How To Secure Your Azure App Service With Google Authentication

Introduction

 
Please take a look at my previous articles about other types of authentication in Azure App Service which may help you to meet your application requirement.

Creating Google Client App

 
Step 1
 
You need a Google account, to create a Google account go to accounts.google.com
 
Step 2
 
Go to Google API Console and login using your Google account.
 
Step 3
 
Once you are logged in, if you want to use existing project select that. To create a new project, click on “Select a project” in the top nav.
 
How To Secure Your Azure App Service With Google Authentication
 
Step 4
 
It will open up a popup where you can create a “New Project”
 
How To Secure Your Azure App Service With Google Authentication
 
Step 5
 
Give a name for your project and click “Create” button. In the upcoming Project Dashboard select “Credentials” from left menu and click “Configure Consent Screen”.
 
How To Secure Your Azure App Service With Google Authentication
 
Step 6
 
Consent screen helps to configure the basic information about the app like Application Name, Logo, Privacy Policy URL. Select the Email id which you want to use for support. Look for Authorized domains option in the same page and add your app service domain like below
  1. <yourazureappname>.azurewebsites.net  
Click enter, it will be added in the domain list, now click “Save” button.
 
Step 7
 
Again, go to “Credentials” from the left menu and choose “+ Create Credentials” button, in the list of options select “OAuth client ID”
 
How To Secure Your Azure App Service With Google Authentication
 
Step 8
 
In the upcoming page, select Application Type as “Web Application”. It will open a section where you can configure origins and redirect URI’s like below and click Create button.
 
Note
Make sure you enter the below URL’s in lowercase format. Because the authorized domains that we add in Step 6 will be added as lowercase and domain comparison will be done against the url that we adding now.
 
Authorized JavaScript Origins,
  1. https://<yourazureappname>.azurewebsites.net  
Authorized Redirect URI,
  1. https://<yourazureappName>.azurewebsites.net/.auth/login/google/callback  
 How To Secure Your Azure App Service With Google Authentication
 
Step 9
 
In the upcoming popup Copy the Client ID and Client Secret, you will need this later to configure in Azure App Service.
 

Configuring Google Authentication in Azure App Service

 
Step 1
 
Login to Azure Portal, with enough permission to access the app service.
 
Step 2
 
Click on any of the app service application on which you wish to enable Google authentication.
 
Step 3
 
In the upcoming properties pane look for Authentication/Authorization option like below. By default, Authentication is disabled, enable it using the toggler like you see in the below screenshot.
 
How To Secure Your Azure App Service With Google Authentication
 
Step 4
 
In the upcoming screen select “Google” as the authentication type. Enter the App ID and App Secret you obtained from Google developer console and click OK button.
 
Step 5
 
Now, in authentication screen choose “Action to take when request is not authenticated” as “Log in with Google” and click Save.
 
How To Secure Your Azure App Service With Google Authentication
 
Step 6
 
Now we are all set with the Google authentication, browse your application and in the browser you will be prompted to enter your Google credentials.
 
Once your Google credentials are validated, it will take you to your actual Azure App Service application.
 
I hope this article helps you to enable Google authentication on an Azure App Service. If you have any questions/issues about this article, please let me know in the comments.