Forum General

Announcement:

The Xamarin Forums have officially moved to the new Microsoft Q&A experience. Microsoft Q&A is the home for technical questions and answers at across all products at Microsoft now including Xamarin!

To create new threads and ask questions head over to Microsoft Q&A for .NET and get involved today.

Authenticating a user on Azure AFTER login, using access_token?

blmilesblmiles Member ✭✭
edited February 2020 in General

Hi All,

I'm using Auth0 as my login provider for my app. Auth0 provides an API to login with Facebook, LinkedIn, Google, MS and Apple.
This all works in the app (client-side) and I get the relevant access tokens from the various login providers.

The app then needs to sync with Azure app services (which also works in dev through an anonymous connection) using MobileServiceClient.

Since I already have relevant provider access-tokens, I want to authenticate a user on the Azure App Service simply to secure the app service and not expose it with anonymous access.

Question:
Since I already have the access-token client-side, how best to authenticate that to retrieve a resource token from App Services?

Question:
Does anyone know how I can authenticate for LinkedIn and Apple on the Azure App Service?
It would be great if MS extended that API to include those, like MobileServiceAuthenticationProvider.LinkedIn and/or MobileServiceAuthenticationProvider.Apple but that's wishful thinking :smile:

Also, once logged in to the app, I don't want users to have to login every time they use the app.

Question:
How can I persist a login and/or authentication so that the user is always logged in and authenticated?
At the moment I store the userId in the app on the device, and if that is present, I allow data sync, but through anonymous connection.

Any other ideas/approaches most welcome :smile:

Answers

  • blmilesblmiles Member ✭✭

    A bit more info:
    client = new MobileServiceClient(Constants.ApplicationURL);
    task = Task.Run(async () => await client.LoginAsync(MobileServiceAuthenticationProvider.Facebook, AccessToken));
    user = task.Result;

    This is setting up the mobile client AFTER the user has logged in. The access token has already been retrieved from the provider on login through Auth0 utility, client-side on the app.
    I THINK this will simply authorize the user on the Azure App Service.

    Assuming that is right, what can be done to authorize user if they've logged in through LinkedIn or Apple?

    FYI apple certification requires an Apple login option IF an app allows login by any other service provider, ie: Facebook etc.

Sign In or Register to comment.