ProtectedAPI is a secure API service built using Azure Functions and .NET, designed to provide protected endpoints with JWT authentication. It integrates with Azure AD B2C for user authentication and authorization, ensuring secure access to API resources.
ProtectedAPI provides a secure interface for handling requests that require user authentication and authorization. It uses JWT tokens to validate and authorize users, ensuring that only authenticated users can access protected resources.
- JWT Authentication: Secure endpoints with JSON Web Token (JWT) authentication.
- Azure AD B2C Integration: Integrates with Azure AD B2C for identity management.
- Scope-Based Authorization: Authorize users based on predefined scopes.
- Backend: .NET 8 (Isolated Worker), Azure Functions v4
- Authentication: Azure AD B2C, JWT tokens
- Configuration & Secrets Management: Azure App Configuration, Azure Key Vault
- Dependency Injection: Used for service registrations and configurations
- Deploy the functions to Azure Functions.
- Configure Azure App Configuration and Key Vault with necessary secrets.
- Ensure Azure AD B2C is correctly set up and integrated.
- MetadataUrl: URL to the metadata document used for token validation.
- ClientId: The client ID for the Azure AD B2C application.
- Issuer: The expected issuer for the tokens.
public class TokenValidationOptions
{
public string MetadataUrl { get; set; }
public string ClientId { get; set; }
public string Issuer { get; set; }
}- TestScope: The scope required for accessing the protected endpoint.
public class AuthorizationScope
{
public string TestScope { get; set; }
}