Use same Azure AD authentication between Static Web App and App Service

Question

I have an Azure Static Web App setup that is configured with an Azure Active Directory authentication. I have registered an app in the Azure Active Directory for this purpose. This is 100% working.

I now have an Azure App Service that houses a Flask Python API. Some of these APIs are called by the Static Web App.

Is it possible to use the same Azure Active Directory authentication for the App Service so that once the user logs in to the Static Web App, the API can then "see" that they are authenticated and the identity of the authenticated user?

In the App Service, there's an Authentication menu item and I tried pointing to the same app I've registered in Azure Active Directory. However, I'm getting a 403 every time the Static Web App calls the API, even though a user's logged in already.

I feel like I'm just missing something in the process, a bridge of some sort to pass the authentication from the Static Web App to the App Service.

Answer 1

• You are doing it the wrong way, i.e., you should link the Azure web app service in the Azure static app first as shown below and then configure the authentication for Azure AD correctly in the Azure static web app as described in the documentation link given below. This will ensure that your Azure static web app is added as an authentication provider in the Azure web app service and the respective Azure AD identity which is supposed to authenticate to the Azure static web app is also allowed to login to the Azure web app service later.

Azure static app link to the Azure web app: -

Configuration of Azure AD identity provider in Azure static web app: -

https://learn.microsoft.com/en-us/azure/static-web-apps/authentication-authorization?tabs=invitations

Once the above said is done, you will be able to provide authentication to the Azure web app service through the logged in user via Azure static web app.