Published On May 15, 2020
In this video, Matthijs Hoekstra explains how developers can use the Microsoft identity platform to implement authorization that protects APIs.
Code samples for Microsoft identity platform: https://aka.ms/DevTrainingSeries/Samples
Documentation for Microsoft identity platform: https://aka.ms/DevTrainingSeries/Docs
The basics of protecting an API 0:31
Using the Azure portal to setup protection of APIs - 3:42
Using and validating access tokens - 7:00
Enabling application permissions - 9:48
Demo: validating access tokens - 12:50
Why do you need custom validation behavior? - 19:06
Determining effective permissions in your code - 20:58
Example access tokens from different authentication scenarios - 25:55
APIs calling APIs: "on behalf of" flow - 29:26