statusQueryGetUri and API Management

Ana 141 Reputation points
2021-08-04T11:25:48.03+00:00

The setup:
Azure Function with API Management.

Managed Identity is set (https://www.svenmalvik.com/azure-apim-function-msi/). Authentication happens through policy authentication-managed-identity.
All seems to function correctly.
When called Azure Function returns 5 URIs, among them "statusQueryGetUri".

Question:
Before API Management and managed identity, I was able to call statusQueryGetUri using GET method and no credentials (as expected):

GET <rootUrl>/runtime/webhooks/durabletask/instances/<GUID>
?taskHub={taskHub}
&connection={connection}
&code={systemKey}

Now I receive 401 (kind of expected).

What authentication or endpoint am I missing?
Would my <rootUrl> change? Should I add the statusQueryGetUri to APIs managed by the API Management?
How should I authorize myself? Client ID and secret?

All pointers welcome!

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,805 questions
Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,382 questions
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. Pramod Valavala 20,591 Reputation points Microsoft Employee
    2021-08-04T13:54:49.113+00:00

    @Ana You could proxy requests for these endpoints via APIM as well. The redirect-content-urls does this for you out-of-the-box.

    For the proxied URLs to work, you will have to define APIs on APIM that forward the requests to your function app using the same managed identity.

    If you require, you could completely rewrite the URLs in the body using the set-body policy and define endpoints on APIM that a more REST-like

    For example, the endpoints could be /track/{taskHub}/{connection}/{GUID} and you can use the rewrite-uri policy to change it to the one required by functions. The system key could just be a named value since it doesn't really change.

    1 person found this answer helpful.