If you’re wanting a highly scalable cloud based service for mobile applications, you could use the Mobile Apps service in Azure. Mobile Apps offer authentication, data access, offline sync capabilities and more.
Creating the Mobile Apps service
Let’s jump in and simply create our Mobile Apps service.
- Log into the Azure portal on https://portal.azure.com
- Select New
- Select Web + Mobile
- Select Mobile App
- Enter a name for your app (which needs to be unique on the azurewebsites.net domain)
- Supply a new resource group name
Once the new application has been deployed, go to the App Services section in Azure to see the current status of your new service.
Let’s add a database
Let’s take this a little further now – a good possibility is that we need to store data in the cloud for our mobile device. So from your previously created App service, scroll down the Settings tab until you come across the “MOBILE” section and then follow these instructions to create a data connection (which includes creating and SQL Server DB or connecting to an existing one).
- Select Data Connections from the MOBILE section
- Press the Add button
- Leave the default SQL Database for the Type
- Press on the SQL Database/Configure required settings
- If you already have an SQL database setup you can select an existing one to use or click the Create a new data base option
- Assuming you’re creating a new database, supply a database name
- Click the Configure required settings and supply a server name, admin login, password and set the location of the server
When completed the data connections should list your new database connection.
Easy tables
We can create simple tables and offer CRUD like API’s against our data by using an Azure feature called Easy Tables. This will allow us to use REST and JSON to carry out CRUD operations against our SQL database with no coding on the server. To create Easy Tables select your mobile app service, select the Settings tab and scroll down to the “MOBILE” section, if not already there and then do the following
- Select the Easy tables option
- Press the Add button and give your table a name, for example for a blog reader we might start with the list of feeds, hence the table can be Feeds, for now you might leave all the permissions as “Allow anonymous access” just to get up and running
- You can the click “Manage schema” to add new columns
The URL to you table becomes
https://<your service name>.azurewebsites.net/tables/<your table name>
This now allows us (out of the box, with no extra coding by us on the server) get access to REST API’s to the data, so let’s assume our service name is Mobile and our table name is Feeds, we can use the following to handle basic CRUD operations
- Create: Use a HTTP POST operation against the URL https://mobile.azurewebsites.net/tables/Feeds
- Retreive (single item): Use a HTTP GET operation against the URL https://mobile.azurewebsites.net/tables/Feeds/id where id is an identifier which Easy Tables creates on our table by default
- Retreive (all items): Use a HTTP GET operation against the URL https://mobile.azurewebsites.net/tables/Feeds
- Update: Use a HTTP method “PATCH” against the URL https://mobile.azurewebsites.net/tables/Feeds/id where id is an identifier which Easy Tables creates on our table by default
- Delete: Use a HTTP DELETE operation against the URL https://mobile.azurewebsites.net/tables/Feeds/id where id is an identifier which Easy Tables creates on our table by default
Adding authentication
Initially we created the Easy table as “Allow anonymous access”, this ofcourse would allow us to test the API quickly, but obviously leaves the data unsecured. So now let’s put in place the authentication settings.
- If not already selected, select you Mobile App and from the settings locate the “MOBILE” section, then select Easy tables and finally select you table
- Click the Change permissions option
- Simply change the various permissions to Authenticated access only
- Don’t forget to press the save button
Now if you previously wrote some code to access the table without any form of authentication, you should receive a 401 error from requests to those same services now.
At this point we will need to provide a valid authentication token from an identity provider. Azure mobile apps can be set up to use Facebook, Twitter, Microsoft Account, Google or Azure Active Directory as a trusted identity provider. Along with these providers you could also roll your own custom identity provider.
To use one of the existing providers you’re going to need to get an app and client id plus an app secret, these are usually obtained from the provider’s dev portals.
Once you have this information you can do the following
- Go to your Azure mobile app and select the Settings tab
- Locate the Authentication/Authorization option
- Set the App service Authentication to On
- Now configure the Authentication provider, in the case of the social media providers simply insert your app id and app secret (or similar) as requested
Once completed you’ll need to use a slightly different URL to access your tables (for example). As you’ll need an OAuth redirect, so we’ll have something like
https://<your service name>.azurewebsites.net/.auth/login/<your identity provider>/callback
where your identity provider would be facebook, twitter, microsoftaccount, google or aad for example.
References