Create BizTalk Services using the Azure portal
Microsoft Azure BizTalk Services (MABS) is being retired, and replaced with Azure Logic Apps. If you currently use MABS, then Move from BizTalk Services to Logic Apps provides some guidance on moving your integration solutions to Logic Apps.
If you're brand new to Logic Apps, then we suggest getting started here:
To sign in to the Azure portal, you need an Azure account and Azure subscription. If you don't have an account, you can create a free trial account within a few minutes. See Azure Free Trial.
Create a BizTalk Service
Depending on the state of the BizTalk Service, there are some operations that cannot be completed. For a list of these operations, go to BizTalk Services State Chart.
- Install the certificate on a local computer
- Add a production-ready certificate
- Get the Access Control namespace
Install the certificate on a local computer
Add a production-ready certificate
Get the Access Control namespace
When you deploy a BizTalk Service project from Visual Studio, you enter this Access Control namespace. The Access Control namespace is automatically created for your BizTalk Service.
The Access Control values can be used with any application. When Azure BizTalk Services is created, this Access Control namespace controls the authentication with your BizTalk Service deployment. If you want to change the subscription or manage the namespace, select ACTIVE DIRECTORY in the left navigation pane and then select your namespace. The task bar lists your options.
Clicking Manage opens the Access Control Management Portal. In the Access Control Management Portal, the BizTalk Service uses Service identities:
The Access Control service identity is a set of credentials that allow applications or clients to authenticate directly with Access Control and receive a token.
The BizTalk Service uses Owner for the default service identity and the Password value. If you use the Symmetric Key value instead of the Password value, the following error may occur.
Could not connect to the Access Control Management Service account with the specified credentials
Managing Your ACS Namespace lists some guidelines and recommendations.
These requirements do not apply to the Free Edition.
|What you need||Why you need it|
|Azure subscription||The subscription determines who can sign in to Azure. The Account holder creates the subscription at Azure Subscriptions.
The Azure account can have multiple subscriptions and can be managed by anyone who is permitted. For example, your Azure account holder creates a subscription named BizTalkServiceSubscription and gives the BizTalk Administrators within your company (for example, ContosoBTSAdmins@live.com) access to this subscription. In this scenario, the BizTalk Administrators sign in to the Azure, and have full Administrator rights to all the hosted services in the subscription, including Azure BizTalk Services. The BizTalk Administrators are not the Azure account holders and therefore don't have access to any billing information.
Manage Subscriptions and Storage Accounts in Azure provides more information.
|Azure SQL Database||Stores the tables, views, and stored procedures used by the BizTalk Service, including the Tracking data.
When you create a BizTalk Service, you can use an existing Azure SQL Server, Azure SQL Database, or automatically create a new Server or Database.
The SQL Database scale is automatically configured. Typically, the default scale is sufficient for a BizTalk Service. Changing the scale impacts pricing. See Accounts and Billing in Azure SQL Database
|Azure Access Control namespace||Authenticates with Azure BizTalk Services. When you deploy a BizTalk Service project from Visual Studio, you enter this Access Control namespace. When you create a BizTalk Service, the Access Control namespace is automatically created.|
|Azure Storage account||Gives access to tables, blobs, and queues used by your BizTalk Service to save the following:
When you create a BizTalk Service, you can use an existing Storage account or automatically create a new Storage account.
The default Storage settings are sufficient for a BizTalk Service.
When you create a Storage account, a Primary Key and Secondary Key are automatically created. These Keys control access to your Storage account. The BizTalk Service automatically uses the Primary Key.
See Storage for more information.
|SSL private certificate||
When an Azure BizTalk Service is created, an HTTPS URL that includes your BizTalk Service name is also created. This URL is automatically configured to use a self-signed development-only certificate. For production, you need a private SSL certificate.
Important SSL Certificate Information
When sending the production certificate request to your certification authority, give the following certificate properties:
A new or different certificate can be added after the BizTalk Service is created.
When you create an Azure BizTalk Service, the Hybrid Connections tab is available:
Hybrid Connections are used to connect an Azure website or Azure mobile service to any on-premises resource that uses a static TCP port, such as SQL Server, MySQL, HTTP Web APIs, Mobile Services, and most custom Web Services. Hybrid Connections and the BizTalk Adapter Service are different. The BizTalk Adapter Service is used to connect Azure BizTalk Services to an on-premises Line of Business (LOB) system.
See Hybrid Connections to learn more, including creating and managing Hybrid Connections.
Now that a BizTalk Service is created, familiarize yourself with the different BizTalk Services: Dashboard, Monitor and Scale tabs. Your BizTalk Service is ready for your applications. To start creating applications, go to Azure BizTalk Services.