How we can be sure that no one else can benefit from the azure function which integrate with Chat GPT using API key

john john 946 Reputation points
2023-03-11T16:22:01.34+00:00

I want to install the SPfx for chat GPT from this link @ https://github.com/pnp/sp-dev-fx-webparts/tree/main/samples/react-chatgpt-app

The steps requires creating and Azure Function which will store the API key are:-

OpenAI-Azure-functions

Deploy

To deploy you can use the Azure Extensions for VSCODE , go to "WORKSPACE" and on top Options select Deploy.

enter image description here

Secure Azure Function App

The Azure Fucntion is secured by Authentication after deployed go to Azure and select Function App and select the Azure Function App created "OpenAIFunctionsApp"

enter image description here

configure authentication

Select Authentications and you have option to create a new Azure App or select a one already created.

in this sample , create a new one.

enter image description here

After go to CORS and add your SharePoint address.

enter image description here

Application Settings

The function needs to have the followed environment vars defined:

enter image description here

So at the end we will have an azure function which stores our secure API key. so how we can be sure that no external user can use/benefit from our azure function to create an own SPFx which call out azure function ?

Thanks

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,371 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,822 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Andriy Bilous 10,996 Reputation points MVP
    2023-03-13T14:11:20.14+00:00

    Hello john john

    To prevent external users from using your Azure Function you have several options to consider and implement:

    Overall, implementing a comprehensive security strategy for your Azure Function app is essential to protect your data and prevent unauthorized access.