question

FutoshiNishimura-4648 avatar image
0 Votes"
FutoshiNishimura-4648 asked FutoshiNishimura-4648 commented

Azure Functions URL Authorization Rules

I was following the tutorial here about URL Authorization Rules

https://azure.github.io/AppService/2016/11/17/URL-Authorization-Rules.html

URL Authorization Rules are defined in an authorization.json file

I was searching for more documentation about this file but could not find any. I tried to get this to work but it did not work as expected. Is this authorization.json rules still supported by Azure? Has this been deprecated?

thanks

azure-functions
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MayankBargali-MSFT avatar image
0 Votes"
MayankBargali-MSFT answered FutoshiNishimura-4648 commented

@FutoshiNishimura-4648 The feature is deprecated and for webapps you can configure azure static web apps.
For function you need to configure the authLevel as anonymous/function/admin in function.json or you can define it as AuthorizationLevel.Function etc. as the attribute

I do see previous discussion on Allow Invocation Filters to Short Circuit / Provide Response for this feature. You can refer to the github for more details.

· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

For function you need to configure the authLevel as anonymous/function/admin in function.json or you can define it as AuthorizationLevel.Function etc. as the attribute

The problem is that we have AD Authentication enabled for the entire Function app. Therefore the authLevel doesn't come into play as authentication is handled at the AD level and will override the authLevel setting in function.json

0 Votes 0 ·

@FutoshiNishimura-4648 It would not be possible and the discussion shared earlier is the work going in to support Filters for Functions but this is still in preview.
Based on the above preview feature, looks like this is one library - dark-loop/functions-authorize - that adds support for this.

0 Votes 0 ·

ok thanks for the response

too bad about this

0 Votes 0 ·