Hi, I'm trying to use Azure AD for authentication (SSO) but for the authorization I want to manage it using my local database. Is it possible to do that? Please suggest..
You want to manage Azure AD from your local database. I am not sure what you mean by local database. But to put it simple, you can have your own custom application created, which can make calls to Microsoft Graph, in order to create update or remove objects.
@@ConceptsWork Hi, No I'm not wanting to manage Azure AD from the local database. I want to use Azure AD for SSO authentication. But for Authorization I want to use the local database because the product owner want it that way. He don't want to use Azure AD for the authorization. Once a user is authenticated using Azure AD, we want to use the table (UserRoles) for the authorization. It's a long pending issue at my side. One of my friend told me that his senior did by attaching claims to the JWT token according to the values stored in local database. P.S.: Seems, I didn't get the notification for your reply. Just noticed message now while using app.
Yes Nirmal, it is possible. You have to follow claim caching process, where some custom claims can be requested by Azure AD identity provider for the token that you are requesting. Once you have received the token save the respective claims in your database and on top of that, you can develop an authorization layer on your application. If you want to know, how custom claims are used, check this-ua-cam.com/video/4wmKLAPvU6c/v-deo.html
I added users to my organization in azure devops but in get organization users In Graph explorer am only getting one with my same logged in email id only please help me out how can I get all users I added in azure devops in my organization project
@@ConceptsWork docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http This is link which saying regarding permission and consents how can I do that not getting all confusing to me
Hi Admin, watching your video after 3 years of upload and it still is the best video. Once you have given consent in the first step (As an admin) why do you have to give consent each and everytime you access a different API? May be my question is basic. But please answer.
He has covered this in next videos. It is because MS follows incremental access. If you query different API then you should have different permission that has rights to access that API data. It helps to put more granular control over your data.
The best video on UA-cam available for MS Graph
Thanks Nikhil, happy leaning.
Thank you for explaining it in simplest way
A very clear and concise video. Thank you very helpful
Glad it was helpful!
You explain so well! Thanks!
Your concepts really work! thanks for detailing the microsoft graph concepts in simple language. It helps. Keep contributing!!
Glad, it helped.
Excellent presentation..
Glad you liked it
Please create videos for power automate
Hi, I'm trying to use Azure AD for authentication (SSO) but for the authorization I want to manage it using my local database. Is it possible to do that? Please suggest..
You want to manage Azure AD from your local database.
I am not sure what you mean by local database.
But to put it simple, you can have your own custom application created, which can make calls to Microsoft Graph, in order to create update or remove objects.
@@ConceptsWork Hi, No I'm not wanting to manage Azure AD from the local database. I want to use Azure AD for SSO authentication. But for Authorization I want to use the local database because the product owner want it that way. He don't want to use Azure AD for the authorization. Once a user is authenticated using Azure AD, we want to use the table (UserRoles) for the authorization. It's a long pending issue at my side. One of my friend told me that his senior did by attaching claims to the JWT token according to the values stored in local database.
P.S.: Seems, I didn't get the notification for your reply. Just noticed message now while using app.
Yes Nirmal, it is possible.
You have to follow claim caching process, where some custom claims can be requested by Azure AD identity provider for the token that you are requesting. Once you have received the token save the respective claims in your database and on top of that, you can develop an authorization layer on your application.
If you want to know, how custom claims are used, check this-ua-cam.com/video/4wmKLAPvU6c/v-deo.html
@@ConceptsWork Thanks :)
I'll look into it.
i need users data externalUserStateChangeDateTime is today date. how to write query
I added users to my organization in azure devops but in get organization users In Graph explorer am only getting one with my same logged in email id only please help me out how can I get all users I added in azure devops in my organization project
Please share the endpoint that you are trying to access.
@@ConceptsWork endpoint users
@@ConceptsWork
docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http
This is link which saying regarding permission and consents how can I do that not getting all confusing to me
Hi Admin, watching your video after 3 years of upload and it still is the best video. Once you have given consent in the first step (As an admin) why do you have to give consent each and everytime you access a different API? May be my question is basic. But please answer.
He has covered this in next videos. It is because MS follows incremental access. If you query different API then you should have different permission that has rights to access that API data. It helps to put more granular control over your data.
Hi.. How can i connect and get data from azure active directory in BMC Remedy tool
docs.bmc.com/docs/digitalworkplaceadvanced/35/microsoft-office-365-connector-793041478.html
@@ConceptsWork
Thanks for your reply..
I'll look into it..