You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/container-apps/token-store.md
+10-15Lines changed: 10 additions & 15 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,42 +5,37 @@ services: container-apps
5
5
author: craigshoemaker
6
6
ms.service: container-apps
7
7
ms.topic: how-to
8
-
ms.date: 02/12/2024
8
+
ms.date: 02/26/2024
9
9
ms.author: cshoe
10
10
---
11
11
12
12
# Enable a token store in Azure Container Apps
13
13
14
-
A token store is a repository of security tokens associated with the users of a web application or its APIs. When your application code needs to access user profile data, you can use a token store to contact an authentication providers on the user's behalf.
14
+
Azure Container Apps authentication supports a feature called token store. A token store is a repository of tokens that are associated with the users of your web apps and APIs. You enable a token store by configuring your container app with an Azure Blob Storage container.
15
15
16
-
Common scenarios for a token store include:
16
+
Your application code sometimes needs to access data from these providers on the user's behalf, such as:
17
17
18
-
* Posting to the authenticated user's Facebook timeline
18
+
* post to the authenticated user's Facebook timeline
19
+
* read the user's corporate data using the Microsoft Graph API
19
20
20
-
* Read the user's corporate data using the Microsoft Graph API
21
+
You typically must write code to collect, store, and refresh these tokens in your application. With the token store, you just [retrieve the tokens](../app-service/configure-authentication-oauth-tokens.md#retrieve-tokens-in-app-code) when you need them and [tell Container Apps to refresh them](../app-service/configure-authentication-oauth-tokens.md#refresh-auth-tokens) when they become invalid.
21
22
22
-
You typically write code to collect, store, and refresh tokens in your application. With the token store, you can [retrieve the list of tokens](/azure/app-service/configure-authentication-oauth-tokens) when you need them, and [tell Container Apps to refresh them](/azure/app-service/configure-authentication-oauth-tokens) when they become invalid.
23
-
24
-
25
-
26
-
The ID tokens, access tokens, and refresh tokens are cached for the authenticated session, and they're accessible only by the associated user.
27
-
28
-
You enable a token store by configuring your container app with an Azure Storage account.
23
+
When token store is enabled, Container Apps authentication caches ID tokens, access tokens, and refresh tokens the authenticated session, and they're accessible only by the associated user.
29
24
30
25
## Generate a SAS URL
31
26
32
-
Before you can create a token store for your container app, you first need an Azure Storage account with a private container.
27
+
Before you can create a token store for your container app, you first need an Azure Storage account with a private blob container.
33
28
34
29
1. Go to your storage account or [create a new one](/azure/storage/common/storage-account-create?tabs=azure-portal) in the Azure portal.
35
30
36
-
1. Select **Containers** and create a private container if necessary.
31
+
1. Select **Containers** and create a private blob container if necessary.
37
32
38
33
1. Select the three dots (•••) at the end of the row for your container.
39
34
40
35
1. Enter the values appropriate to your needs in the *Generate SAS* window.
41
36
42
37
> [!NOTE]
43
-
> Make sure your keep track of your SAS expiration dates to ensure access to your container doesn't cease.
38
+
> Make sure you keep track of your SAS expiration dates to ensure access to your container doesn't cease.
44
39
45
40
1. Select the **Generate SAS token URL** button to generate the SAS URL.
0 commit comments