Java SDK to login to Azure using the microsoft login Id and password

Alex, Alexon 71 Reputation points
2020-06-15T10:18:01.31+00:00

Is there Java SDK exists for Azure, to login to Azure using the microsoft login Id and password (used to login in portal). I need to login programatically to Azure using these login id and password, so that i can do some operations on my storage account.

If no Java SDK, which SDK can be used ?

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,774 questions
Azure Stack Hub
Azure Stack Hub
An extension of Azure for running apps in an on-premises environment and delivering Azure services in a datacenter.
180 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,920 questions
0 comments No comments
{count} votes

Accepted answer
  1. soumi-MSFT 11,736 Reputation points Microsoft Employee
    2020-06-16T07:57:00.173+00:00

    @AlexAlexon-4788, Thank you for sharing the details, but its still not clear as what type of application is this. Is this a WebService, or its a console application that is running on your server?

    When you say that your application wont have an UI, by that I am going with an assumption that its a console app and for console app you can consider the following code samples: https://github.com/Azure-Samples/ms-identity-java-desktop/tree/master/

    It has two samples in it:

    1. Username-Password-Flow
    2. Integrated-Windows-Auth-Flow

    The username-password flow can be used with any OS platforms like Linux or Windows. In this sample you would find the following section in the file UsernamePasswordFlow.java

     private final static String CLIENT_ID = "<client/app Id of the registered app in AAD>";
     private final static String AUTHORITY = "https://login.microsoftonline.com/common/";
     private final static Set<String> SCOPE = Collections.singleton("");
     private final static String USER_NAME = "<user-name>>";
     private final static String USER_PASSWORD = "<Password>";
    

    If you see here there are two static attributes named as USER_NAME and USER_PASSWORD, so here you put the username and the password of the user who would be accessing the application and then you get an access-token issued by AAD for that user.

    In the second sample "Integrated-Windows-Auth-Flow", you would only be required to add the username and using the Windows Integrated Auth i.e Kerberos and then fetching a access-token from AAD by submitting that kerberos token received earlier. In this case the users that are being used to authenticate must be synced to Azure AD via AD Connect so that same users identities can be found both on your on-prem infrastructure and in your Azure AD Tenant also.

    Note: Both these samples uses MSAL4J that is the Microsoft Authentication Library for Java implementations.

    Hope this helps.

    In case you feel that the above assumption is not correct and you are using some other type of application, please do share the details about the type of application so that we can help further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.

    0 comments No comments

5 additional answers

Sort by: Most helpful
  1. Leon Laude 85,686 Reputation points
    2020-06-15T10:23:10.913+00:00

    Hi,

    You'll find all the available Azure SDKs over here:
    https://azure.microsoft.com/en-us/downloads/

    Here's the reference for the Azure SDK for Java:
    https://learn.microsoft.com/en-us/java/api/overview/azure/?view=azure-java-stable

    Best regards,
    Leon

    0 comments No comments

  2. soumi-MSFT 11,736 Reputation points Microsoft Employee
    2020-06-15T10:30:07.547+00:00

    @AlexAlexon-4788, Yeah you can use the MSAL4J library for using Microsoft Identity Platform in your JAVA application. You can find the details below:

    Hope this helps.

    Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.

    0 comments No comments

  3. Alex, Alexon 71 Reputation points
    2020-06-16T04:07:49.913+00:00

    Thanks @soumi-MSFT , @LeonLaude .... May be I am not clear about my question.

    My application is a backend application (running on premises), which wont have any UI for the user to enter his credentials / login.

    I was looking for 1) Using Java, login to my Azure account (microsoft user id + password) 2) Able to do operations on my storage account

    0 comments No comments

  4. Alex, Alexon 71 Reputation points
    2020-06-16T19:10:40.363+00:00

    @soumi-MSFT , this really helped me. I was looking for the solution which is mentioned as "Username-Password-Flow".

    I have created a service principal, and using "username + password + client id", i generated a token. With this token + RBAC permission for my user (as Storage Blob Contributor), I am able to do blob CURD operations with in MY account.

    I want to extend this solution for multi tenant storage account. The user which I created above has provided with RBAC permission for another tenant (assume as Tenant-2) storage account (Storage account contributor, Storage blob contributor).

    My assumption was, using the same token generated in the first step, I should be able to do CURD operations on Tenant-2 storage account (Since Tenant-2 has provided RBAC permissions for my user). But this doen't worked. It reports an authentication error - "Issuer validation failed. Issuer did not match".

    In JWT token, the token issuer/signer was my tenant-id. Still not sure, why RBAC doen't work ?

    Any suggestions, please comment,

    0 comments No comments