GET and POST Function App Function/Host Keys Using Python (Azure Government)

Question

I am attempting to retrieve and add function/host keys for an Azure Government function app via Python. I am currently working with the information from this question and the corresponding API page. While these are not specific to Azure Government, I would think the process would be similar after updating the URLs to the Azure Government versions. However, I am receiving the error "No route registered for '/api/functions/admin/token'" when running the jwt part of the given code. Is this approach feasible for what I am trying to do?

I also found somewhere that I instead might want to try a GET request like this:

resp = requests.get("https://management.usgovcloudapi.net/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.Web/sites/<function-app-name>/functions/admin/masterkey?api-version=20XX-XX-XX", headers={"Authorization": f"Bearer {something}"})

This gives me the error "{"error":{"code":"InvalidAuthenticationToken","message":"The access token is invalid."}}", though. If this is indeed the correct approach, then what format should the Bearer token take?

Answer 1

Bit late answering but it may be useful for someone else in the future, it took me a while to find out how to do this.

If you want to retrieve the keys of a specific function within a function app then you can use list_function_keys() function from the Python SDK

Working with the Az management API directly may be a bit annoying and since the Azure CLI is written in Python whatever operation you do with the CLI you can do it directly in a Python script.

Here's an example of how you can retrieve the keys

from azure.identity import DefaultAzureCredential
from azure.mgmt.web import WebSiteManagementClient

# Your subscription ID
SUB_ID = "00000000-0000-0000-0000-000000000000"

fn_name = "some_function"  # Name of your function
app_name = "some_app"  # Name of your site/function app
rg_name = "some_rg"  # Resource group name to which the function belongs

web_client = WebSiteManagementClient(subscription_id=SUB_ID, credential=DefaultAzureCredential())
keys = web_client.web_apps.list_function_keys(rg_name, app_name, fn_name)

# Your keys will be accessible in the additional_properties param
print(keys.additional_properties)

Hope it helps! I'm new on Azure so if I'm doing something wrong, please don't hesitate to point out my mistake and share your correction