[Documentation] Request: How to Use AzureAD/microsoft-identity-web with Azure Function Isolated Worker Model

[amaraslam07]

Documentation related to component

I would like to request documentation on how to integrate and use the AzureAD/microsoft-identity-web library with the Azure Function Isolated Worker Model.

Please check all that apply

• typo
• documentation doesn't exist
• documentation needs clarification
• error(s) in the example
• needs an example

Description of the issue

Currently, no documentation or any code sample exists which covers how this library can be used to protect APIs implemented in Azure Function Isolated Worker Model.

This documentation will greatly help developers who are looking to leverage AzureAD/microsoft-identity-web within their Azure Function projects using the isolated worker model.

[jennyf19]

@amaraslam07 let us know if the below helps you use the id web library with the Azure Function Isolated Worker Model:

Install the necessary NuGet packages:

• Microsoft.Identity.Web
• Microsoft.Azure.Functions.Worker.Extensions.Http
• Microsoft.Azure.Functions.Worker

Configure your Azure Function:

In your Program.cs, add the required services for authentication.

using Microsoft.Extensions.Hosting;
using Microsoft.Identity.Web;

var host = new HostBuilder()
    .ConfigureFunctionsWorkerDefaults()
    .ConfigureServices(services =>
    {
        services.AddMicrosoftIdentityWebApiAuthentication(config =>
        {
            config.Instance = "https://login.microsoftonline.com/";
            config.Domain = "<your-domain>";
            config.ClientId = "<your-client-id>";
            config.TenantId = "<your-tenant-id>";
        });
    })
    .Build();

host.Run();

Implement the Azure Function:

Create an HTTP-triggered function and add the Authorize attribute to protect it.

using System.Net;
using Microsoft.Azure.Functions.Worker;
using Microsoft.Azure.Functions.Worker.Http;
using Microsoft.Identity.Web;
using Microsoft.Extensions.Logging;

public class MyFunction
{
    private readonly ILogger _logger;

    public MyFunction(ILoggerFactory loggerFactory)
    {
        _logger = loggerFactory.CreateLogger<MyFunction>();
    }

    [Function("MyFunction")]
    [Authorize]
    public async Task<HttpResponseData> Run([HttpTrigger(AuthorizationLevel.Function, "get", "post")] HttpRequestData req)
    {
        _logger.LogInformation("Authenticated request received.");

        var response = req.CreateResponse(HttpStatusCode.OK);
        await response.WriteStringAsync("Hello, authenticated user!");

        return response;
    }
}

Configure Authentication settings:

Add the necessary configuration settings in local.settings.json file.

{
  "IsEncrypted": false,
  "Values": {
    "AzureWebJobsStorage": "",
    "FUNCTIONS_WORKER_RUNTIME": "dotnet-isolated",
    "AzureAd:Instance": "https://login.microsoftonline.com/",
    "AzureAd:Domain": "<your-domain>",
    "AzureAd:TenantId": "<your-tenant-id>",
    "AzureAd:ClientId": "<your-client-id>"
  }
}

This should help you get started with using id web in an Azure Function using the isolated worker model. For more detailed information, you can refer to the Azure Functions documentation.