Share via

How to register an IIS service with Azure App Proxy to call it with SOAP

이 현무 60 Reputation points
2024-12-07T08:41:45.1033333+00:00

Each time you use a specific service in your mobile app, you need to call the service registered with Azure App Proxy.

I use MSAL on the login page at the beginning of the app to get an identity token,

I am putting this token in the Soap request header and trying to make the call.

But whenever I call it with the token in the header, the login page responds.

The two images below are the ID token and Access token returned by MSAL, respectively. Both tokens respond to the same login page when tested with Postman.

User's image

User's image

User's image

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Raja Pothuraju 43,660 Reputation points Microsoft External Staff Moderator
    2024-12-10T23:45:12.8033333+00:00

    Hello @이 현무,

    Thank you for posting your query on Microsoft Q&A.

    Based on your description, it appears that you are trying to call a service configured with Microsoft Entra Application Proxy. You mentioned using the MSAL library to authenticate users and acquire security tokens for an application. After authentication, you successfully obtained an ID token and an Access token, which allowed you to make SOAP header requests. You also noted that these calls worked successfully when tested with Postman.

    If the token you generated has the correct permissions to authorize SOAP requests, the calls will succeed with a 200 response. Since you confirmed that both the ID token and Access token worked for SOAP header requests, it is crucial to ensure that the scope parameter in your authentication request is correct. The scope parameter determines the permissions granted to access the required resources.

    The context of your query is not entirely clear, as far I understood if you would to use Microsoft Entra application proxy the use case for app proxy is it enables secure remote access to on-premises web applications by configuring an Entra Application Proxy Connector on your on-premises server. This allows users to access on-premises applications from external networks without needing to connect to a VPN.

    To implement the Application Proxy in your Azure tenant, you can refer to the following documentation for detailed guidance:

    1. What is Microsoft Entra Application Proxy?
    2. Deploy Azure Application Proxy
    3. Step-by-step guide to adding an on-premises application
    4. Azure Application Proxy setup guide

    I hope this information is helpful. Please feel free to reach out if you have any further questions.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Thanks,
    Raja Pothuraju.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.