Reputation: 2250
Using a 3rd party auth provider with Azure Functions
So I was previously using B2C for authentication. I had gotten my functions configured so that they required authentication via B2C and everything worked fine. If you tried calling them without being authenticated, nothing happened (or rather, you got an error).
I want to use a 3rd party provider, like Auth0, because there's some limitations and issues with B2C at the moment that seem to only very slowly get worked on. Anyway, I'm not sure how I'm supposed to configure my functions for this. I went to the Authentication/Authorization settings blade and I've set "App Service Authentication" to "on", "Token Store" to "On", and "Action to take when request is not authenticated" is set to "Allow Anonymous requests (no action)". Under "Authentication Providers" all of them are set to "Not Configured'. My first problem is that at this stage, if I call any of my functions using say Postman, I can call them just fine without any authentication information whatsoever. It's as if they're totally unprotected.
I'm not sure what I'm supposed to set so that my functions require authentication BUT with a 3rd party, not with the 5 default listed providers.
Or am I thinking about this the wrong way? Is the solution instead to allow unauthenticated access to my functions, but in the functions themselves do my token validation/etc rather than relying on whatever it is that Microsoft does behind the scenes to validate the request (like when you use B2C)?
Upvotes: 1
Views: 664
Answers (1)
Reputation: 2726
Your final thought is on the mark, if you're bringing a 3rd party auth provider that is unsupported by App Service Authentication the best choice is to allow unauthenticated access and validate the request yourself.
However, keep in mind that any input bindings will run before your function code executes (and auth validation occurs), so you need to be careful with using input bindings and custom auth.
Update: App service authentication does have 'bring your own auth provider' on the backlog, so hopefully this scenario will be better supported soon.
Upvotes: 2
Related Questions
- Which Authentication suits best for Azure Function app when exposing to third party
- Secure Azure Functions App in another tenant
- Authentication for Azure Functions
- azure functions Authentication
- How do you configure Azure Function authentication by code?
- Azure functions Authentication - possible without AD?
- Azure functions: Multiple functions with different authentication
- Azure Function custom API Authentication
- Azure Function Custom Authentication
- Azure Functions v2 & Google Auth