Time
1 hour
Difficulty
Beginner
CEU/CPE
1

Video Transcription

00:01
In this video, I will show you how you can set up user authentication for azure functions.
00:07
Keep in mind that implementing the complete authentication floor requires client implementation that is beyond the scope of this course,
00:15
hence will not be able to test the complete flow, and we will look only at the configuration setting on National Function site.
00:23
Let's switch to Asher Porto and do that.
00:28
We'll use our existing function up to configure user authentication and authorization.
00:35
One very important thing to remember is that the authentication is configured on the level of the function up,
00:43
which means that all the functions that you have inside the up will require authentication once you configure it.
00:51
In order to do the configuration, you need to go to the platform features
00:56
and click on authentication authorization.
01:00
So far, our up does not require authentication.
01:04
It says that anonymous access is enabled and users will not be prompted for log in.
01:11
If I turn this on, I will have several options that I can come figure I can provide authentication with azure active directory with Microsoft account, Facebook, Google or Twitter.
01:26
Let's say I would like to do authentication with Azure active directory. I will click here
01:33
and I can choose the expressed option.
01:36
The express option gives me the option to create a new application. I d
01:41
The application will be Idea will be using the application name.
01:47
And I can select toe granted common data services permissions, Which means that
01:53
if the user result indicated he or she will be able to access other azure services,
02:00
let's for now, select. Create new application I d. And
02:04
just keep the common data services permission ourself
02:07
When I click OK,
02:09
the wizard will automatically create application I d for my function
02:16
in order to do user authentication. When I developed my client coat, I need to use this application I d and request a token for the specific application in order to be authorized toe access my function.
02:34
Don't forget to click on the safe button after you know your phone could configuration else. Your changes will not be saved and the configuration will be lost.
02:46
Also, one additional thing that you should not forget is that you need to change the action If the request is not authenticated.
02:53
If you leave it like this, it will still allow you to access your function, although the user is not authenticated.
03:01
If you are logging in with Azure Active Directory,
03:05
just say that the action should be longing with azure active directory
03:09
This way
03:12
the function Will
03:14
they direct the user without logging UL and it will request the application
03:21
to ask for a new talking.
03:23
Now, if I go back and try to test my http three year function,
03:30
I will receiver unauthorized message.
03:32
Let's see that
03:34
it is my function.
03:37
Let's go up the u L. And now test it using Curro from my command line,
03:45
get the Ural function. Let's switch to girl and well, right
03:51
Could all mine ALS be
03:53
and the u l and well after the end the required parlamento which was named
04:02
If you press on it and you will see that you are receiving back for a one unauthorized, you do not have permissions to view these directory or page.
04:15
If this is a client in application,
04:18
I need to go and request a token and in orderto
04:23
be granted access to dysfunction. I need toe pass the token
04:28
us Ah header toe the request.
04:33
This is how you can configure user authentication and authorization for your function. APS
04:41
Once again, we didn't test the whole floor because we didn't. We don't have a client implementation. However, you saw in curl that once we configure the authentication were not able anymore taxes the http endpoint
04:56
and remember that the configuration is done on the function up level, not on individual functions. What that means is that every function in this function app will require authentication.

Up Next

Azure Functions

This Azure Functions course explains the core concepts of serverless services in Azure, how to develop functions that use different triggers and how to secure access of Azure Functions and manage configuration secrets.

Instructed By

Instructor Profile Image
Toddy Mladenov
Instructor