Sunday, 4 March 2018

Setting up Azure Active Directory Authentication on Azure Web API.

If we are using the Dynamics 365 in an Enterprise Level , System Integrations with Web APIs are a common scenario. This post will explain on how to set up Azure Active Directory Authentication on Web APIs

1. Register the Web API application in Azure Active directory ,  To do that  Navigate to Azure Portal and Click on 'Azure Active Directory'  -> 'App Registrations'  ->  'New Application registration'

2.  Provide any relevant name and 'Sign On Url' as your Web API Url postfixed by ".auth/login/aad/callback"
then click on create.

Ex: - http://<<your webapi Url >>/.auth/login/aad/callback ,

3.  Once created , The Application Id highlighted below will be the 'Client id' that would be used in the next steps.

4.  From the Azure Portal - Navigate to your Web API that you have already created. Scroll down and click on  'Authentication/Authorization'

5.  Change the 'App Service Authentication' to On , 'Action to take when request is not authenticated' to 'Login with Azure Active directory' and Click on 'Azure Active Directory' Option.

3. In the next screen , Choose the 'Management Mode' as 'Advanced' and Enter the 'ClientId' that is generated from the Step 3 and  Issuer Url. 

Issuer Url Would be same across all your AAD applications and it would be specific to your Organization ,
Update the field with  Issuer URL for your Active Directory postfixed by  TenantId of your Active Directory. TenantId can be obtained by executing PowerShell command 'Get-AzureAccount' or by browsing to your directory from the management portal.


Your API would now prompt for AAD Authentication both from browser and when accessed via code.


  1. I have read this post. collection of post is a nice one Azure Online Training Hyderabad

  2. Nice and good article. It is very useful for me to learn and understand easily. Thanks for sharing your valuable information and time. Please keep updating mulesoft Online Training