Difference between Azure AD B2C token and Azure AD token
I'm trying to validate token from the request header in API level. The token can be from Azure B2C or Azure AD depends on the way that the API get called. Are there any ways to distinguish the two from token itself or request? or I need the caller to send something t开发者_JS百科o indicate which token is which l?
I use similar method as following to validate the token, I tested it with B2C and it works fine
Validating the token recieved from azure ad b2c using the Values from "jwks_uri" endpoint
I’m assuming I can validate Azure AD token in the same manner but with different parameters. But not sure how to distinguish the two tokens, so I can pass in correct parameters.
From your question, I assume that these both are JWT access tokens. You will probably have the same method of validating them. (eg. if you use a client library, and have a function like token.validate(jwtConfig)
, the answer is probably yes, you will need the same function with the same config in both token type cases.)
精彩评论