To better understand and then implement it in our projects I've created a Function App with 3 endpoints (source code in this gist) and configured 6 Availability Tests (of kind Ping Test):
oktest: https://myfuncname.azurewebsites.net/api/ok (parse dependent requests = false)
oktest2: https://myfuncname.azurewebsites.net/api/ok (parse dependent requests = true)
badtest: https://myfuncname.azurewebsites.net/api/bad (parse dependent requests = false)
badtest2: https://myfuncname.azurewebsites.net/api/bad (parse dependent requests = true)
errtest: https://myfuncname.azurewebsites.net/api/err (parse dependent requests = false)
errtest2: https://myfuncname.azurewebsites.net/api/err (parse dependent requests = true)
The Function App is configured with AAD using Client ID and Allowed Token Audiences.
/ok returns 200 content OK
/bad returns 400 content BAD
/err returns 500
Testing Azure the endpoints with Postman (using a valid Bearer Token) produces expected results as in local hosting environment.
I'm expecting to have 100% ok success in oktest and oktest2 and 100% of failures in other tests.
I'm getting these results:
oktest: success 21 fail 0
oktest2: success 17 fail 0
badtest: success 20 fail 2
badtest2: success 17 fail 0
errtest: success 21 fail 1
errtest2: success 17 fail 0
Then I set authentication to Allow Anonymous and I get these results after some cycle:
oktest: success 31 fail 0
oktest2: success 36 fail 0
badtest: success 29 fail 9
badtest2: success 25 fail 8
errtest: success 28 fail 8
errtest2: success 24 fail 7
It's quite clear that first authentication settings prevented endpoints to be HTTP-pinged. Is this possible to keep AAD authentication or we've to rethink our network architecture?
Any help or suggestion will be very appreciated!
Regards, Giacomo S. S.
