To enable authentication and authorization for your apps, perform the following steps:

1. Navigate to the Azure portal by opening https://portal.azure.com.
2. Go to the PacktWebApp that we created in the previous section.

3. In the left menu, under Settings, select Authentication / Authorization, and then turn it on, as follows:
   

4. Under Action to take when request is not authenticated, you can select the following options (you can add multiple identity providers to your app; however you need to do some coding inside your app to make these multiple providers available):
   
   • Allow anonymous requests (no action).
   • Log in with Azure Active Directory.
   • Log in with Facebook.
   • Log in with Google.
   • Log in with a Microsoft account.
   • Log in with Twitter.
5. In this demo, we are going to use Log in with Azure Active Directory, so select this one and click the Save button on the top menu. Our environment is now enabled to log in to our app using Microsoft credentials.
6. We now need to configure the app to let users log in using their Azure AD credentials. Under Authentication Providers, select Azure Active Directory:

7. In the next blade, you can select a couple of management mode settings:
   • Off: There will be no Azure AD application registered for you.
   • Express: An Azure AD application is registered for you automatically using the express settings.
   • Custom: You can register an Azure AD application using custom settings that you will provide manually.
8. For this demo, select Express. Next, you can create a new Azure AD registration (service principal) or select an existing one. We will leave the default settings here and click OK and then Save:

9. We are now ready to use Azure AD authentication in PacktWebApp.
10. For this demo, I've updated the original PacktWebApp and added the required code to be able to log in to the app using an authentication provider. This code file is added to the GitHub repository of this book. You can find the URL under the Technical requirements section at the beginning of this chapter.
11. To deploy the updated web app, go back to the web app overview page and under Deployment, select Deployment Center. In there, click the disconnect button in the top menu to disconnect from the current GitHub repository. When you are disconnected, select the GitHub tile and after that, click the Authorize button, as follows:

12. A new browser window is opened where you have to specify your GitHub credentials. Specify them, log in, and then click Continue.
13. For this demo, we are going to do a basic deployment, so in the next blade, select Kudu and click Continue:

14. In the next blade, select the Organization, Repository, and Branch and click Continue and then Finish:

15. The app will be deployed inside the App Service plan now.
16. Navigate to the Overview blade and click the link of the URL. The website will be opened and you will have to specify a Microsoft account to log in. After you've successfully authenticated, the website will display your Principal Name and other information, such as claims, as shown in the following screenshot:
    

We now have enabled authentication and authorization. In the next section, we are going to implement authentication by using certificates.