Scenario:
1. Registered a Web API in Azure AD to protect it and deployed the code in US region on web app named 'usapi' and having URI as 'usapi.azurewebsites.net'. With this registration, Azure AD will provide a Client Id which will be used to get access token.
2. Provided access of the above Web API to some user called 'A' and now user 'A' can get access token defining the above client id.
Now, I need to deploy the same API in South East Asia region, I will create another web app named 'seaapi' and will deploy the same code. And I believe in order to protect the API, I need to register in Azure AD again and doing so will create a different Client Id.
Now question comes here:
Do I need to provide access of the API deployed in SEA region again to the user 'A'? And even if I will give access, won't the access token needs to be generated with new Client ID, in which case the user needs to know the Client Id of the API deployed in SEA region?
Whats the right approach to achieve the above?
Note: I will route the request of User 'A' either to US or SEA region from Traffic Manager.
@souravmishra-msft @shashishailaj