Registration of TodoListService and TodoListWebApp with Azure AD tenant

Now let's look at how to register TodoListService.

In this step, we will add TodoListService with Azure AD tenant. To achieve this, log in to the Azure management portal, then do the following:

  1. Click on App registrations. Click on the Add button. It will open the Create pane, as depicted here:
  1. Provide all the mandatory details as displayed in the preceding screenshot and click on the Create button at the bottom of the Create pane. While we are providing a sign-on URL, make sure that you are providing it for your app. In our case, TodoListService is a microservice, so we won't have a special sign-in URL. Hence, we have to provide the default URL or just the hostname of our microservice. Here we are going to run the service from our machine, so the localhost URL will be sufficient. You can find the sign-in URL once you right-click on project URL under TodoListService project and navigate to Web, as shown in the following diagram:
A sign-in URL in Azure portal should have the trailing /; otherwise, you may face an error, even if you execute all the steps correctly.
  1. If you deploy your service with the Microsoft Azure App Service plan, you will get a URL that is similar to https://todolistservice-xyz.azurewebsites.net/. You can later change the sign-on URL if you deploy the service on Azure.
  2. Once you click on the Create button, Azure will add the application to your Azure AD Tenant. However, there are still a few more details that need to be completed for finishing the registration of TodoListService. So navigate to App RegistrationTodoListService | Properties. You will notice that there are a few more additional properties, such as App ID URL, which has been provided now.
  1. For the App ID URL, enter https://[Your_Tenant_Name]/TodoListService, replacing [Your_Tenant_Name] with the name of your Azure AD tenant. Click on OK to complete the registration. The final configuration should look like this: 

Now we move on to the registration of TodoListWebApp:

  1. First, we register TodoListWebApp. This is necessary since we are going to use OpenID Connect to connect to this browser-based web application. So we need to establish the trust between the end user, that is, us and TodoListWebApp.
  2. Click on App registrations. Click on the Add button. It will open up the Create pane, as depicted in the following screenshot. Fill in the sign-in URL as https://localhost:44322/.

 

  1. Once again, as in the TodoListService  registration, we will be able to view most of the additional properties once we create the web app. So, the final properties configuration will look like this:
  1. A setting to note here is the logout URL: we set it as https://localhost:44322/Account/EndSession.
    This is because after ending the session, Azure AD will redirect the user to this URL. For the App ID URL, enter https://[Your_AD_Tenant_Name]/TodoListWebApp, replacing [Your_AD_Tenant_Name] with the name of your Azure AD tenant. Click on OK to complete the registration. 

 

  1. Now we need to set up permissions between TodoListWebApp so that it can call our microservice: TodoListService. So, navigate to App Registration | TodoListWebApp | Required Permissions again and click on Add. Now click on 1 Select an API. This navigation is displayed in the following screenshot. You need to key in ToDoListService for it to show up in the API pane:
  1. Now you will be able to view the Enable Access pane, where you have to tick for Access TodoListService Permissions under the Delegated Permissions, and Done under the Add API access pane. This will save the permissions.