You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the issue
In version 1.3, the current ApiKey in Azure Function configuration doing nothing. The code will always be the function key, and it could be authenticated by the x-function-key in the header. However, in doc it says we MUST specify the ApiKey.
Authenticated by the x-function-key with the function key is secure. It is what I like. However, it is different to the document
and it is confusing.
I have seen a related issue#383. I only see that fix fixing the SwaggerUI file.
Is it designed to only fix the swagger ui endpoint ApiKey behavior? Or it will affect the OpenAPI document endpoint ApiKey as well.
It is confusing every developer who is trying to deploy their function. The current documentation wastes our time to figure out what is going on and what should be the bug and correct behavior for the OpenAPI__ApiKey configuration.
To Reproduce
Steps to reproduce the behavior:
Deploy the azure function.
Specify the "OpenApi__AuthLevel__Document" = "Function" and (NOT specify or specify OpenApi_ApiKey to any value) in configuration.
Using the value specify in the OpenApi__ApiKey configuration to authenticate from either Url Query code or header x-function-api will response 401. Instead, using function key in either Url Query code or header x-function-key will be 200.
Expected behavior
Please remove the "Make sure that you MUST provide the OpenApi__AuthKey value, if you choose the OpenApi__AuthLevel__Document value other than Anonymous" in the document.
Documenting that: Without OpenApi__ApiKey configuration in deployed function, it will auto use the Azure Function Key to authenticate the OpenApi document endpoint, if the OpenApi__AuthLevel__Document is other than Anonymous.
The text was updated successfully, but these errors were encountered:
Describe the issue
In version 1.3, the current
ApiKey
in Azure Function configuration doing nothing. Thecode
will always be the function key, and it could be authenticated by thex-function-key
in the header. However, in doc it says we MUST specify theApiKey
.Authenticated by the
x-function-key
with the function key is secure. It is what I like. However, it is different to the documentand it is confusing.
I have seen a related issue #383. I only see that fix fixing the
SwaggerUI
file.Is it designed to only fix the swagger ui endpoint
ApiKey
behavior? Or it will affect the OpenAPI document endpointApiKey
as well.It is confusing every developer who is trying to deploy their function. The current documentation wastes our time to figure out what is going on and what should be the bug and correct behavior for the
OpenAPI__ApiKey
configuration.To Reproduce
Steps to reproduce the behavior:
"OpenApi__AuthLevel__Document" = "Function"
and (NOT specify or specifyOpenApi_ApiKey
to any value) in configuration.OpenApi__ApiKey
configuration to authenticate from either Url Querycode
or headerx-function-api
will response401
. Instead, using function key in either Url Querycode
or headerx-function-key
will be200
.Expected behavior
Please remove the "Make sure that you MUST provide the OpenApi__AuthKey value, if you choose the OpenApi__AuthLevel__Document value other than Anonymous" in the document.
Documenting that: Without
OpenApi__ApiKey
configuration in deployed function, it will auto use the Azure Function Key to authenticate the OpenApi document endpoint, if theOpenApi__AuthLevel__Document
is other thanAnonymous
.The text was updated successfully, but these errors were encountered: