/ Performance Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Using Azure AD Service Principals to Secure Applications

DZone's Guide to

Using Azure AD Service Principals to Secure Applications

With the new ARM model, you can use Azure AD service principals to secure applications. Read this article to find out how.

by
·
Aug. 31, 16 · Performance Zone ·
Free Resource

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Learn how error monitoring with Sentry closes the gap between the product team and your customers. With Sentry, you can focus on what you do best: building and scaling software that makes your users’ lives better.

Custom applications typically need access to other resources in Azure, such as databases, REST APIs, and other PaaS services.  Azure AD allows you to create applications that function as service principals which enable your application to authenticate with Azure AD and can be granted roles within your subscription to provide access to resources in a secure way.

In the past, using the classic Azure Service Management API, Azure required you to create a self-signed management certificate and upload it to the portal to be used to authenticate an administrator.  This model has been replaced with the new ARM model.  Now you must authenticate as your service principal to Azure AD.  Your service principal must then be granted the necessary RBAC role in your subscription to gain access to resources.

Service principals can be authenticated by Azure AD either by:

1.  A Client ID and Secret.  The "Configure" tab in the Azure AD "Application" entry will display the applications Client ID as well as the option to create keys that function as the application secret.

AAD Config

2.  A certificate. Using PowerShell, you can upload and bind a certificate to an Azure AD principal that can be used for authentication. PowerShell ScriptOnce you have created your service principal, you can then use the ADAL library from just about any language or platform to authenticate using your credentials or your certificate to get back a JWT token which you can then use to authorize your application to just about any Azure resource

What’s the best way to boost the efficiency of your product team and ship with confidence? Check out this ebook to learn how Sentry's real-time error monitoring helps developers stay in their workflow to fix bugs before the user even knows there’s a problem.

Like This Article? Read More From DZone

Steps to Implement OAuth2.0 in Mule Applications
OAuth2 With In-Memory and PostgreSQL Database Example, Part 1
Getting Access Token for Microsoft Graph Using OAuth REST API, Part 1

Free DZone Refcard

Improving Web Performance With Varnish
DOWNLOAD
Topics:
azure ad ,oauth 2.0

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

Performance Partner Resources

The Essentials of Container Monitoring: Learn the 4 principles of application containerization.
Container Monitoring and Management eBook: Read about the new realities of containerization.
Take the Chaos Out of Container Monitoring. View the webcast on-demand!
Unraveling the Mystery: How to Predict Application Performance Problems
Using APM to Reduce the Frequency and Duration of Outages
DoorDash's Strategy for Monitoring Code from End to End
5 Steps to Build a Process-Centric IT Organization
3 Tools for Monitoring in a Connected Enterprise
How Developers Close the User Experience Loop
Blog Post: 4 System Monitoring Best Practices
Prezi on Building an Incident Log to Resolve Issues Faster
Detecting Java Application Performance Trends

Performance Partner Resources

The Essentials of Container Monitoring: Learn the 4 principles of application containerization.
Container Monitoring and Management eBook: Read about the new realities of containerization.
Take the Chaos Out of Container Monitoring. View the webcast on-demand!
Unraveling the Mystery: How to Predict Application Performance Problems

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone