Skip to Main Content
Data services feedback portal

Welcome to our feedback site!


We created this site to hear your enhancement ideas, suggestions and feedback about CONNECT products and services. All of the feedback you share here is monitored and reviewed by the CONNECT product managers.

To start, take a look at the ideas in the list below and VOTE for your favorite ideas submitted by other users. POST your own idea if it hasn’t been suggested yet. Include COMMENTS and share relevant business case details that will help our product team get more information on the suggestion. Please note that your ideas and comments are visible to all other users.


This page is for feedback specifically for CONNECT data services. For links to our other feedback portals, please see RESOURCES below.

Status No status
Product General
Categories Security
Created by Guest
Created on Aug 18, 2022

OCS APIs should allow requests with an Access Token issued by my Identity Provider

A customer is building a Web application that needs to access both Microsoft APIs (secured using Azure Active Directory) and OCS APIs (secured using OCS Identity Server). In order for the customer to call both sets of APIs from their Web application, they currently need to authenticate the User with Azure Active Directory and perform a second authentication with OCS Identity Server. The Access Token issued by Azure Active Directory can be used to access Microsoft’s APIs and the Access Token issued by OCS Identity Server can be used to access OCS APIs, but not vice-versa. This means that the customer has to (a) perform 2 authentications of the User logging into their application (with potentially two login dialogs, though the two login dialogs can likely be worked around) and (b) maintain two sets of Access and Refresh Tokens, each with their own lifetimes. This is complex to build and maintain.   Instead, the customer would like to be able to configure their OCS Tenant to “trust” their Azure Active Directory Identity Provider. The intent would be to have their Web Application authenticate once only with their Azure Active Directory and have the Access Token issued by their Azure Active Directory be “directly accepted” by the OCS APIs. This would radically simplify the complexity of their application.
  • Attach files