Aqua CSPM

Authentication Enabled

Quick Info

Plugin TitleAuthentication Enabled
CloudAZURE
CategoryApp Service
DescriptionEnsures Authentication is enabled for App Services, redirecting unauthenticated users to the login page.
More InfoEnabling authentication will redirect all unauthenticated requests to the login page. It also handles authentication of users with specific providers (Azure Active Directory, Facebook, Google, Microsoft Account, and Twitter).
AZURE Linkhttps://docs.microsoft.com/en-us/azure/app-service/overview-authentication-authorization
Recommended ActionEnable App Service Authentication for all App Services.

Detailed Remediation Steps

  1. Log into the Microsoft Azure Management Console.
  2. Select the “Search resources, services, and docs” option at the top and search for App Services.
  3. Select the “App Services” by clicking on the “Name” link to access the configuration changes.
  4. Scroll down the selected “App Services” navigation panel and in “Settings” click on the “Authentication / Authorization” option.
  5. On the “Authentication / Authorization” page check if “App Service Authentication” is “ON/OFF”. If it’s turned “OFF” all unauthenticated requests to the login page will not be redirected.
  6. Repeat steps number 2 - 5 to cross check “Authentication / Authorization” for other “App Services.“
  7. Navigate to the “App Services”, select the “App Service” and click on the “Name”, select the “Authentication / Authorization” under “Settings."
  8. Click on the “ON” option under “App Service Authentication” and click on the “Save” button at the top to make the chamges.
  9. Repeat above steps for enabling “Authentication” to redirect all unauthenticated requests to the login page.