Protecting a web-app with AzureAD

Deploying a web application on azure is incredibly easy these days. You can handle everything, including creating a whole new web app and app service directly from Visual Studio. A lot of times we deploy these small web apps as internal tools for our team or company but we must not forget about securing those behind a log-in so that they are not accessible to anyone trying out domains at azurewebsites.net

Luckily, as easy as it is to deploy said web apps, it’s also very easy to protect them behind a login page with no code and no hassle, thanks to the built-in Authentication Provides that the Azure Web App offers.

In this quick intro, we’ll be using the AzureAD module to enable login to our web app

1. Create your web application and deploy your website
2. Navigate to the Authentication/Authorization blade
   
3. Enable authentication. You can choose from multiple login providers, but in our case, we’ll go with AzureAD
   
4. Create a new AzureAD app in Express mode (we’ll check advanced settings in a later step).
   
5. Save all settings.
6. Done! Your website now requires you to log in with your domain’s credentials before you can access it.