How to Secure an Azure App Service with Azure AD Authentication

In this post, we will look at how to secure an Azure App Service with authentication by using Azure Active Directory. Go to https://portal.azure.com and select an App Service. We will use one we created earlier. Select Authentication / Authorization:

Set App Service Authentication to On:

Select Azure Active Directory. Note the other options – Facebook, Google, Twitter etc:

We see:

Let’s use Express setup. We will call our app CarlCRMAPIADApp:

Set Action to take when request is not authenticated = Log in with Azure Active Directory. If you have it set to “Allow Anonymous Requests” then you will still allow these requests to come through, which may not be desired:

Now, if you send through a request as before, you will get a 503 Service Unavailable error as we are not passing through any authentication:

Let’s go to App Registrations and select our App:

Click on Certificates and Secrets. We will create a New Client Secret:

Give the secret a name, and duration:

We get a value. Copy it:

Now in Postman, let’s finish our request. Click the Authorization tab and select OAuth 2.0:

Then Get New Access Token:

Enter the information below, with information from our App Registration:

Token Name: Anything, e.g. My App Token

Grant Type: Authorization Code

Callback URL: https://carlcrmapi.azurewebsites.net/.auth/login/aad/callback – from Authentication Redirect URL

Auth URL: https://login.microsoftonline.com/directoryid/oauth2/authorize?resource=resourceid where directory id comes from the Overview page of the App Registration and resource id comes from the Overview page Application Id

Access Token URL: https://login.microsoftonline.com/directoryid/oauth2/token?resource=resourceid where directory id comes from the Overview page of the App Registration and resource id comes from the Overview page Application Id

Client Id = from the Overview page of the App Registration the Application Id

Client Secret = Created in Certificates and Secrets

Click Request Token:

We are prompted to log in:

And it asks for permissions. Click Accept:

We get an Access Token returned:

Of type Bearer:

Click Use Token:

We see the Access Token in the Postman request, with OAuth 2.0 set. Click Send, and we get a response back. We are now authenticated with our app using Azure AD:

THANKS FOR READING. BEFORE YOU LEAVE, I NEED YOUR HELP.

I AM SPENDING MORE TIME THESE DAYS CREATING YOUTUBE VIDEOS TO HELP PEOPLE LEARN THE MICROSOFT POWER PLATFORM.

IF YOU WOULD LIKE TO SEE HOW I BUILD APPS, OR FIND SOMETHING USEFUL READING MY BLOG, I WOULD REALLY APPRECIATE YOU SUBSCRIBING TO MY YOUTUBE CHANNEL.

THANK YOU, AND LET'S KEEP LEARNING TOGETHER.

CARL

https://www.youtube.com/carldesouza

ABOUT CARL DE SOUZA

Carl de Souza is a developer and architect focusing on Microsoft Dynamics 365, Power BI, Azure, and AI.

carldesouza.com | LinkedIn | Twitter | YouTube

Facebook

Twitter

고잉버스 쿠폰 November 4, 2024 at 11:11 pm on Converting a URL Link Field in Power BI from Text to Hyperlink to IconHello, just wanted to mention, I liked this article. It was practical. Keep on posting!
sofasmodernos October 31, 2024 at 11:53 am on Edge Websites Opening in Wrong Profile TabThis site really has all the information and facts I wanted about this subject and didn't know who to ask.
Piyush October 15, 2024 at 7:35 am on Understanding Intersect Entities and N:N Relationships in Dynamics 365you made my day Carl, Thanks for sharing
Nilesh Bagdi October 9, 2024 at 8:02 pm on Adding a Modern List to a Power Pages FormHi Carl, Is there a way to change colors of the section just above the header which contain Create, delete
Shakti September 28, 2024 at 4:39 pm on Building and Deploying your First PCF Control (without React)Hi Carl, I am creating a simple PCF component as POC for my office work. In my personal laptop I

How to Secure an Azure App Service with Azure AD Authentication

Related Posts:

Leave a Reply Cancel reply