I’m struggling to make authentication on our REST API for UD work. We have the following scenario:
UD instance with AzureAD Authentication running on port 443.
UD REST API instance running on the same server on port 8443.
REST API is working fine when supplying arbitrary (forms-based) credentials to the api/login endpoint, receiving a bearer token and using this for the endpoints.
What I’m wondering is if I can somehow (programmatically) authenticate against the UD (with AzureAD) to retrieve the bearer token and then continue to talk to the REST API with that.
The goal would be to auth against UD, issue bearer token only when specific claims from AzureAD token AND specific authorization policies are met and then continue to API with the bearer token.
While this will work interactively (user logging into UD with a browser and requesting token), we need to make this work from other services that talk to UD in a programmatic way.
is this possible?