Share via

Can we use builder.Services.AddAuthentication() in azure Function app

Pankaj Dhami 135 Reputation points
2022-05-31T10:54:26.147+00:00

Hi Team,

I am using an azure function which has http triggers as a rest endpoints, i want to use microsoft jwt authentication for the http triggers, can i use some kind of authentication filter like we have in asp.net core web api in azure function app so that i don;t need to repeat my authnetication code every time on the function

can i use the builder.Services.AddAuthentication() at the functionstartup class which will apply to all functions similar to .net core web api

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
5,909 questions
Microsoft Security Microsoft Entra Microsoft Entra ID
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marilee Turscak-MSFT 37,206 Reputation points Microsoft Employee Moderator
    2022-05-31T23:21:11.37+00:00

    Hi anonymous user,

    I haven't implemented this personally, but based on my research it appears that this is something you can do.

    There is a blog post here by Jan Hajek where the author provides an example of adding builder.Services.AddAuthentication() in the functionstartup class. 

     public class Startup : FunctionsStartup  
    {  
        public override void Configure(IFunctionsHostBuilder builder)  
        {  
            // This is configuration from environment variables, settings.json etc.  
            var configuration = builder.GetContext().Configuration;  
  
            builder.Services.AddAuthentication(sharedOptions =>  
            {  
                sharedOptions.DefaultScheme = "Bearer";  
                sharedOptions.DefaultChallengeScheme = "Bearer";  
            })  
                .AddMicrosoftIdentityWebApi(configuration)  
                    .EnableTokenAcquisitionToCallDownstreamApi()  
                    .AddInMemoryTokenCaches();  
        }  
    }  
}

    Based on some previous Github issues, it looks like support for this didn't exist before but was since added.

    https://github.com/Azure/azure-functions-host/issues/6805
    https://github.com/Azure/azure-functions-host/issues/4485
    https://github.com/Azure/azure-functions-host/issues/5886

    There is also a nuget package that was published for handling this scenario. https://www.nuget.org/packages/AzureFunctions.Authentication/

    Let me know if you have any issues with the implementation, though.

    -

    If the answer provided was helpful to you, please remember to "mark as answer" so that others in the community searching for similar information can more easily find a solution.

    0 comments
  2. Arturo 46 Reputation points
    2024-08-27T14:37:53.66+00:00

    You can use DarkLoop.Azure.Functions.Authorization.Isolated for Isolated mode with ASP.NET Core integration and DarkLoop.Azure.Functions.Authorization.InProcess for In-Process mode.

    This has the benefit of allowing you to have fine grained authorization rules (policies) for all functions in your class or on individual functions, using the same [Authorize] attribute you use in ASP.NET Core controllers.

    You can read more here.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.