Secure APIs with FastAPI and the Microsoft Identity Platform Transcripts
Chapter: Course conclusion and review
Lecture: Review: Securing FastAPI with Microsoft Identity
0:00 On module three, we looked at how we can build secure API's with Microsoft
0:06 Identity. There are two parts to each authentication set up an application registration that captures
0:11 the tenant to use Azure Active Directory as the authentication provider,
0:15 and a bit of code to integrate with Azure Active Directory but it all starts with Azure AD
0:20 Even if your organization doesn't have Azure Active Directory through Azure or Office 365 you can easily spin up your own free tenant as a developer.
0:30 The only thing you need to do is usually create an application registration that contains the
0:35 configurations settings necessary to set up authentication. Once your application registration is in place that only settings we need in our API.
0:43 Is the client ID. and Tenant ID. Then in our API we can initialize the FastAPI Microsoft Identity library with these two
0:52 settings. Usually in the bootstrap section of the API. Then for its endpoint that we want to secure,
1:00 we need to declare the scope or scopes expected in the token as well as decorate
1:05 our route with the requires of decorator which is part of the FastAPI Microsoft identity library. This will enforce authentication.
1:14 Finally, in our function we need to validate the token against our expected scope and raising Auth error is not token valid or appropriate scopes are missing.