DirectApiAuthorizationRequired

Question

_{Wednesday, November 28, 2018 2:50 AM}

The API trigger from a third party application calls my Logic App. The below error is received when trying to trigger the Logic App. What am I missing?

HTTP/1.1 100 Continue
HTTP/1.1 401 Unauthorized
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: eastus2:4c8324b8-0195-44e3-8960-7c60aeefe2af
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 15 Nov 2018 18:59:23 GMT
Content-Length: 127

{"error":{"code":"DirectApiAuthorizationRequired","message":"The request must be authenticated only by Shared Access scheme."}}

All replies (2)

_{Wednesday, November 28, 2018 8:28 AM}

Hi,

It looks the issue with SAS Token, there are two ways to overcome this issue

1) Using the API Manager

2) Using the Function Proxy

Choice is depending on Load and Cost, suggested to go with Using the Function Proxy.

Refer the following link which will explain you far better(Link#1 and Link#2)

Link#1 https://devkimchi.com/2017/12/07/securing-sas-token-from-azure-logic-apps/ 

Link#2 https://www.bruttin.com/2017/07/07/secure-serverless-architecture.html

HTH

Hope this Helps!!!! Regards, Note: Please Mark As Answered if you satisfy with Reply.

---

_{Thursday, November 29, 2018 6:31 PM}

Hi,

Thanks for your reply! 

I am new to Azure and Logic Apps. The links helped in understanding how to secure the Http end points. Following the suggestion to use Azure function Proxy, I created the proxy for my logic app as instructed. I tried to call the proxy from POSTMAN and was successful.

I provided the changes to the third party application owner and awaiting response. I will update the ticket accordingly.

Regards