Access Azure App Configuration from a MAUI Mobile App

Question

We are developing a .NET MAUI mobile application for Android and iOS. It uses AD authentication. It talks to several backend APIs we created in Azure and behind APIM, requiring both tokens and subscription keys.

We have an Azure App Configuration store used by our APIs. We have been exposing endpoints to pass values from the Azure App Configuration to the mobile app, but that is a PITA. Is there a way to authenticate a .NET MAUI mobile app with Azure App Configuration and allow it to load values from that service directly?

The Key Vault backs some of our config entries, but the mobile app does not need access to those. Ideally, we could cherry-pick the values we need.

Are there any particular risks or downsides to this line of thought such that we should stick to what we currently do?

Answer

Yes, it is possible to authenticate a .NET MAUI mobile app with Azure App Configuration and allow it to load values from that service directly. You can do this by using the following steps:

Install the Azure App Configuration NuGet package.
Configure Azure App Configuration to allow access from your mobile app.
Create a client object to access Azure App Configuration.
Load values from Azure App Configuration.

Here is an example of how to configure Azure App Configuration to allow access from your mobile app:

using Azure.AppConfiguration;

namespace AppConfigurationExample
{
    public class AppConfigurationExample
    {
        public static void Main()
        {
            // Create an AppConfigurationClient object.
            AppConfigurationClient client = new AppConfigurationClient("https://my-app-config.azure.com");

            // Configure the client to use your Azure Active Directory credentials.
            client.Authenticate(new DefaultAzureCredential());

            // Load a value from Azure App Configuration.
            string value = client.Get("my-config-value");

            // Do something with the value.
            // ...
        }
    }
}

Once you have configured Azure App Configuration to allow access from your mobile app, you can create a client object to access Azure App Configuration. You can do this by using the AppConfigurationClient class.

To load values from Azure App Configuration, you can use the Get() method on the AppConfigurationClient object. The Get() method takes the name of the configuration value as a parameter and returns the value as a string.

I hope this helps! Let me know if you have any other questions.

As for the risks and downsides of this approach, there are a few things to consider:

If you are using Key Vault to back some of your config entries, you will need to make sure that the mobile app has access to the Key Vault.
You will need to make sure that the mobile app is properly authenticated with Azure App Configuration.
You will need to make sure that the mobile app is only loading the values that it needs.

If you are comfortable with these risks and downsides, then I think this is a viable approach. However, if you are not comfortable with these risks, then you may want to stick with your current approach.

Answer

if you have an authenticated api, I'd use that instead to get mobile app config values.

if you use azure app config, you will probably use a client secret to access azure config. The mobile app should get this from the api server, as you don't want it in the mobile app. Be sure to lock down the api as the users can directly access without the mobile app.

if you are going to give all users read access to the azure config store, then you will want a separate mobile config store so they can not access api server settings.

Share via

Access Azure App Configuration from a MAUI Mobile App

2 answers

Your answer