Dominique St-Amand explores how to debug a managed identity connection from a container-based App Service to Azure SQL.

So you’ve been eager to deploy your containerized web application that you’ve been working on for a while, to Azure App Service. You follow the best security practices which means you’ve setup your connection to your Azure SQL database using a managed identity. Upon loading your application, you get a dreadful exception that you can’t connect to the database. You then wonder, is this a database permission problem or some another problem, such as the application cannot connect to the database using its managed identity. This problem is even tougher to diagnose in applications such as Custom Off the Shelf (COTS) that you don’t have the source code.

Rest assured, this happens to the best of us (yes, even me!). In this post, I will give you some techniques to help you determine if the problem is indeed a problem between the web app and the Azure SQL database, through the use of managed identities, without having to modify any code in your application, keeping the debugging strictly on the infrastructure side.

Check out the step-by-step walkthrough here.