Configure Basic Authentication on Azure's App Service
Solution 1
Currently, it is not possible. Azure webapp does not support this.
You could check this feedback.
Solution 2
It is possible to enable Basic Authentication for Azure Web Apps with some settings in the applicationHost.xdt. You can load some modules in this file on the start of your Web App.
Steps:
- Navigate to your WebApp in the Azure Portal
- In the left menu, search for the header Development Tools an select Advanced Tools (Kudu)
- Use the Debug Console > CMD tool, to navigate to the WebApp directory: \home\site
- Create a file named: applicationHost.xdt
- Paste the following:
<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<location path="%XDT_SITENAME%" xdt:Locator="Match(path)">
<system.webServer>
<rewrite xdt:Transform="InsertIfMissing">
<allowedServerVariables xdt:Transform="InsertIfMissing">
<add name="RESPONSE_WWW_AUTHENTICATE" xdt:Locator="Match(name)" xdt:Transform="InsertIfMissing" />
</allowedServerVariables>
<rules xdt:Transform="InsertIfMissing">
<rule name="BasicAuthentication" stopProcessing="true" xdt:Transform="InsertIfMissing" xdt:Locator="Match(name)">
<match url=".*" />
<conditions>
<add input="{HTTP_AUTHORIZATION}" pattern="^Basic dXNlcjpwYXNzd29yZA==" ignoreCase="false" negate="true" />
</conditions>
<action type="CustomResponse" statusCode="401" statusReason="Unauthorized" statusDescription="Unauthorized" />
<serverVariables>
<set name="RESPONSE_WWW_AUTHENTICATE" value="Basic realm=Project" />
</serverVariables>
</rule>
</rules>
</rewrite>
</system.webServer>
</location>
</configuration>
- Change the Basic Auth to your liking (default in example is: user:password)
- Make sure the web.config rewrite rules don't contain
<clear />as this wil remove the effects from the applicationHost.xdt file - Save the file and Stop and Start your WebApp (a simple Restart will not suffice)
Notes:
- Not sure if this works on Linux based WebApps..
- You can add this step to you're deployment pipelines by using FTP
- Update: I've noticed issues with applicationHost.xdt while using it on secondary Web App slots. Only the primary slot seems to work.
Solution 3
Basic Authentication is not currently supported within Azure Web Apps via the Azure Portal.
However DevBridge provides an module which allows Basic Authentication to be enabled.
https://www.alexlindgren.com/posts/password-protect-azure-website-with-basic-authentication/
https://www.alexlindgren.com/posts/password-protecting-azure-websites-revisited/
https://www.devbridge.com/articles/basic-authentication-for-windows-azure-websites/
Source code https://github.com/devbridge/AzurePowerTools/tree/master/Devbridge.BasicAuthentication
Related videos on Youtube
01 : 40 : 38
20 : 08
04 : 29
30 : 07
06 : 47
Tomasz Madeyski
Updated on September 18, 2022Comments
-
Tomasz Madeyski almost 2 years
For different reasons I'm using
Azure's App Serviceto serve static files. I would like to secure this access byHttp Basic Authenticationwhich is enough for my purposes. How can I do that? I tried uploading.htpasswdbut it does not seem to work.I'm not using ASP.NET so no way to do it in code. In Azure's portal I see options like Google, Facebook, Twitter login under App Service -> Authentication/Authorization but it's huge overhead for me.
-
Admin about 2 yearsthis doesn't seem to work on Linux app service plan