🛰️ Deploy Flask API on Local Server with Public DNS and TLS #1
Description
Priority: High (needed for Excel Power Query + Entra auth integration)
Goal: Make https://api.jgiquality.com publicly accessible and route traffic to our local Flask API.
🧩 Background
We're building a Flask API (core-api) that will be accessed from Excel via Power Query using organizational Microsoft (Entra ID) authentication. Entra requires a publicly accessible and TLS-secured URL that matches the Application ID URI:
api://jgiquality.com/core-api
✅ Tasks
-
Set up port forwarding from our router:
- External port 443 → internal server running Flask
-
In Wix DNS manager, add an A record:
Type: A Host: api Points to: [our public IP] -
Use Let’s Encrypt (e.g., win-acme on Windows) to generate a TLS cert for
api.jgiquality.com -
Set up reverse proxy (Nginx or IIS):
- Accepts HTTPS on port 443
- Forwards requests to Flask at
localhost:5000
-
Ensure the URL
https://api.jgiquality.com/whoamiroutes to the Flask test route successfully -
Bonus: Set up auto-renewal for the TLS cert
🛠️ Notes
- The Flask app will enforce Entra ID token validation.
- Excel users will access the API using "Organizational Account" auth.
- TLS is mandatory for Entra auth and Power Query compatibility.
Let me know once the reverse proxy is live — I’ll test it using a Power Query connection.