We have a lot of demand in creating and managing group of tester for our app, is there any way to automate users (testers) managment (Ex: webservices, api,...), or its only possible using the web interface?
Related
I would like to understand if I can use Azure AD authentication for our enterprise application. Basically we have a service that manages component data for several thousand product teams in my company. The requirement is team A can only view their data. According to https://www.youtube.com/watch?v=59YwW8FrLm8, we can create custom roles in an Azure app and assign them to different client apps. My concern is that is there a limit on how many roles we can create in the app? We have several thousand product teams to support. Also, is there any performance impact on large number of custom roles in an app?
The bigger question is if we should utilize Azure OIDC to do this authorization. Is this something that we are better off writing our own authorization logic?
Confirmed that by default, it is 5000.
We'd like to use the Logic App UI/engine in the Azure Portal and give it to customers who have some development experience, so they are able to hook into our application to customise some calculations.
Is it possible to
a) Brand Azure Logic App/Portal resources with a company label etc or
b) Provide some other mechanism of creating Logic Apps (desktop, web UI) that uses Azure Logic Apps underneath
I think the idea is that you set up some custom connectors into your application so that your customers can set up their own logic apps in their own subscriptions.
Here's some docs
If you had your customers using your logic apps, rebranded in some way, they would have access to each others cached credentials through saved connections which would be undesirable in many cases.
In Azure portal, i wanted to create multiple useraccounts and then track those useraccounts for the data usage in Azure API management service. I can able to create the useraccounts but inorder to know how much data is used by those users for particular API, how can i get that metrics?
API Management has 2 portals and 2 types of users. The Azure Portal is used for API Managers (think users who publish APIs, operations, manage policy, etc.). The Developer Portal is used by developers who are using (think customers) of your API. In order to use an API the user/customer has to register with the Developer Portal and get a Subscription to a given API and the associated key. So you have to authenticate them.
The Developer Portal supports different authentication mechanisms including Azure AD. So if you plan to use Azure AD for your authentication for both portals you will need to configure it accordingly. https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-aad
fwiw - by default the Developer portal provides a form based authentication for developers
Metric wise once a developer is registered you will be able to report on their activity through API Management.
I have a business requirement where Azure Subscription owner will Provision User Groups like Infrastructure Admin, Billing Admin, Enterprise Users. Ifra Admin people should login to this Portal & can only see options related to Infra provisioning. Billing Admin people should have access to Azure usage Enterprise wide - And they should be able to generate bills for respective teams(which are part of the organization). Enterprise Users are those who want to procure azure storage, VMs etc. and they want estimate cost for required infra.
I am looking out for a solution/approach for this requirement. If Azure Portal is already providing this feature then please provide me reference material. If i should build new custom Web application which internally use Azure APIs then let me know about that option as well.
If there are any products which already doing this even am open for that.
Deeply appreciating your help. Thanks a lot :)
Vishal.
Let me answer by breaking your question in 2 parts:
Managing Users - This is something you can do today in Azure. Some time ago, Azure announced Role-based access control (RBAC) and that fits the bill nicely for you as far as managing users and granting them permissions to do things. So in your scenario, the owner will create users and groups in Azure Active Directory and then put these users and groups in appropriate roles. When a user or a group member tries to manage the resources (either by logging into the portal or using other tools like Azure PowerShell Cmdlets), they will only be able to do things the role they are in allows.
Managing Billing - Though Azure Portal exposes the billing functionality (and there's a billing/usage REST API), it does not have the capability you're looking for. What you would need to do is look for ITFM (IT Financial Management) Systems that has support for Azure. Off the top of my head, two tools come to my mind - Cloudyn & Cloud Cruiser. You can learn more about it here: https://azure.microsoft.com/en-in/documentation/articles/billing-usage-rate-card-overview/. You could always consume the Billing/Usage REST API to create a solution of your own. If you're writing your own solution, you may want to check out Billing Samples on GitHub.
We plan to use Windows Azure Mobile Services for several of our commercial apps and would like to create a single data store for users instead of creating it for every mobile service. We don't want to use Microsoft or Facebook... providers due to this issue Multiple apps using a single Azure Mobile Service for Live Authentication?
This way, the user data for all our apps is stored in single separate Custom_Auth database and the users won't need to Register again for our other apps. Should we create a separate mobile service that basically enables custom authentication and acts as a provider for other apps?
Do you see any pitfalls with this approach and what steps would I need to take for creating this custom provider as a separate mobile service?
Basically, we want to create our own provider so that user of one our apps can login to the other apps using the same credentials.
I have read through the following links. Posting them here as they may be useful for others starting out with Authentication and Azure Mobile Services.
http://www.thejoyofcode.com/Generating_your_own_ZUMO_auth_token_Day_8_.aspx
http://www.thejoyofcode.com/Fetching_a_basic_user_profile_in_Mobile_Services_Day_9_.aspx
http://www.thejoyofcode.com/Exploring_custom_identity_in_Mobile_Services_Day_12_.aspx
http://chrisrisner.com/Authentication-with-Windows-Azure-Mobile-Services
Thanks in advance
Hope this helps you
http://chrisrisner.com/Authentication-with-iOS-and-Windows-Azure-Mobile-Services
Someone created a custom authentication API using AZURE
with Parse.com, you are limited to their backend and unfortunately it doesn't have all the nice features as Azure
MS really messed us around with this