Voiced by Amazon Polly |
Overview
This article will show how we can programmatically connect to the Azure portal and generate a token for REST API to perform actions. Microsoft provides many ways to connect to the Azure portal. One of them is Azure REST APIs. We will also see how to create app registration and generate a secret value to get authenticated by the authentication service. We will also assign RBAC role to app registration which will help us to perform an action in the Azure subscription.
Customized Cloud Solutions to Drive your Business Success
- Cloud Migration
- Devops
- AIML & IoT
App Registration and Generate Credentials
App Registration provides authorization and authentication to Azure Active Directory. We can provide roles to app registration and get access to the Azure portal. Using App registration, we can get access to any subscription in an Azure AD. This is a very efficient and secure way to authenticate and authorize any external client in Azure. Users can assign any role to app registration and use its credentials to authenticate to the Azure portal.
Credentials in App Registration:
We have a total of 3 IDs in APP registration to get authenticated.
- Subscription ID: This ID is required to authenticate and verify the subscription we are trying to access.
- Client ID: This ID is an app registration unique ID in the Azure directory. We call it as an application ID.
- Tenant ID: This is the Directory ID where the app registration gets created.
Steps to Create App Registration
Note: We need administrator access to Azure AD to create App Registration.
- Log in to Azure portal http://portal.azure.com/
- Search for App Registration.
- Click + New Registration.
- Give a unique name.
- Select supported account types for App registration.
- Leave everything as default and Click Register.
Generating a Secret Value
The secret value is a confidential credential that helps the application authenticate itself to the Azure portal authentication service.
We can generate Secret values or Certificates for authentication. Users can set the time period to a secret value.
Note: Secret value is a very sensitive credential, and never share this with any external user who does not need it or never makes it public.
Providing RBAC Role to App Registration
RBAC: Role-Based access control is a system that helps us provide required or fine-grained access to customers or users according to their jobs. We can create a custom role in Azure and assign it to App Registration.
This article will provide reader access to App registration to list resources in the portal.
Generating Bearer Token using REST API
To access the Azure portal, we need to generate a Bearer access token which will be active for one hour.
Azure provides REST API to generate Bearer tokens using APP Registration Credentials.
To know more about Azure REST APIs, follow: Azure API Management REST API | Microsoft Learn
To generate a bearer token, we can use this REST API and pass the Tenant ID in the API URL: https://login.microsoftonline.com/{TENANT_ID}/oauth2/token
We need to send a post request using the above API to generate an access token. We also need to pass the other three credentials (Client ID, Tenant ID, and Secret ID) in the body of the API.
Get access to the Azure portal Using REST API
Microsoft provides many ways to get access to the Azure portal, and one of them is using Azure REST APIs.
Using REST APIs, we can perform many tasks in the Azure portal, such as listing, creating, and deleting services. We must provide an authorization token in the REST API header to access Azure portals. Also, in the scope section, we must pass the subscription ID where we want to perform those actions.
Example: We are taking one API which will perform listing.
Scope: subscription/{subscription_id}, where subscription_id is your subscription ID.
Conclusion
We have performed many actions in this article to help us understand how to connect to the Azure portal. We created one App Registration Credential that will help us authenticate by azure authentication service. This article will help to generate a Bearer token and perform an action on the Azure portal using REST API. We can list, delete and create services in Azure using Azure REST APIs.
Get your new hires billable within 1-60 days. Experience our Capability Development Framework today.
- Cloud Training
- Customized Training
- Experiential Learning
About CloudThat
CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.
CloudThat is the first Indian Company to win the prestigious Microsoft Partner 2024 Award and is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 850k+ professionals in 600+ cloud certifications and completed 500+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, Microsoft Gold Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, AWS GenAI Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, Amazon ECS Service Delivery Partner, AWS Glue Service Delivery Partner, Amazon Redshift Service Delivery Partner, AWS Control Tower Service Delivery Partner, AWS WAF Service Delivery Partner, Amazon CloudFront Service Delivery Partner, Amazon OpenSearch Service Delivery Partner, AWS DMS Service Delivery Partner, AWS Systems Manager Service Delivery Partner, Amazon RDS Service Delivery Partner, AWS CloudFormation Service Delivery Partner, AWS Config, Amazon EMR and many more.
FAQs
1. Can we create multiple App registration in the Azure portal?
ANS: – Yes, we can create as many as we want.
2. What role do we need to create App Registration in the Azure portal?
ANS: – We need an Administrator role on a subscription account to create App Registration.
3. What action can we perform in Azure using Azure REST APIs?
ANS: – We can perform listing, delete and create Azure services using Azure REST APIs.

WRITTEN BY Kishan Singh
Kishan Singh works as Research Associate (Infra, Migration, and Security) at CloudThat. He is Azure Administrator and Azure Developer certified. He is highly organized and an excellent communicator with good experience in Cyber Security and Cloud technologies. He works with a positive attitude and has a good problem-solving approach.
Praveen Kumar
Feb 24, 2023
Great kishan! Keep it up
Himanshu Kumar
Feb 24, 2023
Really excellent blog!
Amazing content!
Mm