Secure APIs with FastAPI and the Microsoft Identity Platform Transcripts
Chapter: Course conclusion and review
Lecture: Review: Securing FastAPI with Microsoft Identity
Login or
purchase this course
to watch this video and the rest of the course contents.
0:00
On module three, we looked at how we can build secure API's with Microsoft
0:06
Identity. There are two parts to each authentication set up an application registration that captures
0:11
the tenant to use Azure Active Directory as the authentication provider,
0:15
and a bit of code to integrate with Azure Active Directory but it all starts with Azure AD
0:20
Even if your organization doesn't have Azure Active Directory through Azure or Office 365 you can easily spin up your own free tenant as a developer.
0:30
The only thing you need to do is usually create an application registration that contains the
0:35
configurations settings necessary to set up authentication. Once your application registration is in place that only settings we need in our API.
0:43
Is the client ID. and Tenant ID. Then in our API we can initialize the FastAPI Microsoft Identity library with these two
0:52
settings. Usually in the bootstrap section of the API. Then for its endpoint that we want to secure,
1:00
we need to declare the scope or scopes expected in the token as well as decorate
1:05
our route with the requires of decorator which is part of the FastAPI Microsoft identity library. This will enforce authentication.
1:14
Finally, in our function we need to validate the token against our expected scope and raising Auth error is not token valid or appropriate scopes are missing.