We want to use the AAP to communicate from an Azure App to an on premise application. We want to the App to authenticate and call the Proxy Api and not delegate the user. Right now, we are able to get an token for the Resource of the Proxy Api and call the api from the application, but we get an error page (imho from the proxy api) saying "This corporate app can't be accessed right now.", with StatusCode: InternalServerError.
Calling the proxy url from an browser and Azure Authentication enabled on the proxy, and with an Azure Account logged in that browser, it works.
Calling the proxy url from an browser with Passthrough on the proxy, anonymously, it works.
Calling the proxy url from an browser with Azure Authentication on the proxy, anonymously, it return access denied.
Calling the proxy url from an Web Api hosted on Azure with a token requested on the Proxy resources and with Azure Authentication on the proxy, it fails with InternalServerError.
Is the AAP only working for use with Users and not Applications? I suspect this because in the documentation has this quote:
The client sends the token to the Application Proxy service, which retrieves the user principal name (UPN) and security principal name (SPN) from the token, then directs the request to the Application Proxy connector.
