This repository has been archived by the owner on Jul 5, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 126
Service to service calls on behalf of the user
Navya Canumalla edited this page May 19, 2018
·
2 revisions
Web API cannot have any user interaction, and therefore when a web API (named "first Web API") needs to call another Web API (named "second Web API") in the name of a user, it needs to use the On Behalf Of OAuth 2.0 flow.
This flow is a confidential client flow, and therefore the first web API provides client credentials (client secret or certificate). However, it will also provide another parameter named the userAssertion. The first web API will receive a bearer token and send it to Azure AD by embedding it into a user assertion to request another token to the downstream second Web API.
| Returns | Method |
|---|---|
Future<AuthenticationResult> |
acquireToken(String resource, UserAssertion userAssertion, ClientCredential credential, AuthenticationCallback callback) |