In this article, we will prepare a simple disconnected
application. We will also use the Apporetum External Integration UI to create and authenticate to Entra ID (formerly Azure Active Directory) to leverage external APIs.
Write powershell to authenticate to Apporetum's API​
# Set variables for the app's client ID and redirect URI
$clientId = "your-client-id"
$redirectUri = "your-redirect-uri"
# Set the resource URI for Entra ID (formerly Azure Active Directory)
$resourceUri = "https://management.azure.com/"
# Set the OAuth 2.0 authorization endpoint
$authority = "https://login.microsoftonline.com/common/oauth2/authorize"
# Create a new authentication context
$authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority
# Request an OAuth 2.0 access token
$authResult = $authContext.AcquireTokenAsync($resourceUri, $clientId, $redirectUri).Result
# Get the access token from the authentication result
$accessToken = $authResult.AccessToken
# Use the access token to authenticate to the Entra ID (formerly Azure Active Directory) app
Connect-AzAccount -AccessToken $accessToken
This code assumes that you have already set the $clientId
and $redirectUri
variables to the appropriate values for your Entra ID (formerly Azure Active Directory) app. It also assumes that the Azure PowerShell module is installed on your machine.
To sign in using OIDC, the code creates an AuthenticationContext object and uses it to request an OAuth 2.0 access token for the app's resource URI. It then retrieves the access token from the authentication result and uses it to authenticate to the Entra ID (formerly Azure Active Directory) app using the Connect-AzAccount
cmdlet
Creating an Entra ID (formerly Azure Active Directory) App Registration​
To create an Entra ID (formerly Azure Active Directory) App Registration, follow these steps:
- Go to the Azure portal and sign in with your Microsoft account.
- Click on the "Azure Active Directory" link in the left-hand navigation panel.
- In the "Azure Active Directory" blade, click on the "App registrations" link.
- Click on the "New registration" button.
- In the "Register an application" blade, enter a name for your app and choose whether you want to support single or multi-tenant scenarios. Then, click the "Register" button.
- In the "Overview" blade for your app, copy the "Application (client) ID" and save it for later use. This is a unique identifier for your app.
- Click on the "Authentication" link in the left-hand navigation panel for your app.
- In the "Authentication" blade, scroll down to the "Redirect URIs" section. Click on the "Add a platform" button and choose the type of platform that your app will run on (e.g. "Web", "Desktop", "Mobile").
- In the "Configure" blade for the platform you chose, enter a redirect URI for your app. This is the URL that Azure will redirect users to after they have signed in.
- Click on the "Save" button to save your changes.