Azure App Services trusted connection to SQL Azure

Question

I have a web application hosted in Azure App Services (allowing anonymous access) that I need to connect to a SQL Azure DB through a TRUSTED CONNECTION. My business will not allow me to store a password in the web.config (hence the "trusted connection" requirement). Can someone please point me in the right direction?

UPDATE: We are using Azure AD. I have looked into running the app under an AD account (can't figure out how to do this). I have also tried to find what account the app is running under so I can add that to the DB (can't figure this out either)

Have you looked at this? https://learn.microsoft.com/en-us/azure/sql-database/sql-database-aad-authentication — CSharpRocks, Feb 15 '17 at 22:55

score 4 · Accepted Answer · answered Feb 16 '17 at 19:01

Active Directory IS the answer you're looking for- you'll want to do Token Authentication.

The short explanation is that your application needs to be registered with Azure Active Directory (AAD), and that you need to create a SQL login for the application that maps to the AAD principal; the application using the token (certificate) is able to authenticate as the AAD principal and will be able to connect to the database.

We created a tutorial that covers the ability to connect without putting a password in your config- you'll need to use a certificate. This demo covers how to do it with a self-signed/self-created cert.

Azure App Services trusted connection to SQL Azure

1 Answers1