Securing Webhook endpoint

Question

We are new to azure and we need help with securing our webhook endpoint. We tried following the steps in below webpage but kind of lost on the 1st step itself.

https://learn.microsoft.com/en-us/azure/event-grid/secure-webhook-delivery#deliver-events-to-a-webhook-in-a-different-microsoft-entra-tenant

It says "Create a Microsoft Entra application for the Event Grid subscription writer configured to work with any Microsoft Entra (multitenant)." How do we create Entra application specific to Event Grid subscription?

Answer 1

@RA Thanks for reaching out. I understand that you need help with securing your webhook endpoint in Azure Event Grid. You have followed the steps in the documentation but are stuck on the first step, which is to create a Microsoft Entra application for the Event Grid subscription writer configured to work with any Microsoft Entra (multitenant).

To create a Microsoft Entra application for the Event Grid subscription writer, you can follow these steps:

1. Go to the Azure portal search "App registrations" and then select "New registration".

Enter a name for the application and select "Accounts in any organizational directory (Any Azure AD directory - Multitenant)" as the supported account type.

Enter the redirect URI for the application. This is the URL where Azure AD will send the authentication response after the user signs in. For webhook endpoints, you can use a dummy URL such as "https://localhost".

Select "Register" to create the application.

Once the application is created, note down the "Application (client) ID" and "Directory (tenant) ID". You will need these values later.

Select "Certificates & secrets" and then select "New client secret". Enter a description for the secret and select an expiration date.

1. Note down the value of the client secret. You will need this value later.

then proceed with step 3. do let me know incase of further queries i would be happy to assist you.