I am writing this blog to demonstrate a step-by-step procedure for creating a simple Web API and using it with Azure ADAL.
Step 1
Open Visual Studio and create a new ASP.Net Web Application. Click Ok
Step 2
In the Next Window Select Web API template as shown below and Click Ok
Step 3
Now your sample Web API has been created successfully. By default you can see three controllers in your project.
In my case I am going to create a new Controller and name it as "DynamicsController.cs"
Click Add. Next you can define Routing as per our requirement. But as of now I am using default routing . Reference : Web API Routing
Step 4
We have created Sample Web API which will return "success" as a string. Now we have to publish it in Azure. Right Click on the project and Click Publish
But before publishing make sure you have the Azure Subscription.
Select Azure Web Apps and Click Next. Select the required Azure Subscription and Resource Group and Click Publish .
Now the Web API app has been successfully hosted In Azure.
Step 5
Open portal.azure.com . Navigate to App Service you can see the hosted app in the list.
Step 6
Click and open the app you hosted. You can see a list of Ribbon Buttons, Scroll Down to Authentication/Authorization.
On the right side turn on app service authentication -> Select Login with Azure Active Directory. Refer to the below screen shots.
Step 7
Now comes the important steps to follow. (The is the step where most developers lose their way.)
We have enabled Azure Authentication, now we have to create an app in Azure Active Directory to access our Web API.
Issue
Most of the blogs I Googled are about creating a single AAD App as a type Web app and using it for consuming a hosted Web API. But in most cases it won't work as expected.
So follow the steps carefully.
Important
Create two AAD Apps with application type as Web App/Api.
- Select Azure Active Directory in Authentication Provider
- In the next window select Express as shown below,
- Select Create New AD App and populate the Name in Create App TextBox and Click Ok and Save.
- Now we have successfully created the app to access Custom Web API (Assume it's a Parent App).
- Navigate to Azure Active Directory -> Click App Registration.
- In the list you can see the app which we created before.
- Open the App and copy the Client Id, which is required while consuming our web API.
- Application Id is the Client Id here.
- Navigate to (Settings-> Owners) Check whether you are the owner of the App.
- Navigate to (Settings-> Required Permission) By default you will have Delegate permission for Window Azure Active Directory API .
Step 8
Next we have to create a new app in AAD for accessing the app which we created before. (Assume this is Client Side App; i.e used to access our Parent AAD App)
- Navigate to Azure Active Directory -> Click New App Registration.
- Select Application Type as Web app/API as shown below.
- Click Create.
Step 9
Now we have created two Apps in AAD. (Assume first one is Parent and second one is Client)
Open the client App. Navigate to Settings->Required Permission.
Click Add as shown.
Select API and Search for Parent App and Select the app and click ok.
In the next window allow delegate permission for the app as shown below.
Grant permission as show below.
Step 10
Now we have to create Client Secret Key for the Client App.
Navigate to Keys-> Create New Secret Key as shown Below and Click Save.
Once saved the secret key will be visible; copy the key.
Note
Client Id (Application Id) and Client Secret Key will be used to authenticate our Web API in code while consuming.
SUCCESS
We have successfully created Web API App and Hosted in Azure with ADAL. I will write the next blog to demonstrate how to consume Custom Web Api with Azure ADAL in CRM Plugin.
Overview
- Created a new Web API App.
- Hosted in Azure.
- Created two Apps in AAD (Parent and Client).
- Authenticated Web API App with Parent App AAD.
- Allow permission to Client AAD App by adding Parent AAD App.
- By using Client AAD App (Client Id & Client Secret Key) we can consume our hosted Web API.
Hope it's helpful. Happy Coding. #Herbi_Coder