App Service Authentication for Web API - using google / facebook token in X-ZUMO-AUTH RRS feed

  • Question

  • I have a webapi deployed on App Service and have the authentication service turned on. It is using Google and Facebook. Based on the Azure documents, it says that when I call my webapi endpoints, i should include the google access token in the X-ZUMO-AUTH header. But when I do this, I get redirected to the google login page. I see this happening using Fiddler/Postman as well. How can I reach my webapi endpoint with the Google access token??


    In fiddler, I do HTTP GET to:


    And i set the header:

    X-ZUMO-AUTH: xxxxx-access-token-xxxx

    Response is redirect page to google login.

    Software Engineer

    Sunday, July 17, 2016 8:32 PM

All replies

  • There are three steps you must do:

    1) Set up the Google authentication in the portal -> your app service -> Authentication / Authorization

    2) Call mobileClient.login('google', yourGoogleToken); - this is a part of the Mobile Client SDK.  Underneath, it called /.auth/login/google with the token in a JSON block (see the docs for details) that returns a cookie or JSON response with a new token for ZUMO

    3) Call your API with X-ZUMO-AUTH set to the new token you received in #2

    You cannot directly use the Google token without additional code and configuration (basically duplicating what we do with the login method in App Service)

    Monday, July 18, 2016 5:19 PM