Hi Rajeev,
Ensure API Endpoints are Properly Defined in APIM
You should have two main endpoints in APIM:
- The initial function call endpoint.
- The status check endpoint.
When setting up an API Management Service backend for an Azure Function App, Azure will provision a header called x-functions-key into the backend's authorization credentials. This header is required when interacting with your function app through the API Management Service, and it's value should be your function app key. If you exclude this header you will receive a 401 Unauthorized error when trying to call your azure function through the API Management service.
If this header is included when you query a durable functions's statuscheckapi, the durable function will return a 403 error. The header must be removed from the API Management Service backend authorization credentials for calls to the durable function status endpoint.
Example: Status Check Endpoint Policy
This policy ensures the x-functions-key
header is removed when making a call to the status check endpoint.
<policies>
<inbound>
<base />
<set-header name="x-functions-key" exists-action="delete" />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>
Kindly accept answer ,if it helps, please let us know if further questions
Thanks
Deepanshu