You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.

Configure Azure AD Auth for MyTasks App Services

Owned by Phillip Hanegan
May 13, 2021
2 min read

As part of the deployment process, the MyTasks app services need to be configured for Azure AD authentication using the service principal application you registered for MyTasks in Azure AD.

Configure Azure AD Auth for the MyTasks Front-End App Service

  1. Log in to your Azure portal as a user with the necessary permissions to configure the MyTasks app services you created earlier.

  2. In Azure, navigate to the MyTasks Front-End (UI) App Service.

  3. On the navbar, under Settings, select Authentication / Authorization and turn on App Service Authentication.

  4. Under Action to take when request is not authenticated, select Log in with Azure Active Directory.

  5. Under Authentication Providers, click Azure Active Directory.

  6. For Management mode, select Express > Select Existing AD App and then click Azure AD App.

  7. Search for and select the MyTasks application you registered in Azure AD and then click OK.

  8. Click OK on the main Azure Active Directory Settings page.

  9. Click Save to save the new App Auth settings.

  10. Back in the Overview page for the App Service, click Get Publish Profile. You will need this file when you publish the EmpowerID microservice to Azure.

     

Configure Azure AD Auth for the MyTasks Back-End App Service

  1. In Azure, navigate to the MyTasks Back-End (API) App Service.

  2. On the navbar, under Settings, select Authentication / Authorization and turn on App Service Authentication.

  3. Under Action to take when request is not authenticated, select Log in with Azure Active Directory.

  4. Under Authentication Providers, click Azure Active Directory.

  5. For Management mode, select Express > Select Existing AD App and then click Azure AD App.

  6. Search for and select the MyTasks application you registered in Azure AD and then click OK.

  7. Click OK on the main Azure Active Directory Settings page.

  8. Click Save to save the new App Auth settings.

  9. Under API in the navbar, select CORS and then select Enable Access-Control-Allow-Credentials.

  10. In the Allowed Origins field, enter the URL for the MyTasks Front-End (UI) service application. The URL should look similar to https://mytasks-ui-app.azurewebsites.net, where mytasks-ui-app.azurewebsites.net is the URL to your app service.

  11. Click Save to save the updated settings.

  12. On the navbar, under Settings, select Configuration.

  13. On the Application settings tab, click New application setting.

  14. In the Add/Edit application setting modal, enter EID_Base_Url in the Name field and the base URL of your EmpowerID server, such as https://sso.empoweriam.com in the Value field and then click OK.

  15. Repeat steps 14, 15 and 16, adding the following additional application settings:

  16. When finished adding the above required settings, click Save and then Continue.

  17. Navigate to the Overview page for the app service and click Get Publish Profile. You will need this file when you publish the microservice to Azure.

IN THIS ARTICLE

Next Steps