[FIXED] Identity providers that work with Cosmosdb

Issue

What identity providers work with CosmosDB? I have a Xamarin Forms Mobile app and an Angular 4 Web app that I want users to be able to log in to either to get at their data. I want to avoid having to right a massive middle wear program, but resource token broker app would be ok.

I am surprised that there is no native support for Azure AD B2C.

I have tried using Azure AD B2C MSAL but it doesn’t work very well and it’s very buggy. I would have thought this would have been high on Microsoft’s to do list.

Solution

Cosmos DB supports master keys (a primary/secondary but both have full control) and “resource tokens”. These resource tokens can be created by giving a user in Cosmos DB access to a specific resource.

See
https://docs.microsoft.com/en-us/rest/api/documentdb/access-control-on-documentdb-resources
https://docs.microsoft.com/en-us/azure/cosmos-db/secure-access-to-data

As for how to integrate with Azure AD B2C. There is no native integration, Azure AD B2C cannot by itself issue resource tokens for Cosmos DB. However I imagine you could implement a micro-service that would authenticate a user using Azure AD B2C, validate the ID token returned by Azure AD B2C and then use the Cosmos DB client library to generate a resource token.

Answered By – Saeed Akhter

Answer Checked By – Clifford M. (Easybugfix Volunteer)

Leave a Reply

(*) Required, Your email will not be published