I have and Ember SPA that uses JSLL to interactively log a user in and then make cross-domain calls to our dependent services. I'm working on a VSTS Release definition that will deploy the app then invoke a particular 'health page' that executes synthetic transactions to the dependent services and reports.
What I need guidance on is the proper way to bypass the interactive login but still be able to acquire heedlessly the access_token(s) needed for the ajax calls to the dependent services.
VSTS provides a SYSTEM_ACCESSTOKEN build variable that would make secrets management very simple but I don't think it is well suited for what I'm trying to do.
The best way I can figure is to create a service principle in AAD, provision that account with my dependent services and programmatically login to acquire the token then just use that token for the Bearer token in the Authorization header.
Is there any better approach?
If that is the recommended approach can someone point me to the JSLL/ADAL API that would accomplish that?
Aucun commentaire:
Enregistrer un commentaire