Where is the key in new Azure App service?

Asked 6/1, 2016 at 10:41 Answered 12/10, 2016 at 19:5

azure azure-mobile-services azure-app-service-envrmnt

While using the classic Azure Mobile services, you used to get a key along with a URL for your Mobile Service app. This key was also used to explore the APIs on your backend site & was used as a password.

With new Azure App services all you need to instntiate the mobile service client is the URL like below

private static readonly MobileServiceClient MobileService = new MobileServiceClient("https://thecityapp.club");

There is no key *a second parameter that was available with Azure Mobile services. What is now used as password to explore the APIs on the web?

Secretory answered 6/1, 2016 at 10:41 Comment(1)

Update: The key was called Application Key, which is now not available. – Secretory 6/1, 2016 at 12:13

Supreet,

With App Services/Mobile Apps, the application key is no longer used/required, that is why it is no longer available on the portal. You can instantiate the client with the above code and start consuming the service APIs without that information.

For authentication, please refer to this documentation: https://azure.microsoft.com/en-us/documentation/articles/app-service-mobile-windows-store-dotnet-get-started-users/

I hope this helps.

Debidebilitate answered 6/1, 2016 at 18:10 Comment(3)

Pretty frustrating this key has been obsolete for at least four months, apparently, yet the documentation for the HTML/JavaScript client library still says you need an AppKey to instantiate a MobileServiceClient. Stuff like this makes the "Easy Tables" feature of Azure not quite so easy. (azure.microsoft.com/en-us/documentation/articles/…) – Round 9/5, 2016 at 15:43

@pettys, I'm sorry the documentation is a bit confusing. The reason the link above still mentions the app key is because that documentation covers Mobile Services, and not Mobile Apps (which is where the app key support was removed). There's some work in progress to more clearly separate the docs to avoid mixing them up (I do it often). – Debidebilitate 9/5, 2016 at 21:53

Thanks for taking the time to respond - I appreciate it. Unfortunately I still wish I'd not chosen to try the Azure Mobile [App|Services] for this really small project. Thought it was going to be a quick, fun side project with a cool new tool and it turned into one frustration after another, starting with azure portal issues trying to configure the mobile app easy tables to use azure storage as the backend - couldn't get it to work. Sorry to rant - I do hope it helps, wish you the best, and I do appreciate your engaging the community on stack overflow. – Round 10/5, 2016 at 2:40

You can implement Application Key for Azure Mobile App if you want.

You can set an application key for your Azure Mobile App like Azure Mobile Services.

1. Open Application Settings on Azure Mobile Application

2. Scroll down to App Settings Add these two lines.

| zumo-api-key | TYPE YOUR API KEY |

| MS_SkipVersionCheck | True |

3. Then click Save

4. Open App Service Editor

5. Create a file on your main folder wwwroot

6. Name your file as validateApiKey.js

// ----------------------------------------------------------------------------
// Copyright (c) 2015 Microsoft Corporation. All rights reserved.
// ----------------------------------------------------------------------------

module.exports = function (req, res, next) {
// Validate zumo-api-key header against environment variable.
// The header could also be validated against config setting, etc
var apiKey = process.env['zumo-api-key'];

if (apiKey && req.get('zumo-api-key') != apiKey)
    return res.status(401).send('This operation requires a valid api key');
else
    return next();
}

6. Update your API script as,

[sampleAPI.js]

var validateApiKey = require('../validateApiKey');
module.exports = {
    "get": [validateApiKey, function(request, response, next)
    {
        response.send(
        {
            message: "post"
        });
    }],
    "post": [validateApiKey, function(request, response, next)
    {
        response.send(
        {
            message: "post"
        });
    }]
};

[sampleAPI.json]

{
  "get": {
    "access": "anonymous"
  },
  "post": {
    "access": "anonymous"
  },
  "put": {
    "access": "anonymous"
  },
  "patch": {
    "access": "anonymous"
  },
  "delete": {
    "access": "anonymous"
  }
}

Do not forget to change permissions to "Anonymous"

6. Update your Table script as,

[sampleTable.js]

var azureMobileApps = require('azure-mobile-apps'),
    validateApiKey = require('../validateApiKey');

// Create a new table definition
var table = azureMobileApps.table();

// Access should be anonymous so that unauthenticated users are not rejected
// before our custom validateApiKey middleware runs.
table.access = 'anonymous';

// validate api key header prior to execution of any table operation
    table.use(validateApiKey, table.execute);
// to require api key authentication for only one operation (in this case insert)
// instead of table.use(validateApiKey, table.execute) use:
// table.insert.use(validateApiKey, table.operation);

module.exports = table;

[sampleTable.json]

{
  "softDelete" : true,
  "autoIncrement": false,
  "insert": {
    "access": "anonymous"
  },
  "update": {
    "access": "anonymous"
  },
  "delete": {
    "access": "anonymous"
  },
  "read": {
    "access": "anonymous"
  },
  "undelete": {
    "access": "anonymous"
  }
}

Do not forget to change permissions to "Anonymous"

7. Done!

Do not forget to add header while calling Azure Mobile/Web App.

Also, you can see more from this repository on Github.

https://github.com/thisisfatih/applicationKeyAzure/

Symbolism answered 12/10, 2016 at 19:5 Comment(0)