We have an FusionAuth instance that is the IDP for our web application. We would like to deploy content to Azure Blob Storage and use FusionAuth to control access to that content. However, everything we seem to find on the topic is about using FusionAuth to authenticate against Azure AD, which I don't think we want to do since our users live in FusionAuth and we have no presence in Azure AD at all.
For clarity, we would like the authentication to flow something like this:
- User logs into our web app and is authenticated via FusionAuth (this is in place already and working well)
- User requests URL which is a piece of content hosted in an Azure Storage Blob.
- Azure Storage Blog (or some intermediary) authenticates backs to FusionAuth to check whether the user is authorized for the piece of content or not.
Does anyone have any suggestions or pointers for what we're trying to do, or even if it's possible?