Reputation: 1925
Setting ASP.Net 5 Authentication AppId and AppSecret Configuration in Azure Websites
I'm getting an Error 500 due to missing AppId and AppSecret on my Azure websites deployment.
How do I set this up on the server? Copying the project.json file seems to be insufficient.
On the development machine, the AppId and AppSecret values were added to configuration through SecretManager.
UPDATE: I have now hardcoded the AppId and AppSecret values in code as the way its done in previous versions and of course this still works. Eventually, I'd like to still be able to use SecretManager (or something similar) for setting the config values on the server, for obvious security reasons.
Upvotes: 1
Views: 1048
Answers (2)
Reputation: 12790
This was troubling me also. The documentation is unclear. However, I discovered the solution when trying to figure out the same issue with the connection string:
https://stackoverflow.com/a/31341718/567524
(You can use the code there to display your config settings from Azure website and debug them, which is how I figured this out.)
Basically, MVC 6 no longer uses web.config so Azure does not work in the same way. Instead, Azure App Settings are available through the Environment Variables:
// Get the environment variables (which is how we will access Azure App Settings)
configuration.AddEnvironmentVariables()
Now environment variables from Azure are mapped to specific keys. For example, an Azure connection string setting becomes:
// The Azure Connection string called "NAME" will be accessible here in MVC 6
Data:NAME:ConnectionString
This is great because the default MVC 6 template uses the same pattern Data:NAME:ConnectionString.
Also, for our app settings, if we use a ":" delimiter the environment variable gets mapped to the expected place.
The Azure app setting called "Authentication:Facebook:AppId" will overwrite the config.json value:
"Authentication": {
"Facebook": {
"AppId": "123MyId",...
The key point is that all of this is passed from Azure to MVC 6 through the environment variables. (Which is why the AddEnvironmentVariables() is the last call on the configuration to ensure that it has priority over other values.)
Upvotes: 1
Reputation: 9192
Secrets in Azure Web Apps (Websites) are stored as app settings (and connection strings).
In your code you should use System.Configuration.ConfigurationManager.AppSettings to access them.
You need to specify a local/debug setting in web.config file.
<appSettings>
<add key="AppId" value="appid" />
</appSetting>
And the actual secrets are configured in the Azure management portal as APP SETTINGS.
Upvotes: 2
Related Questions
- App service to app service auth in Azure using Managed Identity
- AzureAppConfiguration does not work with Azure.Identity.TokenCredentials
- Azure Web App deployment for ASP.NET Core using specific appsettings environment
- Configure authentication in azure appservice
- Change Azure website app settings from code
- Using Application settings of Azure App Service resulting into an HTTP 500 error
- Azure App Service Application settings
- Azure App Service - Add Authentication
- Microsoft authentication ID
- Azure App Services Authentication