Share via

App Service user authentication

Jayant Kashid 0 Reputation points
2024-02-09T03:22:34.4166667+00:00

Dear Members, I have set 2 azure app services in newly subscribed tenant. One app service for front end and one app service for API For Front end app service Have given Identify Provider as Microsoft and in token Audience have given API app service app ID For front end App service have added permission user_impersonation for API to connect in App registrations -> API Permissions. have added Microsoft Graph User.Read permission added in App registrations -> API Permissions of both app services. Have added guest User in Microsoft Entra ID to test the app and added same user in Enterprise Applications->Front End App->Users and Groups. With Above setup, Tried login to application, This fails in getting user authenticated for API connection and API are throwing 403 forbidden issue. P.S. Note - Please consider all networking IPs are allowed for both the App services , so 403 is not because of IP is not allowed to access that app service.

Azure App Service
Azure App Service

Azure App Service is a service used to create and deploy scalable, mission-critical web apps.

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ajay Kumar N 28,261 Reputation points Microsoft Employee Moderator
    2024-02-09T18:21:57.4733333+00:00

    @Jayant , Thanks for posting this question.

    Based on my understanding of your issue/scenario description, you have configured App registration, allowed all network IPs, and configured necssarry API permissions, but user authenticating for API connections fail with 404 errors.?

    Just to isolate, WebApp on the same subnet /App service plan? Do the authentication work separately for other frontend App Service?  Just to clarify, do you want to access app services without public access via Microsoft EntrA ID authentication?   If you haven't done, you may leverage App Service diagnostics from Azure Portal> Navigate to your App Service app in the Azure Portal.

    1.In the left navigation, click on Diagnose and solve problems - Review - “Configuration and Management” options.
    2.To begin with, you may leverage App Service diagnostics from Azure Portal> Navigate to your App Service app in the Azure Portal. 

    aLso, review Enable and review logs to fetch more details about the error.
    I have added additional tags to receive insights from the targetted audience/SMEs

    Kindly let us know I ‘follow-up with you further.

    Was this answer helpful?

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.