How to authenticate non azure Application in Azure API APP which has AAD authentication in place?
Question
I am having WEB API App which is deployed on Azure App service. Currently only AAD users can be authenticated and able to access API methods. Now we have another requirement where our API methods will be called by one of the on premise application. Could you please let me know how we can get service principal in order to access my cloud API methods from this on premise(non azure) application. Is there any way present in Azure to achieve above requirement.
1 answers
solution1
0 ACCPTED 2021-05-26 03:49:46
There is no official example ready.
You need to create the app registration which represents your WEB API App by following Protected web API: App registration .
Since your on-premise app is equivalent to a daemon app, you should expose application permissions like this: If your web API is called by a daemon app .
Then you can follow this to create the app registration / service principal (represents your on-premise app) which will be used to authenticate to your WEB API App. And you need to add application permissions (which are exposed in the previous step) into this app registration by following Add permissions to access your web API .
At last, use client credentials flow to get the access token. You can use this access token to access your WEB API.
Client Credentials sample in msal-java for your reference.
Here is a similar post and answer (it's c# but the principle is the same).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.