Azure AD service principal authorization

siva pokuri 21 Reputation points
2021-03-18T20:50:32.867+00:00

Use case -

  1. We have Azure App service/function "App1" exposed to clients via WSO2 API Manager.
  2. There is a client application called "App2" deployed with in Azure AD subscription. Let's say another Azure App service

Can we use App2 service principal to consume App1(which is exposed via WSO2 API Manager)?

I know we can authorize App2 to consume App1 directly if there is no external API manager(WSO2 API manager). But, with the WSO2 API manager in between the communication. Is it possible?

Appreciate any inputs on this.

Thanks

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,757 questions
No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Marilee Turscak-MSFT 20,676 Reputation points Microsoft Employee
    2021-03-19T20:15:18.797+00:00

    Hi @siva pokuri ,

    There is no official guide for this but it looks like someone created a Medium post detailing how to do this. https://medium.com/@athiththan11/wso2-api-manager-azure-ad-oidc-sso-82a8126c6446

    Let me know if that looks like what you're trying to do.

    No comments

  2. siva pokuri 21 Reputation points
    2021-03-21T03:37:12.267+00:00

    Hi MarileeTurscak,
    Thanks for your reply.

    The medium post you shared it talking about Azure authentication to developer portal.

    But, what i'm looking is that in Azure there is service principal authorization between Azure AD services line Azure App service App & Azure function. Question here is when we have WSO2 API manager to communicate between both Azure services we we still do the Service principal authorization? Or do we need to go with client credentials authentication?

    Thanks
    Siva Pokuri.

    No comments