Azure App Service AlwaysOn Request - 401 Unauthorized

Cosmin Stirbu 151

Hello,

I have an Azure App Service (a ASP.NET Core 5 Web API) that has Always On set to true.
I noticed however in the IIIS logs that the Always On request performed every 5 minutes on the root URL receives a 401 Unauthorized:

#Software: Microsoft Internet Information Services 8.0
#Fields: date time s-sitename cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Cookie) cs(Referer) cs-host sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2021-11-02 06:53:12 MY-API-DEV-APP GET / X-ARR-LOG-ID=fff28b17-7e6f-4150-ab1e-9fa594f283e8 80 - 127.0.0.1 AlwaysOn ARRAffinity=a12d7eecbf2f9c32ace9bad91b055b759e4e2fdbe58b5717d0f872881913dfd0 - my-api-dev-app.azurewebsites.net 401 71 2147500037 686 821 15

I believe this is a problem because I have notice "cold starts" now and then and I believe this is because the Always On request receives a 401.

The App Service has Azure Active Directory authentication / authorization integration enabled, however I would expect that the Always On requests performed by the load balancer to bypass authentication.

Thank you,
Cosmin

Cosmin Stirbu 151 Reputation points

2021-11-10T11:29:20.117+00:00

After further investigation it seems that I can use WEBSITE_WARMUP_PATH = "/" and then authorization/authentication is bypassed to the root URL.

Interestingly enough, "/" should've been the default value, as per https://learn.microsoft.com/en-us/azure/app-service/reference-app-settings?tabs=kudu%2Cdotnet