The Azure SaaS Development Kit (ASDK) provides a reference architecture, deployable reference implementation and tools to help developers, startups, ISVs and Enterprises deliver their applications as a SaaS service. A platform for platform creators.
Azure AD B2C recently released the ability to secure custom connectors with an API key. The communication is currently secured using mTLS (mutual TLS) authentication. Migrate the relevant ASDK code to take advantage of API keys instead.
The following changes are needed:
Update B2C custom policies to use the new authentication scheme
Update the identity bicep deployment to generate an API key and deploy it to the permissions API and remove the certificate generation
Update the Permissions API code to be secured via an API key and remove the mTLS authentication
Update Documentation:
Remove reference to certificate based auth
Add reference to API key auth
Add instructions for re-generating the API key and changing it in both the API and B2C
Azure AD B2C recently released the ability to secure custom connectors with an API key. The communication is currently secured using mTLS (mutual TLS) authentication. Migrate the relevant ASDK code to take advantage of API keys instead.
The following changes are needed: