0

Now I develop a WPF application that access to Azure SQL Server and work in Windows10 Tablet for my client.

I registered my client IP address of my PC for development,so the application can access to the sql server in development. But it does not work in the tablet in other network. I know, I have to register its ip address too.

Now I have a problem.. of course, my client use his own network and I can't confirm the ip address he use! To resolve this problem, I tried to use Azure AD autehntication with token. (refer to https://learn.microsoft.com/en-us/azure/sql-database/sql-database-aad-authentication , https://techcommunity.microsoft.com/t5/azure-sql-database/azure-ad-service-principal-authentication-to-sql-db-code-sample/ba-p/481467 and so on)

My Application suceeded to login with Azure AD authentication in my PC for development, but in other network it failed yet..

Does it mean that I have to register the ip address in which the application works in any authentication method? (If yes, it means that all user have to tell his own ip address to developer. No Way!!)

or I need to allow all range of ip address for this application?

I hope your help, thanks

MagicalJourney
  • 41
  • 2
  • Is your application hosted in Azure as well ? If that is the case, then your client will not need any further configurations if you allow connections from other Azure services to Azure SQL Database. – Manoj Choudhari Jan 24 '20 at 11:59

1 Answers1

0

If I understand your question correctly there are two questions:

1. How to make sure that dev machine has access to Azure SQL Database ?

For this, there is no other way. You will have to enable the IP addresses (or range of addresses) from which you want to access the Azure SQL database. If it is not allowed, you will not be able to connect to it.

You can enable this either while creating the SQL Azure instance OR you can also configure these IP addresses later as and when you need.

If you ask me what is the best way, I would suggest to use your local SQL Server for development. That way you do not need to configure all the IP addresses from all the networks from where you can work. This is also very handy as you have database on your machine.

Are you using central database and many people using it, then you have option to either setup a SQL Server which is available to the development team.

Alternatively, if you are interested to use Azure SQL for your development (which I would not recommend), then you can also try setting up a proxy service which just forwards the request to Azure SQL. That way making sure that all requests are coming from one IP.

2. How to make sure that your deployed application will always be able to access Azure SQL database?

It depends on how the application is deployed. If the application is going to be deployed in Azure, then you may want to enable access from other Azure services to Azure SQL instance. This is also setting which you can enable while creating SQL Azure database OR You can configure it after creating the SQL Azure instance.

If the application is not on Azure but database is on Azure, you will have to update the firewall to allow connections from the application.

I hope this provides you enough insights to get to your solution.

Manoj Choudhari
  • 5,277
  • 2
  • 26
  • 37
  • Thanks for your answer! I registered my application as native application to Azure AD and granted access to sql server , and got secret key. I thought that application(exe) with this key could access to sql server avoiding firewall. is it not right? how can I "host" native application to Azure? – MagicalJourney Jan 24 '20 at 15:50