We’ve developed a small SPA wrapper for OD, called Tenant Overview, setting up a matrix with projects and tenants, giving access to view and deploy misc. ‘stacks’ from a single page. So far this is just an anonymous page, getting access via en API key. Recently we integrated our OD instance with Azure AD, to align with our other development tools and getting MFA and SSO. We looking into integrating AAD with our Tenant Overview SPA, so we both get authentication and authorization in order.
The question is whether it is possible to access the OD API with an AAD issued oAuth token or some how exchange the oAuth token to a user specific API key.