";s:4:"text";s:3751:" Guang Yang continues to educate Scott on Azure API Apps. At the same time, Azure Active Directory (AAD) is configured on the our Azure subscription.
Web Apps Quickly create and deploy mission critical web apps at scale; API Management Publish APIs to developers, partners, and employees securely and at scale; Content Delivery Network Ensure secure, reliable content delivery with broad global reach; Azure Cognitive Search AI-powered cloud search service for mobile and web app development Azure API Apps 102 - Adding Authentication During recent customer engagement there was a discussion around client certificate [a.k.a tls mutual] authentication and how to use it with asp.net web api that is hosted on azure as a azure api app. Azure also allow to use self-signed management certificate or Azure AD to get authentication. The corresponding solution, you should protect the web API using Azure AD (we can use the same app which protect the web app)and get the access_token for the web API. Azure AD authentication is added to both the Web API endpoint and the Web App itself. We currently have REST API resources written in ASP.NET Core Web API.These resources are hosted on Azure and are consumed by IOS, Android and various backend clients. We will need to create an App Registration for the web API and an App Registration for the client app calling the web API in Azure Active Directory. Scenario.
Setting up Azure Active Directory In a recent post from his blog, Premier Developer Consultant Razi Rais gives us a step-by-step overview of how to add client certificate Authentication for Web Api Hosted in Azure. AFAIK, for using App Service Authentication / Authorization, your C# Web API need to be deployed to azure.App Service Authentication / Authorization (Easy Auth) is a feature of Azure App Service and is implemented as a native IIS module that runs in the same sandbox as your azure application.For more details, you could refer to Architecture of Azure App Service Authentication / Authorization. In this episode, we add authentication and an understanding of identity to an Azure API App. More info about Windows Azure Management Certificates please refer to document. Using Client Certificate Authentication for Web API Hosted in Azure During recent customer engagement there was a discussion around client certificate [a.k.a tls mutual] authentication and how to use it with asp.net web api that is hosted on azure as a azure api app . The ASP.NET Core Web API project in this tutorial uses Visual Studio 2017 with .Net Core runtime version 2.2.
Unfortunately, there is no security in the our REST API right now. Based on the description, you deploy the web app on Azure and protecting the web app using Azure AD. AFAIK, in this scenario, it is not possible to pass the credential to the web API.
This guide consists of a server side web app and a client side Windows Universal app.