Azure Active Directory 身份验证功能应用程序

本文介绍了Azure Active Directory 身份验证功能应用程序的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我正在通过以下 URL 为函数应用程序执行 azure Active Directory 身份验证

感谢任何帮助

解决方案

如果您的 azure 函数身份验证级别是匿名的或还需要函数密钥，我们可以使用访问令牌直接访问您的 Azure 函数 API.详细步骤如下.

为 Azure Function 配置 Azure AD.请参考

然后我可以直接使用访问令牌.我用 Postman 测试过:

请注意，如果你的天蓝色函数认证级别不是匿名的，你需要添加函数密钥

I am doing azure active directory authentication for function app by following below URL www.c-sharpcorner/article/secure-azure-function-with-azure-ad/

But when i hitting my url through function app It is giving unauthorized do i need to do anything else

please find the below screen shots.

any help is appreciated

解决方案

We could use the access token to access your Azure function API directly if your azure function authentication level is anonymous or function key is also required. The detailed steps are as below.

Configure Azure AD for Azure Function. Please refer to docs.microsoft/en-us/azure/azure-functions/functions-how-to-use-azure-function-app-settings#auth.

Get Access token

I get an access token from AAD using clientID and clientSecret using the following code:

METHOD: POST Url : login.microsoftonline/your directory ID/oauth2/token HEADERS: Content-Type : application/x-www-form-urlencoded BODY: grant_type+=client_credentials&resource+="your Function url"&client_id+++++="the application that your register id"&client_secret+="the key you create"

Please note that according to the Azure Resources portal (resources.azure/), the default allowedAudiences is

{functionAppName}.azurewebsites/.auth/login/aad/callback

So I added the {functionAppName}.azurewebsites/ as allowed audiences.

Then I can use the access token directly. I tested it with Postman:

Please note that if your azure function authentication level is not anonymous, you need to add the function key