I have created a new .NET 6 Isolated Azure Function followed by this great article: https://joonasw.net/view/azure-ad-jwt-authentication-in-net-isolated-process-azure-functions
If I'm debugging it locally, it works perfectly, the calling client attaches an authentication header to the request which I can read in the authentication middleware. But once the function app is deployed in Azure, I cannot access the authentication header in the authentication middleware, this header entry is missing. It looks like the authentication header is somehow removed from the header.
My program is
public static void Main()
{
var host = new HostBuilder()
.ConfigureFunctionsWorkerDefaults(builder =>
{
builder.UseNewtonsoftJson();
builder.UseMiddleware<AuthenticationMiddleware>();
builder.UseMiddleware<AuthorizationMiddleware>();
builder.UseMiddleware<ExceptionHandlerMiddleware>();
builder.Services.AddOptions<AppSettings>()
.Configure<IConfiguration>((settings, configuration) =>
{
configuration.GetSection("AppSettings").Bind(settings);
});
builder.Services.AddPersistenceRepositories();
builder.Services.AddPersistenceServices();
builder.Services.AddPersistenceInfrastructures();
builder.Services.AddSingleton<IHttpFunctionExecutor, HttpFunctionExecutor>();
})
.ConfigureOpenApi()
.Build();
host.Run();
}
Thank you @jack.pop ,For the solution ,Posting the same as answer so that other community members can beneficial for similar issue.
WORKAROUND:-
Please make sure to set the authorization level to
Anonymousas shown below .public static class TestFunctions { [Authorize( Scopes = new[] { "access_as_user" }, UserRoles = new[] { "admin" })] public static HttpResponseData OnlyAdmins( [HttpTrigger(AuthorizationLevel.Anonymous, "get")] HttpRequestData req, FunctionContext executionContext) { } }
For more information please refer this Blog|Isolated Azure Function missing authentication header and identity .