'Multiple OAuth2 authentication methods in azure api management service
Context
Firstly, I have an App Service that authenticates with built-in authentication system setup to use AAD and Google providers, both providers work correctly and I am able to see the frontend app behind the app service after login. Secondly, I use the path /.auth/me to get the access_token to put the token in the Authorization header for backend APIM authentication. I am using the <validate-jwt> policy to validate the token for AAD and I added another <openid> tag for Google.
Problem
The AAD integration works correctly because the access_token is in JWT format, but with Google, I get an opaque token which is not JWT, so the APIM is not able to validate it and I get a 401 status code.
Question
How can I ask Google oAuth2 to return an access_token that's in JWT format, so that I can validate it in the APIM, and how can I add multiple authentication providers in the APIM ?
EDIT: The only documentation that I found from Microsoft about adding Google as identity provider is this one: https://docs.microsoft.com/en-us/azure/api-management/policies/use-google-as-oauth-token-provider
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|