如何撤销Azure Ad Oauth令牌?
我设置了基于Azure Active Directory(AAD)的身份验证并收到Azure Ad Oauth令牌,以开始探索Microsoft Dynamics 365 Business Central API( https://learn.microsoft.com/en-us/dynamics365/business-centrals-central/busines-central/dev-iitev-itpro/developer/developer/devenv -Develops-connect-Apps )。
现在,当用户想与我的应用程序断开连接时,我需要一种撤销令牌(上述)的方法。 我试图找到一个端点,例如.../oauth2/deauthorize,并以data = {'refresh_token'':< my-- my--刷新token>}和headers = {'授权':< my-client-id-client-cret-secret-pair>}。
但是我没有设法找到这样的解决方案:(任何人都可以帮我
I set up Azure Active Directory (AAD) based authentication and received Azure AD Oauth token to start exploring Microsoft Dynamics 365 Business Central API (https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/developer/devenv-develop-connect-apps).
Now I need a way to revoke the token (mentioned above) when a user wants to disconnect from my application.
I tried to find an endpoint like .../oauth2/deauthorize and send a POST request to it with data={'refresh_token': <my-refresh-token>} and headers={'Authorization': <my-client-id-client-secret-pair>}.
But I didn't manage to find such a solution :( Could anybody please help me
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果用户经过身份验证,他将与刷新令牌一起获得访问令牌。
您可以通过
使用命令powershell
使用Microsoft Graph API
通过使用此用户将无法访问 Dynamic 365 在访问令到期后。(1小时)即,他将无法使用刷新令牌获得另一个访问令牌。
访问令牌不能被撤销,但是它的寿命或到期可以是配置。
参考:
If the user is authenticated he gets access token along with refresh token.
You can revoke the refresh token by
Using command Powershell
Using Microsoft graph API
By doing this user will not be able to access the Dynamic 365 after the access token expires.(1hour) i.e he won't be able to receive another access token by using refresh token.
Access token cannot be revoked but its lifetime or expiration can be configured.
References: