131 - Enabling EasyAuth for Azure Logic Apps (Standard) HTTP Triggers
Вставка
- Опубліковано 26 лип 2024
- In this video we are going to discuss how to enable Azure AD authentication for HTTP Triggers in Azure Logic Apps (Standard).
References:
Enabling Azure AD for Azure Logic Apps (Consumption) • 126 - Securing Azure L...
Blogpost:
techcommunity.microsoft.com/t...
API URL:
management.azure.com/subscrip...{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Web/sites/{logicAppName}/config/authsettingsV2?api-version=2021-02-01 - Наука та технологія
This was a lifesaver, thank you so much!
Glad it helped!
Thanks for the video Kent! I was implementing inbound http triggers in a client without APIM and really needed this feature. This video was invaluable in accomplishing that with detailed step by step instructions and explanations.
The post made by the logic app engineer on the AIS blog was helpful, but I needed the additional explanation in this video to really get this working.
Glad it was helpful!
Man i was starting to feel hopeless about using token auth with STD LAs! Thank you so much!
Glad I could help!
A very important feature IMHO! Would be great to have this officially supported (also by ARM and Terraform) AND to be able to disable the SAS token.
Thank you! This was really useful video. Especially finding out those id-values which are needed in the rest-request to update auth config.
Glad it was helpful!
NICE!!! Thanks for accepting to do this for Standard sku. Appreciate it... Speaking of reducing the attack surface, tried the managed identity in the identities array and it worked as well. Perhaps a more secure option than Service Principal and secret?
Good to know about managed identities. I hadn't tried that out but agree that is a good approach
Hi Kent, thanks for your video. Just wonder if you have any special set up in the API permissions? I followed your steps but it said that my token does not have authorization to perform action 'Microsoft.Web/sites/config/write'.
i am getting the same error as well, did you solve it getting scope added to this 'Microsoft.Web/sites/config/write' in azure ad?
Hi kent, is this easy auth available in the portal now(2024 march) instead of api enabling the auth.
I checked in with engineering and this is something that we will be working on but it will be post Build conference so after June we will get started I would estimate.
EasyAuth appears to be...3 round trips.
not every time, there is an expiry, so you can run a function once and store it and use that token until the expiry time