Introduction
We are going to enable AAD authentication to AppService WebApp which has both browser applications as well as API. API can be tested by Postman.Phases
Create and host application having web pages as well as API.Create an Azure App registration.
Settings in App service to enable authentication.
Testing
The application tested from both browser as well as Postman
Browser
It is easy as browsing the URL. It will redirect to the login page then after entering credentials it will redirect back to the application URL.Postman
This has 2 steps. Generating JWT is the first step. Then using that JWT in the authorization header, invoke the Web API.Video
The issue which may encounter
Postman is not working with the audience
https://github.com/postmanlabs/postman-app-support/issues/2934https://github.com/postmanlabs/postman-app-support/issues/4391
References
https://azuretrendz.wordpress.com/2019/09/27/testing-with-postman/https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow
https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-client-creds-grant-flow
https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-daemon-app-registration
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-auth-aadpp-service-web-tutorial-auth-aad
https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-protected-web-api-app-registration#if-your-web-api-is-called-by-a-daemon-app
No comments:
Post a Comment