Neil Barber Thanks for posting your question in Microsoft Q&A. Have you considered using built-in authentication and authorization capabilities known as Easy Auth
? The middleware handles the authentication of all incoming HTTP requests and extract the identity data from HTTP headers to ClaimsPrincipal
object. You can simply validate the claims in your application.
However, if you cannot use it for your scenarios, then checkout AzureFunctions.Authentication library which provides the following solution:
- Expose custom Authentication/Authorization builder extensions that dont override existing one but registers all needed services
- Provide custom extension that derives from
IExtensionConfigProvider
- Re-configure already configured Authentication/Authorization by Azure Functions
- Dynamically inject new authentication schema and handler since
Bearer
schema is used by Azure Functions with their handler - Override
IAuthorizationHandlerProvider
to merge Azure Functions handlers with application handlers
The problem with current Function implementation is detailed here (Override host services) and the repo offers examples, code snippet for you to follow through.
I hope this helps and let me know if you have any questions.
If you found the answer to your question helpful, please take a moment to mark it as "Yes" for others to benefit from your experience. Or simply add a comment tagging me and would be happy to answer your questions.