New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

When are the scopes, as given in "Microsoft Account Authentication Settings" being used? #958

Open
nils-a opened this Issue Sep 19, 2018 · 0 comments

Comments

Projects
None yet
1 participant
@nils-a

nils-a commented Sep 19, 2018

I was redirected here by @MicahMcKittrick-MSFT, commig from https://social.msdn.microsoft.com/Forums/en-US/4430250b-dfe8-4eba-aa15-ef55f43e608e/when-are-the-scopes-as-given-in-microsoft-account-authentication-settings-being-used?forum=AzureFunctions

Originally I raised my question at MicrosoftDocs/azure-docs#11744

To repeat the question:

Regarding an azure function, when securing the function using "Authentication / Authorization", after selecting the Authentication Provider "Microsoft Account" there is a page which contains a ClientId, ClientSecret and some Scopes.

image

The question is: When are the given scopes being used? Are they somehow enforced, when accessing the function? Or are they only used when the "Action to take when request is not authenticated"-Setting is set to "Log in with Microsoft Account"?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment