Share via

Azure Application Proxy - Pre-Authentication with Azure AD - programmatic access - no end user

Paul Davis 25 Reputation points
2023-08-11T08:57:58.3833333+00:00

Hi,

We have a batch job that currently accesses an Internal API for data and the batch job will getting be moved into the cloud with the API remaining internal.

Can Azure App Proxy with Azure AD pre-authentication enabled be used to allow access to the Internal API still?

We are assuming that we create an App Registration which would be granted access to the App Proxy registration. The batch job would request a token from Azure AD (providing the client id and secret via something like a client_credentials grant type) and then pass the token through to the App Proxy registration when calling the internal API end points.

Regards Paul

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments
Accepted answer
  1. James Hamil 27,221 Reputation points Microsoft Employee Moderator
    2023-08-15T20:20:15.4233333+00:00

    Hi @Paul Davis , yes, you can use Azure Application Proxy with Azure AD pre-authentication to allow access to the internal API. You can create an App Registration and grant it access to the App Proxy registration. The batch job can request a token from Azure AD using the client ID and secret (e.g., via the client_credentials grant type) and then pass the token to the App Proxy registration when calling the internal API endpoints.

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,

    James

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.