Hi!We’d like to be able to access data from the Projections REST API with maintained end user authorization from a third-party web application with it’s own backend REST API, preferably with AzureAD as our primary SSO IDP. We have configured an IAM Identity provider in IFS cloud.The problem is that tokens issued by the AzureAD is not accepted by IFS Cloud/Keycloak, and we can’t find a way to do “token-exchange” or get a token for the user “on-behalf-of” via a confidential IAM Client. Those features seems to be disabled in keycloak.(We can authenticate directly towards IFS Cloud/keycloak and get a token for accessing the projections but in our use-case, this would require two logins, one to Azure, and one to IFS Cloud)Is there any way we can use AzureAD as our primary IDP, and use that access token to query projections with maintained end-user permissions?
Already have an account? Login
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.