Using OAUTH PROXY

%3CLINGO-SUB%20id%3D%22lingo-sub-227727%22%20slang%3D%22en-US%22%3EUsing%20OAUTH%20PROXY%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-227727%22%20slang%3D%22en-US%22%3E%3CP%3EI%20am%20about%20to%20have%20a%20conversation%20with%20a%20developer%20about%20using%20oauth%20proxy%3C%2FP%3E%3CP%3EIt%20looks%20to%20us%20that%20if%20he%20does%20use%20it%20we%20will%20only%20effectively%20see%20the%20proxy%20and%20not%20the%20multiple%20apps%20that%20lie%20behind%20it.%3C%2FP%3E%3CP%3EIs%20this%20correct%20and%20if%20so%20i%20guess%20we%20should%20use%20MFA%20for%20this%20connection%3C%2FP%3E%3CP%3EI%20realise%20this%20is%20a%20bit%20generic%20but%20i%20am%20new%20to%20oauth%20and%20integration%20with%20azure%20AD%20and%20after%20a%20search%20cannot%20find%20any%20relevant%20posts%20(oauth%20yes%2C%20oauth%20proxy%20no).%3C%2FP%3E%3CP%3ECan%20anyone%20point%20me%20to%20a%20relevent%20site%20or%20enlighten%20me%20as%20to%20the%20visibility%20we%20might%20get%20of%20the%20Apps%20on%20the%20'other%20side'%20of%20the%20proxy%3C%2FP%3E%3CP%3ESteve%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-227727%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%20oauth%20proxy%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-266179%22%20slang%3D%22en-US%22%3ERe%3A%20Using%20OAUTH%20PROXY%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-266179%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Kohean%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20the%20update%20will%20we%20get%20full%20visibility%20of%20the%20apps%20on%20the%20CAS%20if%20we%20use%20either%20of%20these%20microsoft%20options%20do%20you%20know%20%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESteve%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-229291%22%20slang%3D%22en-US%22%3ERe%3A%20Using%20OAUTH%20PROXY%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-229291%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F76487%22%20target%3D%22_blank%22%3E%40Steve%20Switzer%3C%2FA%3E%26nbsp%3B%20Is%20your%20developer%20referencing%20utilizing%20an%20Azure%20Enterprise%20Application%20Registration%3F%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20is%20a%20easy%20and%20secure%20way%20to%20allow%20the%20developer%20to%20use%20the%20native%20API%20call%20in%20the%20Office%20365%20Stack.%26nbsp%3B%3C%2FP%3E%3CP%3EYou%20can%20find%20more%20information%3A%20%3CA%20title%3D%22Integrating%20applications%20with%20Azure%20Active%20Directory%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fquickstart-v1-integrate-apps-with-azure-ad%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehere%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20other%20option%20is%20to%20use%20an%20Azure%20Application%20Proxy.%26nbsp%3B%20This%20is%20used%20to%20broker%20secure%20connections%20for%20on%20premise%20applications%20against%20Azure%20AD.%3C%2FP%3E%3CP%3EYou%20can%20find%20more%20information%3A%20%3CA%20title%3D%22How%20to%20provide%20secure%20remote%20access%20to%20on-premises%20applications%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fmanage-apps%2Fapplication-proxy%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehere%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBoth%20of%20these%20can%20utilize%20OAuth.%26nbsp%3B%20%26nbsp%3BIf%20you%20can%20use%20an%20Azure%20Enterprise%20Application%20Registration%20it%20has%20a%20much%20smaller%20footprint%20and%20requires%20a%20lot%20less%20work.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Steve Switzer
Occasional Contributor

I am about to have a conversation with a developer about using oauth proxy

It looks to us that if he does use it we will only effectively see the proxy and not the multiple apps that lie behind it.

Is this correct and if so i guess we should use MFA for this connection

I realise this is a bit generic but i am new to oauth and integration with azure AD and after a search cannot find any relevant posts (oauth yes, oauth proxy no).

Can anyone point me to a relevent site or enlighten me as to the visibility we might get of the Apps on the 'other side' of the proxy

Steve

2 Replies

@Steve Switzer  Is your developer referencing utilizing an Azure Enterprise Application Registration?  

This is a easy and secure way to allow the developer to use the native API call in the Office 365 Stack. 

You can find more information: here

 

The other option is to use an Azure Application Proxy.  This is used to broker secure connections for on premise applications against Azure AD.

You can find more information: here

 

Both of these can utilize OAuth.   If you can use an Azure Enterprise Application Registration it has a much smaller footprint and requires a lot less work.

Hi Kohean

 

Thanks for the update will we get full visibility of the apps on the CAS if we use either of these microsoft options do you know ?

 

Steve

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
9 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies