question

MohitKhas-9706 avatar image
0 Votes"
MohitKhas-9706 asked PrasunAggarwal-1280 answered

access Azure function using RBACv without function key

Hi,
I am trying to access a azure function(server less) from app service without using function key and using RBAC. While calling function, it is showing unauthorize access. But when i am trying to access a function in Durable function without function key and using RBAC, i am able to access it. What is the reason behind this?
So, can i access a azure function if i provide the RBAC access and don't provide function keys?
If yes, then how?..

azure-functionsazure-rbac
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Guys, any suggestions?..

0 Votes 0 ·

I'm trying to understand what your scenario is. Please let me know if this is correct.

1) You have App Service authentication
2) Your HTTP functions are set to anonymous access (instead are protected by App Service auth)
3) You can manually trigger non-HTTP functions using the admin/functions path without using the _master' key

0 Votes 0 ·

No, let me explain the scenario again.
1. I have a web app service in which one web app is deployed.
2. I have a HTTP function(on consumption plan) which is set to non-anonymous access(can only be accessed using keys, function or master).
3. I want to access this HTTP function from web app service without using function key as i don't want the transmission on subscription keys in URL or in request header.
4. I have provided access to web app service in HTTP function. For this, i have enabled the identity in web app and then i have added a role assignment for this web app in HTTP function app(i have given owner role).
Similar thing I am able to do when i am accessing durable function from web app service.

0 Votes 0 ·
SamaraSoucy-MSFT avatar image
0 Votes"
SamaraSoucy-MSFT answered MohitKhas-9706 commented

I think I understand now what you are trying to do. The durable functions API uses a different authentication system, though it is fairly consistent- that's why there is no function key for that API.

With traditional functions, in order to use AAD auth instead of keys you need to enable the AAD provider on the App Service level and then set the individual function to "anonymous" access. As long as app service auth is turned on this won't open it to the public- it just stops it from requiring a key. If you were to turn on App Service auth and leave the default function settings on then you would need both AAD permission and the function key.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks very much for your help..

0 Votes 0 ·
PrasunAggarwal-1280 avatar image
0 Votes"
PrasunAggarwal-1280 answered

how to enable anonymous access on function

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.