I have only recently been tasked with writing some Business-type web applications, in the past many years I had mostly been working on SQL, services, and other non-client project -- so much of this is all new to me. I have had good success picking up and being productive with hosted Blazor WebAssembly. I need work through how to secure a Webassembly, so google lead me to:
While I was not very familiar with the Azure portal, the reference seemed quite detailed and I thought this would be straightforward. I tried walking through the steps to Register a server API app in an existing tenant:
- Azure Active Directory > App Registrations, New Registrations -- check
- Provide Name for the App -- check
- Choose supported account types (accounts in this organizational directory) -- check
- Leave Redirect URI options to web and don't specify a redirect URI -- check
- Clear Permissions > Grant admin consent to openid and offline_access - NOPE, no option on this screen for this, I wonder if that setting has moved or if somehow I don't the permissions to see it.
- Having no other choice to proceed, I select Register.
During a quick look, I could not find anything about openid and offline_access. Is it right under my nose, or no longer needed, is the documentation out of date, or is there an easier approach? I didn't proceed further, other than to tinker, to the client app registration as I felt the server registration was not valid. Are there any other bumps in the road on the client application registration as well?
Just for perspective, right now, I am content to just force a login verified against AAD.
Thanks for any help!
