Open in app

Sign in

Write

Sign in

Securing an API using OAuth 2.0 in Azure API Management

Part 2: Configuration of an Application (Client App) in Azure AD for Consumer

Rushank Karekar
2 min readNov 26, 2020

Introduction

Configuring OAuth 2.0 for your APIs hosted in Azure API Management adds an extra layer of security and prevents unauthorized access. This is a very important configuration form Security point of view for your Endpoints and is provided out of the box by Azure. This is the second part of a series of Blogs on Securing your API using OAuth 2.0 in Azure API Management. Please go through all the parts to find easy and detailed steps that will help you configure the OAuth 2.0 Authentication.

Grant permissions in Azure AD

Now that you have registered two applications to represent the API and the Developer Console, you need to grant permissions to allow the client-app to call the backend-app.

1. Go to the Azure portal to grant permissions to your client application. Search for and select APP registrations.

2. Choose your client app. Then in the list of pages for the app, select API permissions.

3. Select Add a Permission.

4. Under Select an API, select My APIs, and then find and select your backend-app.

5. Under Delegated Permissions, select the appropriate permissions to your backend-app, then select Add permissions.

6. Optionally, on the API permissions page, select Grant admin consent for <your-tenant-name> to grant consent on behalf of all users in this directory.

Links to All Blogs of this Series

Part 1: Configuration of Applications in Azure AD https://bi-fixes.medium.com/securing-an-api-using-oauth-2-0-in-azure-api-management-bcc91f4f4591

Part 2: Configuration of an Application (Client App) in Azure AD for Consumer https://bi-fixes.medium.com/securing-an-api-using-oauth-2-0-in-azure-api-management-407b021ae729

Part 3:OAUTH 2.0 Server setup https://bi-fixes.medium.com/securing-an-api-using-oauth-2-0-in-azure-api-management-ad63c6072b40

Part 4:Testing using Developer Portal and JWT Policy Configuration https://bi-fixes.medium.com/securing-an-api-using-oauth-2-0-in-azure-api-management-bd3c410bedd1

Oauth In Azure
Aapim Authentication
Authentication
Securing Apis In Azure

--

--

Rushank Karekar
Rushank Karekar

Written by Rushank Karekar

9 Followers
2 Following

Working as a Senior Azure Engineer with Hands-on experience on Azure Integration Services, Azure Data Engineering, Power BI, SSRS, SSIS and Tibco Scribe.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams