Azure - Authentication

About

Auth in Azure

For a given tenant (domain), you needs to get a token as credentials.

Access

Your app can access Resource in couple of ways:

  • User + app access: for apps that access resources on behalf of a signed-in user. This approach works for apps, such as web apps and command-line tools, that deal with only “interactive management” of Azure resources.
  • App-only access: for apps that run daemon services and scheduled jobs. The app's identity is granted direct access to the resources. This approach works for apps that need long-term headless (unattended) access to Azure.
  • Getting a token with a user name and password seems to be deprecated.

Scenario

See Application Types and Scenarios

These are the five primary application scenarios supported by Azure AD:

  • Web browser to web application: A user needs to sign in to a web application that is secured by Azure AD.
  • Single Page Application (SPA): A user needs to sign in to a single page application that is secured by Azure AD.
  • Native application to web API: A native application that runs on a phone, tablet, or PC needs to authenticate a user to get resources from a web API that is secured by Azure AD. See sample
  • Web application to web API: A web application needs to get resources from a web API secured by Azure AD.
  • Daemon or server application to web API: A daemon application or a server application with no web user interface needs to get resources from a web API secured by Azure AD.

Property

Mandatory data:

  • tenant ID (tenantID): Ie an ID that represents the active directory.
  • application ID, previously known as client ID (clientID): the service principal client (Example: 04b07795-8ddb-461a-bbee-02f9e1bf7b46)
  • authentication key (authKey) or (client_secret) : the secret associated with the client_id

Others:

Documentation / Reference

Task Runner