3

I'd like to be able to call my Azure function without having to specify a key. The documentation seems to indicate that setting the 'authLevel' to anonymous accomplishes this:

authLevel : This determines what keys, if any, need to be present on the request in order to invoke the function. See Working with keys below. The value can be one of the following:

  • anonymous: No API key is required.
  • function: A function-specific API key is required. This is the default value if none is provided.
  • admin : The master key is required.

My binding is:

  "bindings": [
    {
      "type": "httpTrigger",
      "direction": "in",
      "authLevel": "anonymous",
      "webHookType": "genericJson",
      "name": "req"
    },
    {
      "type": "http",
      "direction": "out",
      "name": "res"
    }
  ]

Yet, when I send a request to the function without a key I receive the error:

The WebHook verification request must contain a 'code' query parameter.

What am I overlooking?

Janusz Nowak
  • 2,595
  • 1
  • 17
  • 36
chris
  • 2,740
  • 3
  • 25
  • 23
  • From the same document you are referencing, there is another link for "Working with keys": https://learn.microsoft.com/en-us/azure/azure-functions/functions-bindings-http-webhook#keys Scroll to "Keys and webhooks". It states that you will need to provide a key. – Ling Toh Jan 12 '17 at 20:42
  • Thanks, I should have heeded the text in that section: "Each mechanism does, however rely on a key". I was a bit confused between this and the documentation for the webHookType. – chris Jan 13 '17 at 01:57

1 Answers1

6

Chris, authLevel does not apply to WebHooks as the authentication there is completely handled by the WebHook receiver you select (e.g. Slack, Generic JSON, Salesforce, etc.), you'll notice that option is disabled in the UI.

I've opened this issue to enhance the documentation with this information.

If you need an anonymous WebHook to take a JSON payload, the alternative is to use an HTTP Trigger function, set the authLevel to anonymous and either handle the request directly or bind to a string, JObject or a POCO.

Fabio Cavalcante
  • 12,328
  • 3
  • 35
  • 43
  • Thanks. I noticed in the webHookType property it explicitly mentioned authLevel for github and slack. It was not mentioned for genericJson, which made think it could be set for that type. – chris Jan 13 '17 at 01:55
  • @Fabio are WebHooks implemented with Azure Functions under the covers? – Larry Maccherone Jan 13 '17 at 14:58
  • I may need some clarification on the question, but the WebHooks implementation in Azure Functions relies on the ASP.NET WebHooks feature, so we leverage their receivers and inherit the functionality they expose. This is all hosted and managed by Azure Functions. Does that answer the question? – Fabio Cavalcante Jan 13 '17 at 18:01