Docs for Downstream Apis #3558
Merged
Docs for Downstream Apis #3558
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jmprieur
commented
Oct 16, 2025
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds comprehensive documentation for calling downstream APIs with Microsoft.Identity.Web. The documentation provides detailed guides for integrating Microsoft Graph, Azure SDKs, and custom APIs, along with decision guidance and implementation patterns.
Key Changes
- Added complete documentation structure for downstream API integration
- Comprehensive guides for Microsoft Graph, Azure SDKs, Web APIs (OBO flow), and custom APIs
- Decision trees and comparison tables to help developers choose the right approach
Reviewed Changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| docs/calling-downstream-apis/microsoft-graph.md | Comprehensive guide for Microsoft Graph integration with GraphServiceClient |
| docs/calling-downstream-apis/from-web-apis.md | Guide for calling downstream APIs from web APIs using On-Behalf-Of flow |
| docs/calling-downstream-apis/custom-apis.md | Guide covering IDownstreamApi, MicrosoftIdentityMessageHandler, and IAuthorizationHeaderProvider |
| docs/calling-downstream-apis/azure-sdks.md | Guide for integrating Azure SDK clients with MicrosoftIdentityTokenCredential |
| docs/calling-downstream-apis/README.md | Overview and decision guidance for calling downstream APIs |
Comments suppressed due to low confidence (2)
docs/calling-downstream-apis/from-web-apis.md:1
- Corrected spelling of 'Scopes' which should be lowercase 'scopes' in this context as it refers to the configuration property.
# Calling Downstream APIs from Web APIs
docs/calling-downstream-apis/custom-apis.md:1
- The comment mentions storage.azure.com scope but this appears in a section about general API configuration. This should either be corrected to show a generic API scope or moved to the Azure SDK documentation section.
# Calling Custom APIs
…ntation improvements.
This document provides a comprehensive guide for implementing various approaches to call downstream APIs using Microsoft.Identity.Web, including decision trees, comparison tables, token acquisition patterns, and code examples for different scenarios.
Updated README to include .NET applications and agent identities.
Replaced mermaid diagram with a decision table for API selection.
jmprieur
commented
Oct 21, 2025
jennyf19
approved these changes
Oct 22, 2025
Updated the documentation for calling downstream APIs by consolidating API registration and clarifying the request methods. Removed redundant sections and improved the structure.
Removed examples for Azure KeyVault, Azure Storage Blobs, Azure KeyVault Secrets, Azure Service Bus, Azure Tables, and Azure Cosmos DB from the documentation.
jmprieur
added a commit
that referenced
this pull request
Jan 3, 2026
* Adding wiki archive * Create README.md with revised documentation content * Adding README, and quickstars for web api and web app, co-authored with GitHub Copilot * Update the qs with auth scheme * add the plan (co authored with Copilot * Adding credentials (with copilot) * Credentials * Add main overview for calling downstream APIs * Add comprehensive documentation for Microsoft Entra Identity Sidecar (#3535) * Initial plan * Add core sidecar documentation files Co-authored-by: jmprieur <[email protected]> * Add remaining core documentation files Co-authored-by: jmprieur <[email protected]> * Add all scenario documentation files Co-authored-by: jmprieur <[email protected]> * Address PR feedback: Convert diagram to mermaid, update wording, add validation scenario Co-authored-by: jmprieur <[email protected]> * Update docs/sidecar/reverse-proxy.md * Address PR review feedback: Update agent identity docs, improve examples, fix terminology Co-authored-by: jmprieur <[email protected]> * Update docs/sidecar/faq.md * Replace ASCII diagram with mermaid diagram in comparison.md Co-authored-by: jmprieur <[email protected]> * Apply suggestions from code review Co-authored-by: Keegan <[email protected]> * Update docs/sidecar/comparison.md * Update docs/sidecar/comparison.md * Address comprehensive PR review feedback Co-authored-by: jmprieur <[email protected]> * Remove Service Mesh Integration section from security.md Co-authored-by: jmprieur <[email protected]> * Update network security guidance to use Kestrel configuration instead of network policies Co-authored-by: jmprieur <[email protected]> * Add input validation guidance and incident response plan reference Co-authored-by: jmprieur <[email protected]> --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]> Co-authored-by: jmprieur <[email protected]> Co-authored-by: Jean-Marc Prieur <[email protected]> Co-authored-by: Keegan <[email protected]> * Add table of contents for Sidecar documentation * Streamline sidecar documentation with table format and remove duplication (#3564) * Initial plan * Streamline sidecar documentation with table format and remove duplication Co-authored-by: jmprieur <[email protected]> * Update Microsoft documentation URLs to current learn.microsoft.com domain Co-authored-by: jmprieur <[email protected]> * docs(sidecar): fix endpoints path formatting and clarify wording * Revise README for clarity and improved navigation Updated the README to enhance clarity and structure, including new sections and improved descriptions for scenarios and resources. * Revise Entra Identity Sidecar documentation Updated the Microsoft Entra Identity Sidecar documentation to enhance clarity and detail on token acquisition, validation, and integration. Added benefits and use cases for the sidecar approach. * Update endpoints.md --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]> Co-authored-by: jmprieur <[email protected]> Co-authored-by: Jean-Marc Prieur <[email protected]> * Docs for Downstream Apis (#3558) * Downstream Apis * Update README.md with revised service registration pattern and documentation improvements. * Revise README for Calling Downstream APIs This document provides a comprehensive guide for implementing various approaches to call downstream APIs using Microsoft.Identity.Web, including decision trees, comparison tables, token acquisition patterns, and code examples for different scenarios. * Enhance README for downstream API guidance Updated README to include .NET applications and agent identities. * Update README with API selection decision table Replaced mermaid diagram with a decision table for API selection. * Update docs/calling-downstream-apis/azure-sdks.md * Refactor downstream API documentation Updated the documentation for calling downstream APIs by consolidating API registration and clarifying the request methods. Removed redundant sections and improved the structure. * Remove Azure SDK examples from documentation Removed examples for Azure KeyVault, Azure Storage Blobs, Azure KeyVault Secrets, Azure Service Bus, Azure Tables, and Azure Cosmos DB from the documentation. * Update custom-apis.md * Update from-web-apis.md * Update microsoft-graph.md * Revise documentation modernization plan and status Updated the documentation modernization plan with completed milestones and revised priorities. Adjusted documentation structure and clarified the status of various sections, including the addition of new documentation for sidecar and agent identities. * Fixing broken links and updating the plan * Finishing downstream APIs * adding token cache * Adding cross links with token cache * cross links with token cache * Updating the plan * More articles * Separating MSAL and OWIN * separating OWIN and MSAL * Add more cross links * Adding daemon scenario * Add gatewatsm proxies and Fix #3596 * Merge the custom-api documentation * Removing docs we don't need * Remove sidecar. Rename readme.md * Adding missing docs, a script to detect broken links, and fixing a few links * Moving design-docs out of (customer) docs * docs: fix quickstart web API snippet typos (#3658) * Fixing links * Fixing broken links * Adding missing links * FIxing docs. --------- Co-authored-by: Copilot <[email protected]> Co-authored-by: jmprieur <[email protected]> Co-authored-by: Keegan <[email protected]> Co-authored-by: kz <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
{PR title}
Summary of the changes (Less than 80 chars)
Description
{Detail}
Fixes #{bug number} (in this specific format)