403 when calling durable function status query via Azure API Management Service

Rajeev Kumar Dave 21 Reputation points
2024-06-24T09:37:43.3066667+00:00

I am trying to call Azure Durable function through APIM because I have imported in APIM is working fine from Python Program. But this Azure Durable function is returning Status check API and this API is not imported in APIM and it is giving me 403 from same Python Program. Do I need to change the URL of this status API through APIM or something else I need to do.

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,607 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Deepanshukatara-6769 7,525 Reputation points
    2024-06-24T10:56:00.5833333+00:00

    Hi Rajeev,

    Ensure API Endpoints are Properly Defined in APIM

    You should have two main endpoints in APIM:

    • The initial function call endpoint.
    • The status check endpoint.

    When setting up an API Management Service backend for an Azure Function App, Azure will provision a header called x-functions-key into the backend's authorization credentials. This header is required when interacting with your function app through the API Management Service, and it's value should be your function app key. If you exclude this header you will receive a 401 Unauthorized error when trying to call your azure function through the API Management service.

    If this header is included when you query a durable functions's statuscheckapi, the durable function will return a 403 error. The header must be removed from the API Management Service backend authorization credentials for calls to the durable function status endpoint.

    Example: Status Check Endpoint Policy

    This policy ensures the x-functions-key header is removed when making a call to the status check endpoint.

    <policies>
      <inbound>
        <base />
        <set-header name="x-functions-key" exists-action="delete" />
      </inbound>
      <backend>
        <base />
      </backend>
      <outbound>
        <base />
      </outbound>
      <on-error>
        <base />
      </on-error>
    </policies>
    
    
    

    Kindly accept answer ,if it helps, please let us know if further questions

    Thanks

    Deepanshu