Clever Geek Handbook

Promote an Azure site using Azure Active Directory from a staging environment

I have an azure site authenticated with Azure Active Directory and my goal is to deploy it to a staging slot, which is then promoted to production. However, when I deploy it to the staging slot, it is treated as a separate application in my Azure AD. When I advertise the environment, the Reply URL in the Azure AD application remains the same, so my production site is now redirected back to the staging bucket after logging in.

It would help if I could customize the app url in the app settings on the site, which can be configured in the azure-website framework itself. I tried adding ida: RedirectURI to my app settings and it had no effect.

+1


source to share


1 answer


I am assuming you are using the Organizer features for the Visual Studio Publishing Tools. Right? Which version of VS are you using? The walkthrough varies from version to version, but gives you a general explanation of what's going on:

  • You can bypass the creation of a new app at publish time by opting out of the publishing wizard's organizational functions
  • In this case, you need to make changes manually
    • You can go to the Azure portal, find your Azure AD tenant, find the apps tab, identify your app entry, click on setup, scroll to the return URLs section, and add your URLs for the intermediate / prod / any other URL. which you want the ability to use
    • Go back to your project, now you need to tell the personal data library to use your return url instead of leaving the default. If you are using VS2013 you are using WIF, so you need to find the WIF config element and enter a new response attribute as shown below.



<system.identityModel.services>
    <federationConfiguration>
      <cookieHandler requireSsl="true" />
      <wsFederation passiveRedirectEnabled="true" issuer="https://login.windows.net/developertenant.onmicrosoft.com/wsfed" realm="https://developertenant.onmicrosoft.com/blah"
reply="https://mynewURL" requireHttps="true" />
    </federationConfiguration>
  </system.identityModel.services>
Run code


If you are using OWIN instead, the place you would enter would be different - but before writing it down, I will give you the opportunity to confirm if the above project matches your project :) HTH, V.

+2


source






More articles:


All Articles