0
votes

I'm developing an infrastructure that allows different applications in the organization to produce and consume events from/to azure event hub. Each application has a backing AD application and service principal with Event Sender/Reciever Role assignments. We are using kafka client to produce/consume events to the hub and oauth for authentication.

When the client connects, it sends the client id and secret to Azure AD and receives a token to auth with. We need to authenticate the client not only with azure AD, but also with our organization authentication service. Is there a way to configure azure oauth to call some external service (with some headers or some parameters) for authentication, before returning the token to the client?

enter image description here

Any reply will be much appreciated.

Thanks!

1

1 Answers

1
votes

That's not possible using Azure AD only. You will need an API that can authenticate your clients against both.