I am about to have a conversation with a developer about using oauth proxy
It looks to us that if he does use it we will only effectively see the proxy and not the multiple apps that lie behind it.
Is this correct and if so i guess we should use MFA for this connection
I realise this is a bit generic but i am new to oauth and integration with azure AD and after a search cannot find any relevant posts (oauth yes, oauth proxy no).
Can anyone point me to a relevent site or enlighten me as to the visibility we might get of the Apps on the 'other side' of the proxy
@Steve Switzer Is your developer referencing utilizing an Azure Enterprise Application Registration?
This is a easy and secure way to allow the developer to use the native API call in the Office 365 Stack.
You can find more information: here
The other option is to use an Azure Application Proxy. This is used to broker secure connections for on premise applications against Azure AD.
Both of these can utilize OAuth. If you can use an Azure Enterprise Application Registration it has a much smaller footprint and requires a lot less work.
Thanks for the update will we get full visibility of the apps on the CAS if we use either of these microsoft options do you know ?