Dear community,
I would like to access an AzureAD secured Azure Function from Powershell.
The function is in Tenant A, anonymous access is enabled
The function app is connected to Tenant B for authentication.
When I try to access the function in the browser, I get redirected to a login page. When I login with an account that exists in Tenant B, everything is working fine. However, when I try this in Powershell, it does not work. This is what I tried in Powershell:
I$tokenData = Get-AzAccessToken $functionUrl = "https://samplefunctiontitle.azurewebsites.net/api/authTestFunction" Invoke-WebRequest -Uri $functionUrl -Headers @{'Authorization' = ('Bearer '+$tokenData.Token)}
The response is "You do not have permission to view this directory or page."
My current context is a subscription in Tenant B, using the same account I used in the web browser.
I've read that there's a difference between user sessions and client sessions, however, I cannot figure out how I can get this working. I'm supposed to create an app registration for the client/script, but in which tenant does it need to be? And I would be awesome if I could use the Context from Powershell instead of redirecting the user to a web browser to login.
If someone knows the answer, that would be awesome!
Kind regards,
Stefan Petter