This repository was archived by the owner on Jun 17, 2025. It is now read-only.
Sample is too complex for basic experience #12
Description
Please provide us with the following information:
This issue is for a: (mark with an x)
- [x] bug report -> please search issues before submitting
- [ ] feature request
- [x] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)
The sample as it is is very complex and also suggests non-secure practices, such as granting admin access to Policy.ReadWrite
Existing sample:
- Creates 3 dummy CA contexts in AAD but doesn't associate them with any issue. This requires a powerful permissions and the sample suggests to pre-authorize for it.
- Dynamically loads CA Contexts and presents an admin screen, allowing the CA context to be associated with a website action (POST todo item, delete todo item)
- Stores this association in a relational database !!!
Proposed simple experience:
- Rely on a static list of AuthContext and actions and no DB
- Just showcase how to do the auth challenge to get MFA, for example on the "Delete" action.