Open alex-smith-ans opened 2 months ago
Exported JSON configuration for Terraform configured linux web app Command: az webapp auth show --resource-group "resourcegroupname" --name "linuxwebappname" >output.json
I found that value "allowedApplications" in JSON output is not properly updating from Terraform registry configuration block: auth_settings_v2 with (allowed_applications) setting "validation": { "allowedAudiences": [ "api://masked_client_id" ], "defaultAuthorizationPolicy": { "allowedApplications": [ "masked_client_id" ], "allowedPrincipals": {} }, "jwtClaimChecks": {} }
The only workaround is instead of using auth_settings_v2 configuration block is to add resource
"azapi_resource" using the following MS KB https://learn.microsoft.com/en-us/azure/templates/microsoft.web/sites/config-authsettingsv2?pivots=deployment-language-terraform or any other script to update with REST with the proper values.
Is there an existing issue for this?
Community Note
Description
Support for selecting Client Application Requirements when adding Entra ID Oauth 2 Identity Provider.
It is not currently possible to select the "Allow requests only from this application itself" under client application requirements when configuration authentication_v2 and Microsoft EntraID as the IDP. This option is found in the portal in the basics section under authentication.
Please can this be added?
New or Affected Resource(s)/Data Source(s)
azurerm_linux_web_app
Potential Terraform Configuration
References
No response