Reputation: 181
Can't access Azure Appservice protected by AAD from Postman
I have an app service say https://blahablah.azurewebsites.net to which I have hosted an ASP. Net web api project(An api that returns list of to do items by GET request), so that I can access the API without any authentication using https://blahablah.azurewebsites.net/api/TodoItems as i had TodoItems as my controller.
Now when I create an Azure AD and set Advanced Authentication of the app service; I can't access the api on the previous endpoint; When I use postman with the client id, secret, auth and token endpoints, it says my redirect URL is not valid;
So what should be my redirect URL? How can i successfully send a GET request from POSTMAN?
Update 1: My endpoints were wrong, and I corrected it to login.microsoftonline.com instead of login.microsoft.com, so I'm getting the access token, but when I'm sending a get request to above api with that token in header, it still says 401 unauthorised. And i'm using redirect url as https://www.getpostman.com/oauth2/callback
Update 2: Here is my configuration
1)I have 2 AAD apps: blahablahAAD aap and PostmanAAD app
2)For app service, blahablah i use the first AAD app thru Express authentication of Azure Active Directory;
3)I have made https://blahablah.azurewebsites.net/api as the first AAD app's Application ID URI, and hence am able to expose https://blahablah.azurewebsites.net/api/TodoItems with TodoItems as scope.
4)I have added the API to "API permissions" of the first AAD app; (uptil now it works well in browser asking me for login and then taking me to the endpoint;)
5) For the PostmanAAD, I use it's client id,secret in Postman and get the token; I send it as request header to API;but it failss
6) I have added PostmanAAD's client id in "Expose API->add client application" of blahablahAAD.
7) I have done step 4 for PostmanAAD also
8) I have granted admin consent to all in default directory.
Note: I haven't added any authorization related code to my ASP .NET web api project that i hosted as app service, but i believe i can access it without writing code(as in AAD will do the task for me).
Upvotes: 1
Views: 639
Answers (1)
Reputation: 20067
Set resource url as the guid of the azure ad app instead of application id url.
Click azure ad app and choose Application Id in Overview.
Upvotes: 1
Related Questions
- Not able to connect to azure from postman application - 403 forbidden error
- App services with Active Directory Authentication enabled is not working
- Validating token from Azure App Service through postman returns 401
- I'm having problems authenticating with Managed Service Identity to an Azure App Service secured with AAD
- AAD B2C authorized Web Api test with Postman fails
- Authorization error trying to connect to Azure Web App
- Getting access denied when accessing Azure Web App via token
- 401 error when authenticating to an Azure API App using AAD
- Unable to use bearer token to access AAD-secure Web API
- Accessing authenticated Azure API APP