Last time we used Azure Active Directory for authenticating real users, this time let’s do something similar but instead of doing it for real users let’s do it for Server Side authentication, basically allow one service authenticate with another one, server side, thanks to Azure Active Directory.
Prerequisites
- You have already a working service that uses Azure Active Directory for Authentication, this is the service we are going to connect to, this is the server, make sure you have its
Application ID
- You are familiar with Azure Active Directory, so you can follow the setup instructions below
Setting it up
- Similar to the server, register a new
Azure Active Directory
, there’s no need to input a Redirect URI, this is the client - Edit that newly created app, go to the
Certificates & secrets
section (on the left side), and add a New client secret save this value somewhere, this is the secret
For allowing everything to work we will need three things:
resource
: the serverApplication (client) ID
,client_id
: the clientApplication (client) ID
, andclient_secret
: the client secret (value fromCertificates & secret
).
Conclusion
Take a look at the existing repository, the important bits are the following:
- The Server, similar to the other one except this one does not consider the GUIDs.
- The Client, uses the
Service-to-service access token request
workflow to request for posting the request to the server