Is there a method to secure a Manual Http Trigger in a logic App with Basic Authentication.
Is this achieved through APi Management.
0
votes
1 Answers
0
votes
The authentication mechanism used by Logic Apps is based on SAS keys that only a user with management access to the resource can list. In case any of the keys are exposed, you can use the /regenerateAccessKey operation on the logic app. See this article for details.
In addition there is a capability to restrict firing a logic app if not coming from a specific range of IP addresses. This is not yet surfaced in the azure portal (as of 2016-11-09), but could be done manually via PowerShell and/or the management APIs.
For any other authentication mechanisms you would indeed want to use API Management as a frontdoor to your logic apps.
