Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,909 questions
How to authenticate two azure app services that has vue.js and nest.js deployed on them individually
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 97%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
aun
0
Reputation points
We have two app services that hosts a vue.js front-end and a nest.js backend. The issue is that we want the nest.js backend to be secure with entraID and we did implement that, however, when the API is called, it asks the user to be logged in through AAD. On the vue.js front-end, we have implemented MSAL and it works fine.
We want to secure our backend with auth and the front-end as well but want the ability for them to communicate with each other. If they were both in the same azure app service, they could have used the same token but they are deployed differently. Also, can we deploy a node.js and vue.js app on the same app service that uses the same entraID?
Please do help me here, we are really stuck. We tried sending the IDToken, AccessToken and other stuff as a header in the endpoints but we get an error of invalidation.
One of the suggesion is that we have 2 app services, but you should only be using 1 app registration, the roles are defined in the app registration, and you want to share the roles.
How would this work? Kindly help us please..
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 59%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
SnehaAgrawal-MSFT 18,366 Reputation points2024-04-04T16:50:42.52+00:00 @aun Thanks for reaching here! If you had chance to refer to this blog might be helpful-
-
aun 0 Reputation points
2024-04-09T09:55:23.0466667+00:00 Hi Sneha, we did implement this but our client is saying that the app is still not secure only enedpoints are secure. They are stringent on us implementing AzureAD for both but we do not know how to make the two apps connect with each other, can you help us?
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 93%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBG%3C/text%3E%3C/svg%3E)
Ben Gimblett 3,410 Reputation points Microsoft Employee2024-04-09T10:30:11.2533333+00:00 Hi - are the requirements that the front end connect to the backend using the apps own identity/service principal (app to app/client credentials) .
Or, is the backend required to see some user context, in other words the access token should be associated with the Entra/AAD logged in user (via open id connect)? -
aun 0 Reputation points
2024-04-25T12:46:58.2366667+00:00 Hi Ben,
Yes, that is correct. We just want two apps to connect with each other. We are using the same MSAL app on both of them but it does not authenticate, it gives us an error. The backend also expects us to sign in through MSAL even when we have signed in from the front-end. How to go about this?
How can we use azure so that our two apps (one backend in nest) and one backend in vue deployed in separate apps talk to each other? We want the backend to be protected. Issue is that it does not have an auth layer, for example, sending or generating a token first to call it.
Sign in to comment