1

Is Azure SQL support access via AAD Client Id & Secret? If yes what would be the TSQL to give access to AAD ClientId and Can I use SSMS to connect to Azure SQL with AAD Client and secret?

Improve this question
2
  • This will probably help: learn.microsoft.com/en-us/azure/sql-database/… Commented Aug 6, 2018 at 12:42
  • Did my below answer helpful to you? Please upvote/accept the answer in such case Commented Aug 18, 2018 at 8:53

1 Answer 1

Reset to default
2

Yes you can use the Access token (AD Token)

Applications/services can retrieve an access token from the Azure Active Directory and use that to connect to SQL Azure Database.

  1. Provide anything(http://mytokentest) in signonURL as while Registering your APP

  2. CREATE USER [mytokentest] FROM EXTERNAL PROVIDER

Try the below code in Client App

public static void main(String[] args) throws Exception {

        // Retrieve the access token from the AD.
        String spn = "https://database.windows.net/";
        String stsurl = "https://login.microsoftonline.com/..."; // Replace with your STS URL.
        String clientId = "1846943b-ad04-4808-aa13-4702d908b5c1"; // Replace with your client ID.
        String clientSecret = "..."; // Replace with your client secret.

        AuthenticationContext context = new AuthenticationContext(stsurl, false, Executors.newFixedThreadPool(1));
        ClientCredential cred = new ClientCredential(clientId, clientSecret);

        Future<AuthenticationResult> future = context.acquireToken(spn, cred, null);
        String accessToken = future.get().getAccessToken();

        System.out.println("Access Token: " + accessToken);

        // Connect with the access token.
        SQLServerDataSource ds = new SQLServerDataSource();

        ds.setServerName("aad-managed-demo.database.windows.net"); // Replace with your server name.
        ds.setDatabaseName("demo"); // Replace with your database name.
        ds.setAccessToken(accessToken);
        ds.setHostNameInCertificate("*.database.windows.net");

        try (Connection connection = ds.getConnection(); 
                Statement stmt = connection.createStatement();) {

            ResultSet rs = stmt.executeQuery("SELECT SUSER_SNAME()");
            if (rs.next()) {
                System.out.println("You have successfully logged on as: " + rs.getString(1));
            }
        }
    }

Follow here with Sample Java Code

  1. Register your application with Azure Active Directory and get the client id for your code.
  2. Create a database user representing the application. (Completed earlier in step 6.)
  3. Create a certificate on the client computer runs the application
  4. Add the certificate as a key for your application.

Follow here with Sample C# Code

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.