Azure AD Authentication Secured API | Test Using Postman

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[MUSIC] Hi! This is Aziz Kapadia from ... Sharp Programmer. In this video we will learn how to Register an API app in ... Azure Active Directory and test it using Postman client. It will cover below topics Register an API app in Azure Active Directory Expose API scopes Register Postman Client app with Azure AD Configure Postman Client App permissions Configure Postman to obtain Access token Run API locally and Test it using Postman. Download the solution from GitHub. GitHub reposotory Link is in the description. Here is the repository on GitHub. Clone or download it on local computer. After cloning or unzipping files, navigate to the src folder and open solution in Visual Studio. We will fill in these setting values in appsettings files ... after registering API app in the Azure Active Directory First, we will register Catalogue api with Azure AD. Login to Azure portal and open Azure active directory blade. Click on App registrations blade Click on + New Registration link Enter ‘Gherkin.Catalogue.Api’ in Name textbox Select this option for Supported account types ... which allows users from multiple tenants Leave the redirect URI blank and click on Register button Now click on 'Expose an Api' link in the Application Menu Blade Click on ‘Add a scope’ link, Azure opens a panel at the ... right hand side It displays an ID URI something like 'api://' followed by an unique identifier we can use this as it ... is or we can define our own uri. But this URI should be unique. Leave it as it is and click on 'Save and continue' button Enter 'Products.View.All' in the Scope name textbox Select 'Admins and users' for Who can consent Enter 'View all products' in Admin consent display ... name and user consent display name textboxes Enter 'Allows the app to get all products' in Admin consent description and User consent description textboxes Leave State Enabled and click on Add scope button A scope will be added in the list Open appsettings.json file of Gherkin.Catalogue.Api project Open 'Gherkin.Catalogue'.Api app registration overivew blade Copy Application (clinet) ID value and paste it in the ... appsettings file's Client Id setting value. Copy Tenant ID value and paste in the appsettings file's ... TenantId setting value. Now we will register the Postman client app which will ... call secure API. Switch to Azure Portal and open Azure Active Directory - ... App Registrations blade. Click on + New Registration in property information blade command bar. Enter 'Gherkin.Catalogue.PostmanClient' in the Name textbox Select same third option for the Supported account types Enter 'https://getpostman.com/oauth2/callback' in the Redirect URIs text box. As a matter of fact we can enter any valid uri here. We just need to make sure that same uri is used in the ... Postman while obtaining access token. Click on Register button at the bottom of the page Once registration is done, go to Authentication property blade Select ID Tokens checkbox and click on Save button at the top Now, go to API Permissions ... property blade, and click on + Add a ... permission link Azure opens a new pannel at the right hand side of the screen Select My APIs tab and then select Gherkin.Catalogue.Api ... app from the list Select Delegated permission, Azure displays all the ... delegated permissions, here it is only one Select Products.View.All checkbox and click on Add ... permissions button at the bottom Once permission is added then go to Certificates & Secrets property blade Click on + New client secret button Leave description blank and Expires in 1 year selected and ... click on Add button Copy the newly added secret and store it somewhere safe, it will not be visible once we leave the app registration blade. We will now configure Postman app to obtain access ... token from Azure Active Directory Open Postman app. First we will create an environement for the request Click on Manage Environments icon Click on Add button Enter Gherkin.Catalogue.Api-Test in ... the environment's name filed Create these variables and fill in the values from the Azure ... Active Directory Copy Client Id and Tenant Id from ... 'Gherkin.Catalogue.PostmanClient' App registration overview blade. Paste it in Initial value and current value settings of ... clienId and tenantId variables in environment. Also copy saved secret and paste in environment ... clientSecret variable's initial value and current value fields. Also fill in Products.View.All api scope with complete URI here. Click on Add button to save the environment. Close the environments window. Select the Gherkin.Catalogue.Api-Test ... environment from the list. Open a New tab to create new Request Select Authorization Select OAuth2.0 from the Type Add authorization data to setting should display ... Request Headers On the righ-hand side of the authorization settings fill in ... these setting values as displayed in this slide. It would look like this. Strings in double curly braces ... are the variables which we defined in the Environment. Postman will replace it with the current values while ... sending request. Switch to Visual Studio solution. Make sure Gherkin.Catalogue.Api project ... is setup as startup project Press F5 key or run the project using this button Once project is running Then switch to Postman Press this Get New Access Token button You will get prompt to login to Azure, Complete authentication process using your Azure credentials It will also display consent screen. Click on Accept button to continue You should get the token Click on Use token button Token will be added in headers check the Authorization header here. Now we can call the secured api Enter url for Products api endpoint here Click on send button and it should be able to get products from the api. I hope you enjoyed the video Please leave your commects and suggestion below Thanks for watching, Please subscribe the channel ... and hit the bell icon to get notified for the new videos [Music]
Info
Channel: Sharp Programmer
Views: 33,148
Rating: undefined out of 5
Keywords: Azure AD, Azure AD Authentication, Azure AD OAuth, Postman, PostmanTest, Postman API Test, How to use Postman, Test Azure AD, test azure ad with postman, azure active directory, azure active directory tutorial
Id: y8KzO3htIgs
Channel Id: undefined
Length: 9min 9sec (549 seconds)
Published: Mon Jan 04 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.