This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.
1. How to enable EasyAuth/OAuth on the request trigger?
While our UX team is working on building a friendly user interface, to configure your authorization policies you can call the V2 Auth Settings API from a HTTP client like Postman. You can learn more about this API at this link
We recommend keeping values for following properties unchanged.
a.
"globalValidation": {
"requireAuthentication": true,
"unauthenticatedClientAction": "AllowAnonymous"
}
Here are the details of the API-
HttpMethod- PUT
URL- https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Web/sites/{logicppName}/config/authsettingsV2?api-version=2021-02-01
Body of the PUT request-(For an example of the payload, please find the attached file authSettingsV2Payload.docx)
{
"id": "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Web/sites/{logicppName}/config/authsettingsV2",
"name": "authsettingsV2",
"type": "Microsoft.Web/sites/config",
"location": "{locationOfLogicapp}",
"tags": {},
"properties": {
"platform": {
"enabled": true,
"runtimeVersion": "~1"
},
"globalValidation": {
"requireAuthentication": true,
"unauthenticatedClientAction": "AllowAnonymous"
},
"identityProviders": {
"azureActiveDirectory": {
"enabled": true,
"registration": {
"openIdIssuer": "{issuerId}",
"clientId": "{clientId}"
},
"login": {
"disableWWWAuthenticate": false
},
"validation": {
"jwtClaimChecks": {},
"allowedAudiences": [
],
"defaultAuthorizationPolicy": {
"allowedPrincipals": {
"identities": [
"{ObjectId of AAD app1}",
"{ObjectId of AAD app2}"
]
}
}
}
},
"facebook": {
"enabled": false,
"registration": {},
"login": {}
},
"gitHub": {
"enabled": false,
"registration": {},
"login": {}
},
"google": {
"enabled": false,
"registration": {},
"login": {},
"validation": {}
},
"twitter": {
"enabled": false,
"registration": {}
},
"legacyMicrosoftAccount": {
"enabled": false,
"registration": {},
"login": {},
"validation": {}
},
"apple": {
"enabled": false,
"registration": {},
"login": {}
}
},
"login": {
"routes": {},
"tokenStore": {
"enabled": false,
"tokenRefreshExtensionHours": 72.0,
"fileSystem": {},
"azureBlobStorage": {}
},
"preserveUrlFragmentsForLogins": false,
"cookieExpiration": {
"convention": "FixedTime",
"timeToExpiration": "08:00:00"
},
"nonce": {
"validateNonce": true,
"nonceExpirationInterval": "00:05:00"
}
},
"httpSettings": {
"requireHttps": true,
"routes": {
"apiPrefix": "/.auth"
},
"forwardProxy": {
"convention": "NoProxy"
}
}
}
}
2. How to invoke the request trigger using AAD OAuth?
To invoke a request trigger on a logicapp using this auth, simply call the callback/invoke URL by passing the Authorization header and do not pass the SAS tokens in the query parameter.
Here's an example
https://arjun-easyauth-test.azurewebsites.net:443/api/asnyc1/triggers/manual/invoke?api-version=2020-05-01-preview
