Define tenant in Oauth2.0 for azure
42 views
Skip to first unread message
Pantelis Chatzikonstantinou
Jul 5, 2021, 9:19:23 AM7/5/21
to Dataverse Users Community
Hello everybody,
I am using OAuth2 login with microsoft azure and I would like to restrict logins only to my organization's accounts, but for this, I have to specify a tenant-specific endpoint, eg.
https://login.microsoftonline.com/common/oauth2/v2.0/authorize - otherwise I get an AADSTS50194 error.
By observing the code in MicrosoftOAuth2AP.java I don't see any support for specifying the tenant, although it looks very much supported in MicrosoftAzureActiveDirectory20Api.java called by it.
Since I am not very good in Java, am I missing something obvious here, or further development is needed in order to be able to select my own tenant?
Thank you all in advance,
Pantelis
Pantelis Chatzikonstantinou
Jul 5, 2021, 2:04:18 PM7/5/21
to Dataverse Users Community
Answering my own question in order to save someone else's time:
Instead of using OAuth, use openID and specify the issuer like this https://login.microsoftonline.com/{your tenant}/v2.0/
Philip Durbin
Jul 6, 2021, 11:16:35 AM7/6/21
to dataverse...@googlegroups.com
Good job figuring this out, Pantelis. If there's something in the guides that could be improved, please feel free to open an issue at https://github.com/IQSS/dataverse/issues
Thanks,
Phil
--
You received this message because you are subscribed to the Google Groups "Dataverse Users Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dataverse-commu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dataverse-community/5fa2800e-3bf1-4230-a3e0-59ab90239332n%40googlegroups.com.
--
Philip Durbin
Software Developer for http://dataverse.org
http://www.iq.harvard.edu/people/philip-durbin
Software Developer for http://dataverse.org
http://www.iq.harvard.edu/people/philip-durbin
Reply all
Reply to author
Forward
0 new messages