Skip to content

Commit 7bcc257

Browse files
Merge pull request #224970 from dlepow/patch-171
Update validate-azure-ad-token-policy.md
2 parents 35bf53e + b51a4cd commit 7bcc257

File tree

1 file changed

+2
-18
lines changed

1 file changed

+2
-18
lines changed

articles/api-management/validate-azure-ad-token-policy.md

Lines changed: 2 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ The `validate-azure-ad-token` policy enforces the existence and validity of a JS
6060
| Attribute | Description | Required | Default |
6161
| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- |
6262
| tenant-id | Tenant ID or URL of the Azure Active Directory service. | Yes | N/A |
63-
| header-name | The name of the HTTP header holding the token. | One of `header-name`, `query-parameter-name` or `token-value` must be specified. | N/A |
63+
| header-name | The name of the HTTP header holding the token. | One of `header-name`, `query-parameter-name` or `token-value` must be specified. | `Authorization` |
6464
| query-parameter-name | The name of the query parameter holding the token. | One of `header-name`, `query-parameter-name` or `token-value` must be specified. | N/A |
6565
| token-value | Expression returning a string containing the token. You must not return `Bearer` as part of the token value. | One of `header-name`, `query-parameter-name` or `token-value` must be specified. | N/A |
6666
| failed-validation-httpcode | HTTP status code to return if the JWT doesn't pass validation. | No | 401 |
@@ -102,23 +102,7 @@ The `validate-azure-ad-token` policy enforces the existence and validity of a JS
102102

103103
### Simple token validation
104104

105-
```xml
106-
<validate-jwt header-name="Authorization" require-scheme="Bearer">
107-
<issuer-signing-keys>
108-
<key>{{jwt-signing-key}}</key> <!-- signing key specified as a named value -->
109-
</issuer-signing-keys>
110-
<audiences>
111-
<audience>@(context.Request.OriginalUrl.Host)</audience> <!-- audience is set to API Management host name -->
112-
</audiences>
113-
<issuers>
114-
<issuer>http://contoso.com/</issuer>
115-
</issuers>
116-
</validate-jwt>
117-
```
118-
119-
### Simple token validation
120-
121-
The following policy is the minimal form of the `validate-azure-ad-token` policy. It expects the JWT to be provided in the `Authorization` header using the `Bearer` scheme. In this example, the Azure AD tenant ID and client application ID are provided using named values.
105+
The following policy is the minimal form of the `validate-azure-ad-token` policy. It expects the JWT to be provided in the default `Authorization` header using the `Bearer` scheme. In this example, the Azure AD tenant ID and client application ID are provided using named values.
122106

123107
```xml
124108
<validate-azure-ad-token tenant-id="{{aad-tenant-id}}">

0 commit comments

Comments
 (0)