We have:
myappservice.azurewebsites.net) (written in C# & .net core 2.2)myserver.database.net)Currently the App Service connects to the SQL Database via SQL Server Authentication (login+password).
However, if possible, we would like to have Windows Authentication. i.e. the service should be able to login without sending username and password. That way we would not need to store any login information in our service. Is that possible?
Would this be a case to use a Managed Identity
The app service will have an identity with a thumbprint and sql will give that identity access by creating the user of the same name as the app service. This would eliminate the need for a username and password. The only downside is if the app is deleted and recreated the user on the sql side would need to be dropped and recreated since it has a different thumbprint. This is only if the app service is deleted and recreated, not needed for updates or redeployments