I am new to Azure development. I am working on a ASP.Net core application and planning to host on Azure. This application requires a datastore to record oAuth credentials of all registered tenants. The data would be <10K rows. What is the best option to store such data on Azure.
Related
We have written some code (I hesitate to use the term "application") in .NET Core using Visual Studio 2019. This concept is relatively simple; when a user opens a "proprietary" Excel workbook (an Excel file that calls our code) the code goes out to a hosted (by us) Azure SQL Managed database and returns data based on the parameters passed in by the user.
In Azure, we have a single production App Service plan with an App Service dedicated to each client (company). My question is about security: I'd like to tie each App Service to the related company's Azure AD. I do NOT want to create an account on my Azure AD for each user, although I can certainly do this through the "invitation" process using B2B. Can each App Service be "pointed" to a specific external instance of Azure AD so that only users from that company can access the related data?
Thanks.
You may use two different flows:
Each WebApp will authenticate users from only one specific Azure AD tenant
One WebApp will authenticate users from multiple Azure AD tenants
Both solution can be achieved with Azure AD multi-tenant authentication application pattern.
Here are steps you need to implement:
Update App registration to be multi-tenant
Update your code to send requests to /common
Update your code to handle multiple/single issuer values
Here is a picture that describes the flow
https://learn.microsoft.com/en-us/azure/active-directory/develop/howto-convert-app-to-be-multi-tenant
We have multiple mobile apps which displays images, documents from azure blob storage. Right now these storage account blob containers are public, so our mobile apps can access. But now we want to restrict all these containers to private. I am looking for a generic solution where I will create .NET webapi's deploy to azure app service. This app service should talk to storage account and return the blobs/images/documents. All mobile apps should talk to app services instead of directly talking to Storage accounts.
If you could suggest the high-level overview on how to approach this?
We already have mobile apps directly talking to azure storage accounts.
Yes, it is a practicable plan. In this scenario, your container and blob could be private, and your web api can access them via Azure Storage SDK, and your mobile apps will be clients which need to get authorized to call your web api.
To utilize the Azure AD, you need to create two applications in Azure AD. One is a web application which represents the web api, and the other is a native application (or several apps) which represents the client.
There is an official sample for get-started with this: Samples, you may refer to it first.
I am trying to create an app in Xamarin.Forms which can store photos and their description and names. In this app, there will be users and image loading will depends on account with what you signed in. I store images in storage accounts and its urls I store in Azure Easy Tables.
I want to ask that for saving names and descriptions I should use Azure Easy Tables or other Azure storage feature ? If I should use Easy Tables how can I load only specific data for specific user?
Thanks for your answers !!!
According to your description, I assumed that you are using Azure Mobile Apps for your mobile app backend. You could leverage Azure Mobile Apps server SDK to store related data which is stored under blob storage / file shares.
I want to ask that for saving names and descriptions I should use Azure Easy Tables or other Azure storage feature ? If I should use Easy Tables how can I load only specific data for specific user?
Azure Mobile Apps support two backend languages (C#,Node.js). For C# backend, you could follow the tutorials below to implement your requirement.
C# backend & Xamarin.Forms projects
App Service Mobile sample todo list client app with images
Connect to Azure Storage in your Xamarin.Forms app
Easy Tables are served by Node.js backend. For Node.js backend, Azure Mobile Apps have not provided the similar File Management server SDK as C# backend. Details, you could follow 30 DAYS OF AZURE MOBILE APPS.
For associating data with the specific user, you could follow adrian hall's book about Data Projection and Queries for C# backend, 30 DAYS OF ZUMO.V2 (AZURE MOBILE APPS): DAY 6 – PERSONAL TABLES for Node.js backend.
We are migrating an ASP.NET application onto Azure. Target state selected as Cloud Service Web role to host application component and Database onto Azure SQL/SQL Database. Currently the application is configured onto Kerberos in the source environment. Please let me know if Kerberos can be configured onto Target Environment without any issues.
Are they any specific steps to be done for Kerberos to work?
Yes, but you have to use Azure Active Directory. This method of authentication is in preview atm and only available for Azure SQL v12. There's possibly a lot of steps involved for your scenario from populating your Azure AD to setup your application. Check these references:
Integrating your on-premises identities with Azure Active Directory
Azure SQL Database security guidelines and limitations
Connecting to SQL Database By Using Azure Active Directory Authentication
I'm working with Azure Java API in Eclipse.
In my program, I get the Azure credentials from the user. In this way I can use for example the Blob storage service using the Java API for Azure.
But my problem is when I want to manage the data bases deployed in Azure SQL service. My question is if I can list the data bases that the user have created in his Azure account using the Java API and the Azure credentials.