Get started with Azure AD authentication by using the Azure portal

media services logo


Note

Update your Azure Media Services REST API and SDKs to v3 by 29 February 2024. Version 3 of Azure Media Services REST API and client SDKs for .NET and Java offers more capabilities than version 2. We’re retiring version 2 of the Azure Media Services REST API and client SDKs for .NET and Java.

Action Required: To minimize disruption to your workloads, review the migration guide to transition your code from the version 2 API and SDKs to version 3 API and SDK before February 29th, 2024. After February 29th, 2024, Azure Media Services will no longer accept traffic on the version 2 REST API, the ARM account management API version 2015-10-01, or from the version 2 .NET client SDKs. This includes any 3rd party open-source client SDKS that may call the version 2 API. Learn about the latest version, starting with the Media Services v3 Overview.

Learn how to use the Azure portal to access Azure Active Directory (Azure AD) authentication to access the Azure Media Services API.

Prerequisites

When you use Azure AD authentication with Azure Media Services, you have two authentication options:

  • Service principal authentication. Authenticate a service. Applications that commonly use this authentication method are apps that run daemon services, middle-tier services, or scheduled jobs: web apps, function apps, logic apps, APIs, or a microservice.
  • User authentication. Authenticate a person who is using the app to interact with Media Services resources. The interactive application should first prompt the user for credentials. An example is a management console app used by authorized users to monitor encoding jobs or live streaming.

Access the Media Services API

This page lets you select the authentication method you want to use to connect to the API. The page also provides the values you need to connect to the API.

  1. In the Azure portal, select your Media Services account.
  2. Select how to connect to the Media Services API.
  3. Under Connect to Media Services API, select the Media Services API version you want to connect to.

Authenticates a service using an Azure Active Directory (Azure AD) app and secret. This is recommended for any middle-tier services calling to the Media Services API. Examples are Web Apps, Functions, Logic Apps, APIs, and microservices. This is the recommended authentication method.

Manage your Azure AD app and secret

The Manage your AAD app and secret section lets you select or create a new Azure AD app and generate a secret. For security purposes, the secret cannot be shown after the blade is closed. The application uses the application ID and secret for authentication to obtain a valid token for media services.

Make sure that you have sufficient permissions to register an application with your Azure AD tenant and to assign the application to a role in your Azure subscription. For more information, see Required permissions.

Connect to Media Services API

The Connect to Media Services API provides you with values that you use to connect your service principal application. You can get text values or copy the JSON or XML blocks.

User authentication

This option could be used to authenticate an employee or member of an Azure Active Directory who is using an app to interact with Media Services resources. The interactive application should first prompt the user for the user's credentials. This authentication method should only be used for Management applications.

Connect to Media Services API

Copy your credentials to connect your user application from the Connect to Media Services API section. You can get text values or copy the JSON or XML blocks.