Protecting APIs with OAuth2 in API Management

I’ve been playing a lot lately with Azure API Management. Recently, a customer asked me about the following scenario: They wanted to expose a Web API through API Management API Management should enforce and validate that an OAuth2 token was provided by the caller The underlying API did not know...

Decoding Application Gateway Certificates

Recently, I wanted to write a PowerShell script that would check expiration on the certificates assigned for SSL/TLS on Azure Application Gateway resources. Obtaining the certificates is easy through the SslCertificates property of the Application Gateway instance. However, it took me a while to figure out how to actually extract...

Logic Apps KeyVault Connector - Part 3

This is part 3 of my series of articles on implementing a custom Logic Apps connector. Read part 1 and part 2. By this point, I’ve implemented and deployed the WebApi application that implements the custom connector, and configured the necessary applications and permissions in Azure Active Directory. It’s time...

Logic Apps KeyVault Connector - Part 2

In part 1 of this series of posts, I introduced the idea of implementing a custom Logic Apps connector as a way to get familiar with the challenges involved. The initial part revolved around the ASP.NET Core WebApi implementation. In this second part, I’d like to discuss a bit about...

Azure SQL authentication with a Managed Service Identity

On a previous article I discussed how to use a certificate stored in Key Vault to provide authentication to Azure Active Directory from a Web Application deployed in AppService so that we could authenticate to an Azure SQL database. With the introduction of Managed Service Identity, this becomes even easier,...

Creating an Event Hub destination using Event Grid in ARM

In a previous post, I presented a few ways to create Azure Event Grid resources using Azure Resource Manager (ARM) templates. Today, support for sending grid events to Azure Event Hubs rather than to an HTTP-based WebHook was announced. Obviously, I wanted to try this out as quick as possible!...

Logic Apps KeyVault Connector - Part 1

Azure Logic Apps now supports writing custom connectors, which are just custom REST APIs for which you can customize the experience so that they feel like the built-in Logic Apps connectors. I wanted to give try my hand at writing one, so decided on a simple use case: Writing a...

Azure Managed Service Identity - Querying in ARM Template

In a previous post I was lamenting not having a way to obtained the managed service identity generated for an Azure resource, such as a Azure SQL logical server or a Web App from the Azure Resource Manager (ARM) template itself. The issue was that the reference() function in an...

Unable to locate registry entry for adalsql.dll file path

A couple of days ago I was testing with a customer using Azure Active Directory integrated authentication to Azure SQL Database through the SQL Server ODBC drivers. On one test machine, we kept getting an error similar to this: Microsoft ODBC Driver 13 for SQL Server : SQL Server Network...

Permissions needed to create a Web App on an ASE

Documenting this here in case I run into this again. While working with a customer that is taking advantage of App Service Environment to host internal applications on Azure with connectivity to their Express Route connection, we ran into an issue when trying to setup permissions so that selected users...