Vulnerability in EPiServer.Forms
Episerver Admin login is successfully working using Azure AD, but I can't seem to get the Service Api to use it. I can only login to the Service Api by using the built in authentication. Is the Service Api even compatible with Azure AD? Any ideas on what I can try?
Yeah, out-of-the-box you will need to obtain a bearer token from ServiceAPI.
But since ServiceAPI is built on top of WebAPI, you can make it support other OWIN-based authentication methods.
The below code sample can be added to an initialization module.
// Make an initialization module, and decorate it with this attribute.
// Add this inside the Initialize method.
DefaultAuthenticationTypes.ApplicationCookie refers to the default cookie-based ASP.Net Identity authentication. If you used another name in your Azure AD integration, use that instead.