Adding Service Principal in Azure AD programmatically - authentication

Until now I have been adding my Azure ACS as a Service Principal in Azure AD through PowerShell. I need to automate the process through code but I am struggling to find a way to do it programmatically.
I can see that the PowerShell command-lets use https://provisioningapi.microsoftonline.com/ProvisioningWebService.svc for performing all tasks but there is no documentation around it. I was able to capture the traffic in Fiddler but was not able to recreate the tokens and the bindings being used.
Is there any other recommended way to do this kind of stuff?
Thanks!

Er - automation IS powerShell!
Oer are you saying you want to use Azure Automation?

Related

Can we access data from Dialogflow Agent using API key?

I am trying to integrate the dialog flow agent with a middleware bot. However, due to some issue, I am not able to use service account keys and have to find some alternate method for communication of APIs, Can we use API keys for this purpose?
One solution is to use a solution such as Cloud Endpoint or API Gateway (which is a Cloud Endpoint fully managed, same configuration, same features for now).
I wrote an article on Coud Endpoint with ESPv2 on Cloud Run

for Xamarin Forms, is there a REST API for queries, or do I have to create endpoints?

I would like to connect a Xamarin Forms app to a cloud DB and submit queries (or updates, etc) to the DB via some sort of REST API, where the info passed to the DB is a query, not and endpoint.
I'm seeing plenty of documentation on using various packages to communicate via endpoints, which means I would have to setup those endpoints on my cloud DB. But I don't see anything on using freeform queries.
I realize that in the long run, free form queries are not going to be as efficient. But they would sure make dev & debugging easier. Is there a way to do this ?
Which cloud service are you using? If it's AWS, check out Lambda. In Azure, Azure Functions is Equivalent. You can use that to create a serverless endpoint.

(How) does On-Behalf-Of authentication flow work with Azure App Service Managed Identities?

I'm looking into securing both my Web Application and Web API running on Azure, using Azure Managed Service Identities.
However, I am wondering if the On-behalf-of authentication flow works in this case?
I can't find any clear documentation on either answer.
OBO using managed identities is not supported.

Windows Azure - sql database with api

I have SOAP services with data. I want to download all data from that service and upload it to my own server and then use these data from my server (don't worry I have permission for that). I want to do it because now I don't have function from that service which I need.
I want to use Windows Azure for this and I think SQL Database scenario would be best. Now I have classes for previous SOAP service so I think EF Code first would help me with creating database and I upload data somehow. But what about API? How can I access my data from windows phone or tablet? Is azure database enought or I must create more? Is there any good article for that?
I think what you are saying, is that you are aggregating data from several sources and storing the information in your own database. And, you would like your database to be Azure Database. Then, you want to build an API to expose the data you retrieved.
If this is indeed your goal, then yes, Azure will do everything you need. I'd recommend checking out Web API in conjunction with your Azure deployment. I've used this scheme with some success over the past year.
Warning: You should know that Azure Database does not have an SLA which means that Microsoft does not guarantee any level of performance including transactions/second. This means that if your API has a high load, you could end up getting throttled heavily in an unpredictable way. I've been bitten by this before and ended up moving my data to Azure Table Storage instead.
Windows Azure gives you a few options to expose an API to your mobile clients:
You could build an API yourself with the ASP.NET Web API (and use SQL Azure as backend): Mobile-friendly REST service using ASP.NET Web API and SQL Database
You can use Windows Azure Mobile Services, this does all the heavy lifting of building a backend for you

Does JBoss have a user management API which I can use?

I am going to run a Web App on JBoss App Server 7. Does JBoss have some sort of inbuilt user management module/API which I can use rather than code my own? Or do I have to make this module myself. I know about the default JAAS pieces providing authentication AND authorisation, however I am looking to manage, add, edit, delete users from the datasource as well.
I'm not being lazy or anything, just want to know if JBoss has an easy inbuilt way before I start :)
Google implies no so I want to make sure by asking here.
As far as I know they don't provide any easy to managed identity provider, they "only" provide way to connect to identity provider using standard protocol like LDAP, SAML and WS-trust, openid to provide container managed authentication.
They have a idm project but it seems to provide standard protocol SSO identity backed by some identity store but doesn't provide way to manage the users.
PicketBox and PricketLink are the tow JBoss project you should look for more information.
These element can be used if you want to use global identity system, existing one, new product deployment or custom build.
(disclaimer: I have sped some time on Picket* projects documentation and I still don't think I get a good knowledge on how it works... )
There is a web interface and a command line interface for management operations. See the Management Clients section of the documentation.
The security realms could be what you're after. I'm not really a security expert though.
Maybe a security domain could be helpful too.