I have created an HTTP Triggered Azure Function and exposed some endpoints. I am calling those endpoints from Salesforce Community.
https://<testing...>.azurewebsites.net/getData
https://<testing...>.azurewebsites.net/postData
https://<testing...>.azurewebsites.net/updateData
https://<testing...>.azurewebsites.net/deleteData
The Azure Functions Authorization Level is anonymous. I can access the responses from HTTP endpoints to the salesforce community site.
How can I set the authorization level so that, the endpoints can only be accessible from the Salesforce Community and the salesforce Users?
Thanks
There are quite a few options available like App Service Authentication or using API management for authorizing requests.
Have a look at Securing Azure Functions - Authentication/authorization .
While function keys can provide some mitigation for unwanted access, the only way to truly secure your function endpoints is by implementing positive authentication of clients accessing your functions. You can then make authorization decisions based on identity.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.