In this series of articles we will access an Azure SQL database using an access token provided by Azure AD.
Why would we even want to do this?
Doing it this way means we DO NOT have to provide a User Id
and Password
in our connection string.
In Part 1 we will create the Azure resources to request an access token from Azure AD, using Postman.
In Part 2 we will create a C# .NET Core 3.0 library that can request an access token from Azure AD.
In Part 3 we will bring it all together and create an Azure Function that will insert a record into Azure SQL database using the access token provided from the C# .NET Core 3.0 library we created in Part 2.
Let’s get started.
Navigate to the Azure Portal.
In the Search Box, Type azure active
and Click Azure Active Directory.
Click App Registrations.
Click New Registration.
Enter a Name and Click Register.
Once the App Registration has been created we will be redirected to the App Registration Overview.
Click Certificates & secrets.
Copy the Value of the secret, we will need that value in a future step.
You will also need to copy the TenantId
and ClientId
.
To get the TenantId
and ClientId
, from the App Registration Click Overview.
Copy the ClientId
, labeled Application (client) ID, and the TenantId
, labeled Directory (tenant) ID.
Now we have everything we need to get an access token!
Open Postman.
Create a new request.
Select POST
for the Method.
Set the URL to https://login.microsoftonline.com/{TenantId}/oauth2/token
.
Click the Body tab and Select x-www-form-urlencoded
.
Add a Key grant_type
and a Value of client_credentials
.
Add a Key client_id
and a Value of TenantId
.
Add a Key client_secret
and a Value of ClientId
.
Add a Key resource
and a Value of https://database.windows.net/
.
Click Send.
If everything was setup correctly, then a response with a Status Code of 200 OK
, along with a body that includes an access_token
, will be returned.
Now on to Part 2.
Discover more from Matt Ruma
Subscribe to get the latest posts sent to your email.
Hi Matt,
Add a Key client_idand a Value of TenantId. (is client id not tenantid)
Add a Key client_secretand a Value of ClientId. (is secret generated on azure portal not client id)
other questions:
Why you do a post and not a get?
Thank you