如何将应用服务应用程序配置为使用 Microsoft 帐户登录How to configure your App Service application to use Microsoft Account login

本主题说明如何将 Azure 应用服务配置为使用 Microsoft 帐户作为身份验证提供程序。This topic shows you how to configure Azure App Service to use Microsoft Account as an authentication provider.

将应用注册到 Microsoft 帐户 Register your app with Microsoft Account

  1. 登录到 Azure 门户并导航到应用程序。Log on to the Azure portal, and navigate to your application. 复制 URL,随后会用于使用 Microsoft 帐户来配置应用。Copy your URL, which later you use to configure your app with Microsoft Account.

  2. 在 Microsoft 帐户开发人员中心内导航到我的应用程序页,然后根据需要使用 Microsoft 帐户登录。Navigate to the My Applications page in the Microsoft Account Developer Center, and log on with your Microsoft account, if required.

  3. 单击“添加应用”,键入应用程序名称,并单击“创建”。Click Add an app, then type an application name, and click Create.

  4. 记下“应用程序 ID”,因为稍后将要用到。Make a note of the Application ID, as you will need it later.

  5. 在“平台”下,单击“添加平台”,然后选择“Web”。Under "Platforms," click Add Platform and select "Web".

  6. 在“重定向 URI”下,提供应用程序的终结点,然后单击“保存”。Under "Redirect URIs" supply the endpoint for your application, then click Save.

    Note

    重定向 URI 是应用程序 URL 加上路径 /.auth/login/microsoftaccount/callback。Your redirect URI is the URL of your application appended with the path, /.auth/login/microsoftaccount/callback. 例如,https://contoso.chinacloudsites.cn/.auth/login/microsoftaccount/callbackFor example, https://contoso.chinacloudsites.cn/.auth/login/microsoftaccount/callback.
    请务必使用 HTTPS 方案。Make sure that you are using the HTTPS scheme.

  7. 在“应用程序机密”下,单击“生成新密码”。Under "Application Secrets," click Generate New Password. 请记下显示的值。Make note of the value that appears. 关闭页面后,就不再显示该值。Once you leave the page, it will not be displayed again.

    Important

    密码是一个非常重要的安全凭据。The password is an important security credential. 请不要与任何人共享密码或者在客户端应用程序中分发它。Do not share the password with anyone or distribute it within a client application.

  8. 单击“保存” Click Save

将 Microsoft 帐户信息添加到应用服务应用程序 Add Microsoft Account information to your App Service application

  1. 返回 Azure 门户,导航到应用程序,然后单击“设置” > “身份验证/授权”。Back in the Azure portal, navigate to your application, click Settings > Authentication / Authorization.

  2. 如果“身份验证/授权”功能未启用,请将它切换为“打开”。If the Authentication / Authorization feature is not enabled, switch it On.

  3. 单击“Microsoft 帐户”。Click Microsoft Account. 粘贴前面获取的应用程序 ID 和密码值,启用应用程序所需的任何范围(可选)。Paste in the Application ID and Password values which you obtained previously, and optionally enable any scopes your application requires. Then click OK.

    默认情况下,应用服务提供身份验证但不限制对站点内容和 API 的已授权访问。By default, App Service provides authentication but does not restrict authorized access to your site content and APIs. 必须在应用代码中为用户授权。You must authorize users in your app code.

  4. (可选)若要限制只有通过 Microsoft 帐户身份验证的用户可以访问站点,请将“请求未经身份验证时需执行的操作”设置为“Microsoft 帐户”。(Optional) To restrict access to your site to only users authenticated by Microsoft account, set Action to take when request is not authenticated to Microsoft Account. 这会要求对所有请求进行身份验证,所有未经身份验证的请求将重定向到 Microsoft 帐户进行身份验证。This requires that all requests be authenticated, and all unauthenticated requests are redirected to Microsoft account for authentication.

  5. 单击“保存” 。Click Save.

现在,可以使用 Microsoft 帐户在应用中进行身份验证。You are now ready to use Microsoft Account for authentication in your app.