Azure Active Directory provides Identity Platform which allows Secured Access to your Application & Services. In this article we can explore how to create a Web API Service & Protect it with AAD App Registration.
Create New API Service
Open Visual Studio & Create a new Web API Service.
Run the Service and Ensure you are able to access the Results as displayed below.
http://localhost:62573/api/values
Publish the Service
Now right click on the project & publish the service to Azure App Service.
You need an Azure Subscription to perform this. You can use following link to do the same.
https://azure.microsoft.com/en-us/free/
Choose the App Service option.
Enter the App Service option.
Azure App Service is a PaaS (Platform as a Service) way of Hosting web sites.
You can test your new App Service with the URL.
https://aadservice2019.azurewebsites.net/api/values
If you are getting the same results, you are good!
Protect the Service
Now we can protect the Service with Azure Active Directory. There is a Quick Way to achieve the same without writing a single line of code.
Go to Azure Portal > App Services blade > Click on your service.
Go to Authentication/Authorization blade.
Turn App Service Authentication to On. Then in the appearing options choose the following:
· Login with Azure Active Directory
· Choose Azure Active Directory from Authentication Providers > Then choose Express option
Save changes.
Test the Service
Now test the service again with the previous URL. This time you will be prompted for Login.
This means the Service is protected from Anonymous Access now.
References
https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-scenarios
Summary
In this article we have explored how to create a Web API Service & Protect it with AAD App Registration.