We are planning to build a REST service in Azure and planning to authenticate it against AAD.
Few of our clients who will consume our REST service are in On premise and they are authenticated against Windows Auth. If they try to get AAD token to call our service, I feel they will be redirected to AAD login page to enter credentials(these are same as windows auth credentials). Can we bypass this and convert windows auth to AAD token silently and call our REST service?
If not possible, what are the recommended approaches in this scenario?
I need user information, which I’m planning to read from AAD token.
If I use certificate auth, client can send user information in request. That means User A can request info of User B. which we don’t want