To get the AppServiceAuthSession cookie using an access or ID token for a web app deployed on Azure App Service, you can use the following steps:
First, ensure that you have obtained an access or ID token from the authentication provider.
Next, make a POST request to the /.auth/login endpoint of your Azure App Service, including the access or ID token in the request body as a JSON object. The request should be made to the URL of the form https://<your-app-name>.azurewebsites.net/.auth/login.
If the request is successful, the server will return a Set-Cookie header in the response, which will contain the AppServiceAuthSession cookie. You can then extract this cookie and store it in your web app for use in subsequent requests.
Example:
fetch('https://<your-app-name>.azurewebsites.net/.auth/login', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
access_token: '<your-access-token>'
})
}).then(response => {
const setCookieHeader = response.headers.get('Set-Cookie');
// Extract the AppServiceAuthSession cookie from the Set-Cookie header and store it for use in subsequent requests
});