Reputation: 1573
Azure App Authentication
I have created an Xamarin Android App with an Azure App Service back end. When I looked at securing the connection, I don't really care about individual users, but I want to make sure that only someone running my app can access the database. Is there a way to authenticate the app itself rather than individual users? What is the best practice in this scenario?
Upvotes: 0
Views: 101
Answers (1)
Reputation: 1865
If you don't care about user, there are a few approaches and the security level may vary. If you want to simplify integration and deployment among Azure services, you should consider using Azure AD as an identity and access management in your entirely system. That said, your back-end and Xamarin app are authorized and authenticated via Azure AD. You need to register your native app in Azure AD which you can refer here https://learn.microsoft.com/en-us/azure/active-directory/active-directory-application-proxy-native-client
Another approach is to use certificate-based authorization against Azure Active Directory, which is more controlled and security rather than client secret. In this case, persons installing your app must also install certificate before sending request to Azure App Service and retrieve database from Azure SQL Database. The level of authorization is free of choice, but the first gateway is always Azure AD.
Upvotes: 1
Related Questions
- Web API Authentication for Xamarin Mobile app
- Acces Azure stored web api from xamarin android
- Authenticating a Xamarin Android app using Azure Active Directory fails with 401 Unauthorzed
- Azure Mobile App with ASP.NET Identity
- Authentication - Xamarin.Forms, Azure Mobile Apps
- Azure REST API App with authentication for easy access from Mobile app (Xamarin.forms)
- Azure Mobile App Service Authentication
- Azure Mobile Apps custom authentication
- Azure Mobile App Authentication using Xamarin
- Azure Mobile App engaging Xamarin Authentication