Java SDK to login to Azure using the microsoft login Id and password

Alex, Alexon 71 Reputation points
2020-06-15T10:18:01.31+00:00

Is there Java SDK exists for Azure, to login to Azure using the microsoft login Id and password (used to login in portal). I need to login programatically to Azure using these login id and password, so that i can do some operations on my storage account.

If no Java SDK, which SDK can be used ?

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,714 questions
Azure Stack Hub
Azure Stack Hub
An extension of Azure for running apps in an on-premises environment and delivering Azure services in a datacenter.
179 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,562 questions
0 comments
Accepted answer
  1. soumi-MSFT 11,716 Reputation points Microsoft Employee
    2020-06-16T07:57:00.173+00:00

    @AlexAlexon-4788, Thank you for sharing the details, but its still not clear as what type of application is this. Is this a WebService, or its a console application that is running on your server?

    When you say that your application wont have an UI, by that I am going with an assumption that its a console app and for console app you can consider the following code samples: https://github.com/Azure-Samples/ms-identity-java-desktop/tree/master/

    It has two samples in it:

    1. Username-Password-Flow
    2. Integrated-Windows-Auth-Flow

    The username-password flow can be used with any OS platforms like Linux or Windows. In this sample you would find the following section in the file UsernamePasswordFlow.java

     private final static String CLIENT_ID = "<client/app Id of the registered app in AAD>";
 private final static String AUTHORITY = "https://login.microsoftonline.com/common/";
 private final static Set<String> SCOPE = Collections.singleton("");
 private final static String USER_NAME = "<user-name>>";
 private final static String USER_PASSWORD = "<Password>";

    If you see here there are two static attributes named as USER_NAME and USER_PASSWORD, so here you put the username and the password of the user who would be accessing the application and then you get an access-token issued by AAD for that user.

    In the second sample "Integrated-Windows-Auth-Flow", you would only be required to add the username and using the Windows Integrated Auth i.e Kerberos and then fetching a access-token from AAD by submitting that kerberos token received earlier. In this case the users that are being used to authenticate must be synced to Azure AD via AD Connect so that same users identities can be found both on your on-prem infrastructure and in your Azure AD Tenant also.

    Note: Both these samples uses MSAL4J that is the Microsoft Authentication Library for Java implementations.

    Hope this helps.

    In case you feel that the above assumption is not correct and you are using some other type of application, please do share the details about the type of application so that we can help further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.

    0 comments

5 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. soumi-MSFT 11,716 Reputation points Microsoft Employee
    2020-06-18T08:49:11.727+00:00

    @AlexAlexon-4788, Apologies for the delay in my response. In case you want to extend the current application for other tenants, you would have to turn the app-registration for this app to multitenant app from single tenant app.

    10128-multitenantoption.png

    Once this app is configured as multitenant, users from other tenants would be able to access this app and authenticate to it using their tenant user IDs. Once the users from other tenant signs into this app, a service principal for this app would get created in their tenant and then on that service principal you can apply the RBAC roles. For the user authentication, it would reach out to that other tenant and fetch a token from that other tenant when the user of that tenant puts in the creds.

    Points to note:

    In your current application's code, where you have mentioned the authority like "https://login.microsoftonline.com/{tenant-id}" you need to modify that and put in the following "https://login.microsoft.com/common". If you are following the same sample that I have shared with you above, you would that that sample has the following variable defined: " private final static String AUTHORITY = "https://login.microsoftonline.com/common/" " in the UsernamePasswordFlow.java. This is required for the application code to behave has multitenant.

    Hope this helps.

    Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.

    0 comments