How to secure Azure Health Bot -> Logic App flow?

RK 20 Reputation points
2023-11-25T15:01:43.1833333+00:00

I followed this tutorial on Microsoft Learn to integrate Azure Health Bot with a SQL database via Logic Apps. I noticed there is no authentication between Azure Health Bot and Azure Logic Apps - so anyone who sends a POST request to the Logic App URL is essentially able to write to my SQL database.

How can I restrict Logic App to only accept authenticated requests from Azure Health Bot?

Azure Logic Apps
Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
2,970 questions
Azure Health Data Services
Azure Health Data Services
An Azure offering that provides a suite of purpose-built technologies for protected health information in the cloud.
155 questions
0 comments No comments
{count} votes

Accepted answer
  1. MayankBargali-MSFT 69,971 Reputation points
    2023-11-27T05:44:12.7366667+00:00

    @RK Thanks for reaching out.

    As per the learn document I can see we are creating the Request trigger. So when you save the request trigger so automatically a URL is generated along with the authorization query parameter in the URL that is used to authenticate the request. Anyone who has the right URL along with the query parameter can trigger your workflow.

    In a Standard logic app workflow that starts with the Request trigger (but not a webhook trigger), you can use the Azure Functions provision for authenticating inbound calls sent to the endpoint created by that trigger by using a managed identity. This provision is also known as "Easy Auth". For more information, review Trigger workflows in Standard logic apps with Easy Auth.

    Reference : https://learn.microsoft.com/en-us/azure/connectors/connectors-native-reqres?tabs=consumption#security-and-authentication

    Let me know if you have any queries or concerns.

    Please 'Accept Answer' if it helped so that it can help others in the community looking for help on similar topics.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful