❔ Calling an Azure AD protected Web API endpoint from an Azure AD protected Web App [.NET 7]
I am having trouble getting the correct flow/configuration to call my Web API Endpoint that is protected with Azure AD.
This is how the Authentication is configured on the web API currently:
The Configuration just has the details like clientId, TenantId, Domain, Audience and secret, etc.
This is how I am setting up authentication on the web app: (the only scope is an expose API from the API App registration named "WeatherForecast")
My question is, how do I get the access token to add to the authorization header to call my web api endpoint? The endpoints are role-based based on the user's roles, so is On-Behalf-Of flow the correct flow to use here? If so, I have looked at Microsoft's examples, and I am still very confused on how to achieve what I want to do. TIA!
This is how the Authentication is configured on the web API currently:
The Configuration just has the details like clientId, TenantId, Domain, Audience and secret, etc.
This is how I am setting up authentication on the web app: (the only scope is an expose API from the API App registration named "WeatherForecast")
My question is, how do I get the access token to add to the authorization header to call my web api endpoint? The endpoints are role-based based on the user's roles, so is On-Behalf-Of flow the correct flow to use here? If so, I have looked at Microsoft's examples, and I am still very confused on how to achieve what I want to do. TIA!
