In this article, we will understand about app registration with Azure, the purpose, the steps involved and finally how to build bridge with FO and finally an example.
So, what's the necessity to do these activities like application registration or app registration with Azure in Azure Active Directory or Entra ID? What's the logic behind it?
Let's understand!
The simple answer is to facilitate authentication and authorization of applications. This process provides an identity for this new application with Client ID and Secret instead of giving a specific person's or admin's login details directly for accessing API. As we all know Microsoft offers robust identity platform. So, for any communication to happen between applications there should be some authentication, and this process helps and facilitates the things.
Let's see the registration process and understand how a bridge can be built from Azure to FO via Entra applications.
To register any application in azure Portal, the account which we are using to sign in should have admin role.
Steps to register an application in Azure Portal.
- Log into https://portal.azure.com. A home page will appear with some important services of Azure are listed like Creating new resource, App Registrations, Virtual machines, Resource Groups, Cosmos DB etc.
- Click on the hamburger on the top left of the screen and click Microsoft Entra Id (Earlier this is Azure Active Directory) to get the Tenant Id. Under Overview tab > Basic Information Tenant ID can be found which must be noted for this process.
- Under the Manage tab click on the App Registrations or this can also be navigated from home page from services too.
- Click on New registration on the plus Symbol on the top. Relevant name should be given and select relevant Account Types. The Supported account types provide the access so that only those accounts can use this API or the application.
- The redirect URL can be left as blank since it is optional. Then click on Register.
- From the newly created application, note down the Application (client) ID. Directory (tenant) ID can also be noted from here.
- Now under the Manage > Certificates and Secrets. Now click on Client Secrets then on New Client Secret.
- Add Description and set the Expiry and click on Add. This creates the Secrets for the application. Note down the Client Secret Value which is beside the Expired column and only visible on the first-time creation.
Important things to make a note from above:
- Tenant ID
- Client ID (Application ID)
- Client Secret (Client Secret value)
The next step is to inform FO that this is the Application or API from which communication happens to it. For this, below are the steps.
Steps to register an application in FO.
To use this app or API to access data from respective FO, we need to register this in our FO in Microsoft Entra ID Applications (earlier Azure Active Directory Applications) under Setup of System Administration Module.
A new record with Client ID (Application ID), relevant Name of the application and the User to whom has the permission to call this API will be selected from dropdown.
This is the way, a connection between FO and new application can be made and upon this we can build many integrations so that we can build communication between FO and any 3rd party application via azure using logic apps or function apps.
Example and Understanding
So, let's say we have postman as external 3rd party application. We need to access some data from FO perhaps by some entity. We use the above account details like App ID and secret(password) to connect with FO and access the Entities. As this registration provides the authentication and access level, we are good to go with and now Postman can speak to FO via this bridge.
We'll talk more above these things in coming blogs.
Stay tuned :)
