ChuckConway-5454 avatar image
0 Votes"
ChuckConway-5454 asked sikumars commented

Accessing On Premise Api Through Azure Application Proxy with Azure Directory Enabled Doesn't Work as Documentation Describes

I'm attempting to expose my on-premise APIs with Azure Application Proxy.

I've successfully configured Azure Application Proxy to work with the Pre-Authentication set to Passthrough. When I change the Pre-Authentication to Azure Active Directory I can access the endpoint successfully via a browser. However, when I try calling the on-premise endpoint from code I receive the HTML for the Microsoft Sign-In page. A successful request will return a JSON Response.

I'm following a Microsoft article: Secure access to on-premise APIs with Azure AD Application Proxy

Via an Azure Docs defect, I learned that I have to use "http://localhost" as a value for the RedirectUri and configure my client app as a "Mobile and desktop applications" platform.

 public async Task Successfully_authenticate_but_cant_access_the_proxy()
     // Acquire Access Token from AAD for Proxy Application
     var clientApp = PublicClientApplicationBuilder
         .Create("b510069b-xxxx-xxxx-xxxx-9363xxxxxxxx") //Client Id for Client Application
         .WithRedirectUri("http://localhost") // This must be configured as a "Mobile and desktop applications" platform in the client application
         .WithTenantId("xxxxxx-d4cf-4xxx-xxxx-8dc72cbc00bd") //Not sure if this is needed.
     AuthenticationResult authResult;
     var accounts = await clientApp.GetAccountsAsync();
     var account = accounts.FirstOrDefault();
     IEnumerable<string> scopes = new string[] {""};
         authResult = await clientApp.AcquireTokenSilent(scopes, account).ExecuteAsync();
     catch (MsalUiRequiredException ex)
         authResult = await clientApp.AcquireTokenInteractive(scopes).ExecuteAsync();                
     if (authResult != null)
         //Use the Access Token to access the Proxy Application
         var httpClient = new HttpClient();
         httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", authResult.AccessToken);
         var response = await httpClient.GetAsync("");
         //Failing here. I'm receiving the HTML for the Sign-In page. I'm expecting a response with JSON.
         var responseValue = await response.Content.ReadAsStringAsync();

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for reaching.

I am looking at this thread. I will update you with my findings. Thanks.


1 Vote 1 ·

0 Answers