i followed this tutorial
Tutorial: Access Microsoft Graph
I can login with my organization user to the web app, but i can't use the GraphServiceClient. It always redirect me to the "signin-oidc" page with a 403 error.
Am i missing something in the tutorial? What should i check in the configurations?
Thank you in advance
According to the tutorial you provided, it requires the azure web app to enable easy-auth by azure ad, it also provides a tutorial on how to enable it.
After creating azure web app, go to Authentication then click Add identity provider, then you need to choose microsoft as the provider and then create a new azure ad app if needed. Now we can deploy sample code into azure after doing the configuration. And as the default redirect url in the code is /signin-oidc so we need to add it into azure ad authentication panel-> redirect url.
==============================UPDATE============================
If you used my sample, you also need to modify the appsetting.json with the azure ad application client id and client secret. You can use the azure ad app created just now, you only need to add redirect url with https://localhost:44321/signin-oidc and https://web_app_name.azurewebsites.net/signin-oidc. But in this sample, you don't need to enable easy-auth for azure web app. You only need to create a web app and deploy the sample code to it. I used visual studio to create and deploy. If you wanna create azure web app in azure portal, you just need to click New in azure portal->app service and complete the fields.
Related
I am able to create a new Azure App Service on my Azure subscription from VS code. If I then try to deploy my python web application to the App Service that I just created I get a "401 - Unauthorized: Access" error. If I logon to the Azure portal I can view my newly created App Service. I can see on the Access Control page that I am listed as a contributor. I am not sure why I can not deploy my code or view files. Does anyone have suggestions as to security settings to check? I need to be able to deploy my code. Thank you.
#Kachopsticks, Apologies! If my response is to too late. To benefit the community, sharing the steps that could help isolate such issues:
There is a way to disable basic auth access to the WebDeploy port and SCM site with basicPublishingCredentialsPolicies, see if this is the case.
basicPublishingCredentialsPolicies --parent sites/ --set properties.allow=false
https://learn.microsoft.com/azure/app-service/deploy-configure-credentials?tabs=cli#webdeploy-and-scm
You could re-download the publish profile from Azure portal, and import publish settings in Visual Studio for deployment.
In the Azure portal, open the Azure App Service.
Go to Get publish profile and save the profile locally.
A file with a .publishsettings file extension has been generated in the location where you saved it and you may import that in VS and then attempt to re-deploy.
Additionally, Azure App Service supports two types of credentials for local-Git and FTP/S deployment:
User-level credentials one set of credentials for the entire Azure account.
App-level credentials (one set of credentials for each app. It can be used to deploy to that app only) -. They can't be configured manually, but can be reset anytime. For a user to be granted access to app-level credentials via (RBAC), that user must be contributor or higher on the app (including Website Contributor built-in role). Readers are not allowed to publish, and can't access those credentials.
I am trying to configure multi-tenant authentication with Azure App Service in order to enable multi-tenant authentication for my application. I'm following this tutorial: Consume multi-tenant enterprise APIs secured with Azure AD in SharePoint Framework. But I got stuck while I'm configuring Authentication / Authorization settings.
Any help would be greatly appreciated!
Please refer to Configure your App Service app to use Azure Active Directory login to configure an Azure App to use Azure AD as a authentication provider. While selecting an existing app on express settings you need to make sure the app is registered within your tenant. You can also refer to How to Get to the Keys/Secrets From Azure Active Directory to get the keys/secrets from Azure AD for an Enterprise Application.
I am trying to create an ASP.NET framework app in Azure so i followed the tutorial on the Azure website but while publishing there is always a problem logging in.
I have tried to login several times and it is all successful but i am unable to proceed with creating app services. The page will still be the same page asking to login or create an account.
I am also login to my visual studio 2017 enterprise with the same account so i am wondering why i can't proceed on.
Thank you
According to your description, I suppose you haven't buy the Azure. You could buy Azure from this link. After that, your account could use Azure. Then you could get Subscription for Azure portal. You could also create Resource Group and App Service Plan from Azure portal.
If you want to use Azure for free,you can use trial version.Just like the following screenshot. However, it has use time and function limit.
I have running the basic todoitem app service running on azure. Calling the below url will display the content in the todoitem table. How can I add basic security to prevent this data from being accessed by anyone, like a basic parameter, ToDoItem?MyToken=12345.
https://MyappService.azurewebsites.net/tables/ToDoItem
How can I add basic security to prevent this data from being accessed by anyone, like a basic parameter, ToDoItem?MyToken=12345.
I would recommend you using the build-in Authentication and authorization in Azure App Service.
App Service supports five identity providers out of the box: Azure Active Directory, Facebook, Google, Microsoft Account, and Twitter. To expand the built-in support, you can integrate another identity provider or your own custom identity solution.
Here are some great tutorials, you could refer to them:
For Node.js backend, you could follow 30 DAYS OF AZURE MOBILE APPS.
For developing azure mobile apps with C#, you could follow here.
How do I set up ACS in SQL Azure?
I am trying a code sample from Azure that is to create a custom Login Page in ASP.NET and MVC 3.
It claims to use the ACS Management Portal. It instructs to log on to the my Azure homepage and "navigate to the Service Bus, Access Control and Cashing section." Where is that? I do not see this on my Azure homepage.
The example is listed here:
http://msdn.microsoft.com/en-us/library/windowsazure/hh127794.aspx
The step says:
To configure the sample via the ACS Management Portal
Open a browser, navigate to the Windows Azure homepage (http://go.microsoft.com/fwlink/?LinkId=130560), and sign in. Navigate
to the Service Bus, Access Control, and Caching section to configure
your ACS service namespace. Once you have created a namespace, select
it and click Manage > Access Control Service, located at the top of
the page. This will launch the page in a new window.
Where is that? I do not see this on my Azure homepage.
http://i67.photobucket.com/albums/h292/Athono/AZURE/whereistheservicebus.png
What you're seeing is the new preview portal (I'm referencing your screenshot). In order to access all features of your Azure subscription you might also need to use the 'old' Silverlight portal. Today this is still the case for ACS.
You can visit the old portal through this URL: https://windows.azure.com/