0

I've an Azure function with an HTTP trigger. On that trigger there is an webhook linked. For security I would use function tokens for that, but they must change on every call. Then the webhook from the third party tool must be updated with the new token. The result would be that every token only could be use once. Pseudo code below:

[FunctionName("GetData")]
public static async Task<HttpResponseMessage> Run([HttpTrigger(AuthorizationLevel.Function, "get", Route = null)]HttpRequestMessage req, TraceWriter log)
{
    // 1. Do the action
    // 2. Refresh the token
    // 3. Update the webhook with the new token
}

But how could I refresh the function token of the Azure Function? I've searched on the internet but didn't find anything.

H. Pauwelyn
  • 13,575
  • 26
  • 81
  • 144

1 Answers1

0

Azure function keys can be get and set via the key management API. https://github.com/Azure/azure-functions-host/wiki/Key-management-API

Your function can use this app to get and set function keys. To use the key management API, you will need an authorization jwt access token. It can then use that access token to access the key management API to get and set new keys. Those keys can then be posted/shared with your third party application.

So, your process will look like

// 1. Do the action
// 2. Get jwt
// 2. Refresh the token
// 3. Update the webhook with the new token

Have a look at this question here, which has several answers with examples with code. Get Azure Function keys from an Azure Function at deployment time?

Also take a look at this answer here which demonstrates how to use the Microsoft.Azure.Management.Fluent library to achieve this.
https://stackoverflow.com/a/46463971/2048857

Troy Witthoeft
  • 2,498
  • 2
  • 28
  • 37