Azure FunctionsSubscription and FunctionKey with Api Management consumption

1
votes

I'm building an Http api using azure functions and now I'm in the process to extend it with API management. On the function I added AuthorizationLevel.Function

Now I've tested using the portal with api-management and POSTMAN. As long as I include the subscription-header I can execute the function even if I don't include code=xxxsomekey in the path. I'm a bit confused about how the subscription and FunctionKey relationship is and maybe someone could help to clarify this?

1
azure-functionsazure-api-management

1 Answers

2
votes

Your request first arrives to API Management, which then forwards it to the Function. The response is passed through API Management to the client application.

  1. Because an API call goes to API Management, you need to authenticate with API Management's subscription key.
  2. API Management automatically authenticates with your Function using a host key created specifically for your API Management service (see: https://docs.microsoft.com/en-us/azure/api-management/import-function-app-as-api#authorization).
  3. You shouldn't include Function's key in your request to API Management.