Configure your App Service or Azure Functions app to use Twitter login
This article shows how to configure Azure App Service or Azure Functions to use Twitter as an authentication provider.
To complete the procedure in this article, you need a Twitter account that has a verified email address and phone number. To create a new Twitter account, go to twitter.com.
Sign in to the Azure portal and go to your application. Copy your URL. You'll use it to configure your Twitter app.
Go to the Twitter Developers website, sign in with your Twitter account credentials, and select Create an app.
Enter the App name and the Application description for your new app. Paste your application's URL into the Website URL field. In the Callback URLs section, enter the HTTPS URL of your App Service app and append the path
/.auth/login/twitter/callback. For example,
At the bottom of the page, type at least 100 characters in Tell us how this app will be used, then select Create. Click Create again in the pop-up. The application details are displayed.
Select the Keys and Access Tokens tab.
Make a note of these values:
- API key
- API secret key
The API secret key is an important security credential. Do not share this secret with anyone or distribute it with your app.
Go to your application in the Azure portal.
Select Settings > Authentication / Authorization, and make sure that App Service Authentication is On.
Paste in the
API secret keyvalues that you obtained previously.
By default, App Service provides authentication but doesn't restrict authorized access to your site content and APIs. You must authorize users in your app code.
(Optional) To restrict access to your site to only users authenticated by Twitter, set Action to take when request is not authenticated to Twitter. When you set this functionality, your app requires all requests to be authenticated. It also redirects all unauthenticated requests to Twitter for authentication.
Restricting access in this way applies to all calls to your app, which might not be desirable for apps that have a publicly available home page, as in many single-page applications. For such applications, Allow anonymous requests (no action) might be preferred so that the app manually starts authentication itself. For more information, see Authentication flow.
You are now ready to use Twitter for authentication in your app.
- App Service Authentication / Authorization overview.
- Advanced usage of authentication and authorization in Azure App Service
- Tutorial: Authenticate and authorize users end-to-end in Azure App Service
- Add authentication to your Mobile App: iOS, Android, Windows Universal, Xamarin.Android, Xamarin.iOS, Xamarin.Forms, Cordova.