Ops / IT Pro
Please note: An updated version of this course is available here.
There's a lot of effort that goes into keeping our applications available, and secure. That's why so many cloud vendors offer platforms for hosting web-based applications. If you're building web apps, APIs, mobile backends, or business processes then you should consider looking into App Service! App Service has a lot of functionality. It meets compliance standards from around the world, it's highly scalable, it supports multiple languages and makes it easy to get your code deployed.
This Getting Started with Azure App Service course it's basically an intro, but for developers and IT Pros. In this course, you'll learn about the features of App Service at a high level as well as for each component. Then you'll learn about each of the 4 components of App Service through some demos. If you're a developer or IT Pro working with Azure, but new to App Service, this course is for you.
This course will help get you up-to-speed on App Service so that you can start developing / managing apps.
Getting Started With Azure App Service: What You'll Learn
|Lecture||What you'll learn|
|Course Intro||What to expect from this course|
|App Service Overview||A high-level overview of App Service|
|Web, Mobile, API App Overview||A high-level overview of Web, Mobile, API Apps|
|Logic App Overview||A high-level overview of Logic Apps|
|Mobile Apps: Easy Tables||How to use Easy Tables as a "no-code" option|
|Mobile Apps: Client||Running the client code from an iOS simulator|
|Mobile Apps: .NET Backend||Using a .NET backend|
|Mobile Apps: Auth||Using authentication with App Service|
|API Apps||Creating API Apps|
|Logic Apps||Automating business processes|
|Web Apps||Authentication and remote debugging|
|Deployments||Deployment slots and GitHub based deployments|
|Monitoring and Logging||Monitoring and logging options|
|Scaling||Scaling up and out|
|Next Steps||What's next|
Welcome back! In this lesson we’ll check how to get started with Authentication and Authorization in App Service.
When it comes to auth with app service, the recommended method is to use the built in mechanism. Using the built in auth allows us to authenticate at the service, controller and or method level.
Let’s start out in the portal and check out the authentication and authorization blade. At the moment auth is disabled so let’s start by enabling it. For this example I’ll be using Azure AD, however you can try out any of these options, though you’ll need to configure it yourself.
Once this is enabled these additional options appear. The first is the action to take for the service itself. That means if you enable authentication at this level the user needs to be logged in just to use the app.
At the moment auth is enabled, however we haven’t configured the application or API calls to require it. So let’s see how things work in the mobile simulator. I’m going to jump forward to when this has loaded in the simulator...and welcome back.
Pulling down on this page will attempt a refresh, which will make a GET request to the API. And it looks like it’s successful, which is what we’d expect. Let’s see what happens if we require auth at the application level, so let’s head back into the portal and set the service level action.
Let’s set it to Login with Azure Active Directory and save.
Okay back to the client code, I have the simulator running, and I’ve set the breakpoint in the refresh code. Now let’s try refreshing the view in the simulator...and there we go, we’ve hit the breakpoint. Hovering over the message variable, you can see the message indicates that we don’t have permissions for the service.
We need to add some code in the mobile app to kick off the auth process, so let’s do that.
I’m going to paste in some code straight from Azure’s documentation, starting with properties for a MobileServiceUser.
Next we need to create an Authenticate method that will kick of the auth process. With the mobile service provider you can select whichever provider you’ve configured. In this case we’ll use the Azure Active Directory option.
The next thing we need is to edit the view controller and make it so the auth code is called when the data is loaded. So, I’ll comment out the call to RefreshAsync in the view did load, and then update the refresh method to include a call to the authenticate method we added to the service. And now, the user will be prompted to authenticate when the app fetches the data, but because we commented the refresh call out, it won’t just pop up first thing. Let’s test this out.
The app has loaded, so now pulling down on this view should cause a login page to render...and there it is!
If I login, it should then complete the auth process allowing the app to interact with the data, and fetch the todo items...and there it is!
Using service level auth is great for non-production environments. For example if you have a staging deployment slot and you don’t want prying eyes looking at it, you can lock it down with Azure AD at the service level.
However in a production app you’ll often just require authentication for specific API calls, and to do that you can use the Authorize attribute on either the Controller or methods. Then you’ll want to edit the mobile code to make sure you can fire off the login screen before making the API call. Seeing it in action is no different than what we just did, so I’m not going to bother. However I recommend taking the time to try it out for yourself.
Okay that’s going to wrap up this lesson, as well as this section on Mobile App development. In the next lesson we’ll take a look at API apps. So if you’re ready to switch gears towards learning API apps, then let’s get started in the next lesson!
About the Author
Ben Lambert is a software engineer and was previously the lead author for DevOps and Microsoft Azure training content at Cloud Academy. His courses and learning paths covered Cloud Ecosystem technologies such as DC/OS, configuration management tools, and containers. As a software engineer, Ben’s experience includes building highly available web and mobile apps. When he’s not building software, he’s hiking, camping, or creating video games.