![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 43%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
5,929 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 59%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
HI ,
As I understand in this use case you want only to call the azure functions from azure Devops ?
instead of whitelisting ip adress you can in access restriction in the azure function allow the tag : AzureCloud you can check it from this link :
https://learn.microsoft.com/en-us/azure/virtual-network/service-tags-overview?wt.mc_id=MVP_328341
else
Function Key with IP Whitelisting:
As you mentioned, using a function key along with IP whitelisting is one option. This ensures that only requests with a valid function key and originating from specified IP addresses (you may want to create self hosted agent ) can access your function. While not ideal, it does provide a level of security. API Management: You can set up Azure API Management in front of your Azure Function. API Management can act as a gateway, allowing you to enforce security policies, including authentication, IP filtering, rate limiting, and more. This allows you to use more advanced authentication mechanisms such as OAuth, client certificates, or even Azure AD authentication.
Hope this helps