{"id":9412,"date":"2016-07-05T10:23:23","date_gmt":"2016-07-05T09:23:23","guid":{"rendered":"http:\/\/www.itwriting.com\/blog\/?p=9412"},"modified":"2016-07-05T10:23:23","modified_gmt":"2016-07-05T09:23:23","slug":"the-case-of-the-disappearing-azure-ad-application-registration","status":"publish","type":"post","link":"https:\/\/www.itwriting.com\/blog\/9412-the-case-of-the-disappearing-azure-ad-application-registration.html","title":{"rendered":"The case of the disappearing Azure AD application registration"},"content":{"rendered":"<p>Some time ago I wrote a simple web application which runs on Microsoft Azure and uses Azure Active Directory for authentication. The application is used constantly and has proved reliable; however yesterday it stopped working. A quick debug session showed that the problem was an Azure AD permissions error.<\/p>\n<p>In order to use Azure AD, applications have to be registered in the Azure management portal. I use the old portal for this; I am not sure that the functionality exists in the new portal yet. There is a nice how-to <a href=\"https:\/\/msdn.microsoft.com\/en-us\/office\/office365\/howto\/add-common-consent-manually\" target=\"_blank\">here<\/a>.<\/p>\n<p><a href=\"http:\/\/www.itwriting.com\/blog\/wp-content\/uploads\/2016\/07\/image3.png\"><img loading=\"lazy\" decoding=\"async\" title=\"image\" style=\"border-top: 0px; border-right: 0px; background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; border-left: 0px; display: inline; padding-right: 0px\" border=\"0\" alt=\"image\" src=\"http:\/\/www.itwriting.com\/blog\/wp-content\/uploads\/2016\/07\/image_thumb3.png\" width=\"404\" height=\"302\" \/><\/a><\/p>\n<p>One of the elements in the registration is a key which has a maximum lifetime of 2 years:<\/p>\n<p><a href=\"http:\/\/www.itwriting.com\/blog\/wp-content\/uploads\/2016\/07\/image4.png\"><img loading=\"lazy\" decoding=\"async\" title=\"image\" style=\"border-top: 0px; border-right: 0px; background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; border-left: 0px; display: inline; padding-right: 0px\" border=\"0\" alt=\"image\" src=\"http:\/\/www.itwriting.com\/blog\/wp-content\/uploads\/2016\/07\/image_thumb4.png\" width=\"404\" height=\"257\" \/><\/a><\/p>\n<p>My application was deployed about two years ago so I went to the portal to see if it had expired. <\/p>\n<p>What I found surprised me. The application was not listed at all. It had disappeared.<\/p>\n<p>Instead of simply obtaining a new key and updating my application config, I had to create a new application registration and update several keys in the config, which was an annoyance.<\/p>\n<p>There is a wider point here, in the whole category of dealing with \u201cthings that expire\u201d. Some time ago, Microsoft suffered an extended Azure outage because of an expired certificate. It is a shame that Microsoft insists on a maximum 2 year lifetime for this key but does not provide a check box for \u201calert me when this key is about to expire\u201d, how difficult would that be?<\/p>\n<p>Problems like this also mean that things which \u201cjust work\u201d may not continue to do so. Of course a well organised enterprise setup can deal with this type of problem, but imagine, for example, the case of a small business with an application running on Azure where the developers have gone out of business, perhaps, or are no longer available. In fact the only code I needed to change was in web.config, but I can imagine it could take some time to figure out what to do and what to change.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Some time ago I wrote a simple web application which runs on Microsoft Azure and uses Azure Active Directory for authentication. The application is used constantly and has proved reliable; however yesterday it stopped working. A quick debug session showed that the problem was an Azure AD permissions error. In order to use Azure AD, &hellip; <a href=\"https:\/\/www.itwriting.com\/blog\/9412-the-case-of-the-disappearing-azure-ad-application-registration.html\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">The case of the disappearing Azure AD application registration<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10,19,60],"tags":[185,186,586],"class_list":["post-9412","post","type-post","status-publish","format-standard","hentry","category-azure","category-cloud-computing","category-notes-from-the-field","tag-azure","tag-azure-active-directory","tag-microsoft"],"_links":{"self":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/9412","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/comments?post=9412"}],"version-history":[{"count":0,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/9412\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/media?parent=9412"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/categories?post=9412"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/tags?post=9412"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}