Reputation: 23
How to check authorization with Azure Functions
I'm using Azure Functions to be the middleman between my Xamarin Forms app and my ComosDB Table. I think I understand how authentication works using Active Directory B2C, but I'm unclear about how authorization checks take place.
My understanding is that I can enable Active Directory B2C to authenticate the user and give them an access token. I can then make an http call to an Azure Function with the token as a parameter. How do I check that the token is correct for that user. Ultimately, I want to protect the data in the Table and only give data relevant to that specific user.
Upvotes: 2
Views: 1938
Answers (1)
Reputation: 58733
There are at least 2 approaches to validate tokens in Azure Functions:
The first is that you could do it manually: https://github.com/Azure-Samples/ms-identity-dotnet-webapi-azurefunctions/blob/12640a348852696ac0d01e7adfd937900ef8ea40/Function/BootLoader.cs#L73. This uses Microsoft.IdentityModel.Protocols.OpenIdConnect and System.IdentityModel.Tokens.Jwt to get the configuration from the metadata endpoint and validate the token. The main difference for you would be the openid-configuration URL, which you can get from the view that allows you to run a B2C user flow for testing in Azure portal.
Another approach is to use App Service Authentication: https://cgillum.tech/2016/05/27/app-service-auth-and-azure-ad-b2c/.
Upvotes: 1
Related Questions
- Azure Function with Azure AD access token
- Authentication for Azure Functions
- azure functions Authentication
- How to authenticate to an Azure Function using function auth or Azure AD service principal
- Azure AD Authentication in Azure Functions
- How to enforce AAD Application Role authorization with Azure Functions?
- Authenticate User In Azure AD (validate username & password) via Azure Functions
- Authenticate users to azure function when user is authenticated in web app
- How to call a azure function which is secured by AAD
- Azure Function Authorization