02d197296e.

Liked by 1 person

]]>By: Build your own Web API protected by Azure AD v2.0 endpoint with custom scopes | Tsmatz/2018/02/07/azure-active-directory-v2-endpoint-custom-scope-for-admin-consent-and-application-permissions/comment-page-1/#comment-1404Wed, 07 Feb 2018 08:40:21 +0000/?p=6144#comment-1404[…] : For other APIs except for “Microsoft Graph”, please see “Azure AD v2 endpoint – How to use custom scopes for admin consent“. (Added […]

Like

]]>By: How to use Application Permission with Azure AD v2 endpoint | Tsmatz/2018/02/07/azure-active-directory-v2-endpoint-custom-scope-for-admin-consent-and-application-permissions/comment-page-1/#comment-1403Wed, 07 Feb 2018 08:28:46 +0000/?p=6144#comment-1403[…] Graph, but you can also use other applications for this application permissions. See “Azure AD v2 endpoint – How to use custom scopes for admin consent” for other applications. (Added […]

Like

]]>