{"id":15410721,"url":"https://github.com/damienbod/azurefunctionssecurity","last_synced_at":"2025-04-15T16:57:06.644Z","repository":{"id":54151942,"uuid":"287458634","full_name":"damienbod/AzureFunctionsSecurity","owner":"damienbod","description":"Azure Functions Security","archived":false,"fork":false,"pushed_at":"2024-10-31T08:39:00.000Z","size":869,"stargazers_count":28,"open_issues_count":0,"forks_count":9,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-03-04T13:46:18.525Z","etag":null,"topics":["api","aspnet-core","azure","azure-functions","security","serverless"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/damienbod.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-08-14T06:16:03.000Z","updated_at":"2024-11-29T09:05:48.000Z","dependencies_parsed_at":"2024-10-19T16:18:59.609Z","dependency_job_id":"ab4d1051-54d4-4a67-a92e-0645967d95d7","html_url":"https://github.com/damienbod/AzureFunctionsSecurity","commit_stats":{"total_commits":111,"total_committers":1,"mean_commits":111.0,"dds":0.0,"last_synced_commit":"f56c63b4bf1c9cf2c1bb749afda3d25b7a80b467"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/damienbod%2FAzureFunctionsSecurity","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/damienbod%2FAzureFunctionsSecurity/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/damienbod%2FAzureFunctionsSecurity/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/damienbod%2FAzureFunctionsSecurity/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/damienbod","download_url":"https://codeload.github.com/damienbod/AzureFunctionsSecurity/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246112641,"owners_count":20725300,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","aspnet-core","azure","azure-functions","security","serverless"],"created_at":"2024-10-01T16:46:01.288Z","updated_at":"2025-03-30T16:32:18.204Z","avatar_url":"https://github.com/damienbod.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Azure Functions Security\n\n[![.NET](https://github.com/damienbod/AzureFunctionsSecurity/actions/workflows/dotnet.yml/badge.svg)](https://github.com/damienbod/AzureFunctionsSecurity/actions/workflows/dotnet.yml)\n\n## Blogs\n\n[Securing Azure Functions using API Keys](https://damienbod.com/2020/08/17/securing-azure-functions-using-api-keys/)\n\n[Securing Azure Functions using Certificate authentication](https://damienbod.com/2020/09/04/securing-azure-functions-using-certificate-authentication/)\n\n[Securing Azure Functions using an Azure Virtual Network](https://damienbod.com/2020/09/10/securing-azure-functions-using-an-azure-virtual-network/)\n\n[Securing Azure Key Vault inside a VNET and using from an Azure Function](https://damienbod.com/2020/09/16/securing-azure-key-vault-inside-a-vnet-and-using-from-an-azure-function/)\n\n[Securing Azure Functions using Microsoft Entra ID JWT Bearer token authentication for user access tokens](https://damienbod.com/2020/09/24/securing-azure-functions-using-azure-ad-jwt-bearer-token-authentication-for-user-access-tokens/)\n\n## History\n\n- 2024-10-31 Update packages\n- 2024-10-26 Update packages\n- 2024-07-05 Updated user delegated access v4 .NET 8 Azure function, network function updated to v4\n- 2024-07-04 Updated FunctionCertificate to v4 project, .NET 8\n- 2024-07-03 Updated FunctionApiKeys to v4 project, .NET 8\n- 2021-03-07 Update packages and using DefaultAzureCredential for Azure Key vault access,  Microsoft.Identity.Web to 1.7.0\n- 2020-10-25 Updated Microsoft.Identity.Web to 1.2.0, Updated Nuget packages\n- 2020-09-30 Updated Microsoft.Identity.Web to 1.0.0\n- 2020-09-19 Updated Azure Functions configurations to recommended way\n- 2020-09-19 Added Azure Function oauth security example user access tokens\n- 2020-09-10 Added Azure Function network security example\n- 2020-09-01 Added Certificate authentication for Azure Functions\n\n# Testing\n\n## Azure Functions API keys , AuthorizationLevel.Anonymous\n\n### Azure\n\nhttps://functionssecurity.azurewebsites.net/api/RandomStringAuthLevelAdmin\n\nhttps://functionssecurity.azurewebsites.net/api/RandomStringAuthLevelAnonymous\n\nhttps://functionssecurity.azurewebsites.net/api/RandomStringAuthLevelFunc\n\n### Local\n\nhttp://localhost:7071/api/RandomStringAuthLevelAdmin\n\nhttp://localhost:7071/api/RandomStringAuthLevelAnonymous\n\nhttp://localhost:7071/api/RandomStringAuthLevelFunc\n\n## Functions Certificate\n\n### Azure\n\nhttps://functioncertificate20200829215001.azurewebsites.net/api/randomString\n\n# Links\n\nhttps://docs.microsoft.com/en-us/azure/azure-functions/security-concepts\n\nhttps://docs.microsoft.com/en-us/aspnet/core/security/authentication/certauth\n\nhttps://damienbod.com/2019/06/13/certificate-authentication-in-asp-net-core-3-0/\n\nhttps://damienbod.com/2019/09/07/using-certificate-authentication-with-ihttpclientfactory-and-httpclient/\n\nhttps://github.com/dotnet/aspnetcore/blob/master/src/Security/Authentication/Certificate/src/CertificateAuthenticationHandler.cs\n                \nhttps://stackoverflow.com/questions/27307322/verify-server-certificate-against-self-signed-certificate-authority\n\nhttps://stackoverflow.com/questions/24107374/ssl-certificate-not-in-x509store-when-uploaded-to-azure-website#34719216\n\nhttps://docs.microsoft.com/en-us/azure/app-service/app-service-web-configure-tls-mutual-auth#access-client-certificate\n\n\n# Links Azure Networking / Application Gateway\n\nhttps://docs.microsoft.com/en-us/azure/virtual-network/\n\nhttps://docs.microsoft.com/en-us/azure/virtual-network/tutorial-restrict-network-access-to-resources\n\nhttps://docs.microsoft.com/en-us/azure/virtual-network/quickstart-create-nat-gateway-portal\n\nhttp://www.subnet-calculator.com/\n\nhttps://www.youtube.com/watch?v=8Wh6ZXf8LK8\n\n\n# OpenID Connect Microsoft Entra ID\n\nhttps://cmatskas.com/create-an-azure-ad-protected-api-that-calls-into-cosmosdb-with-azure-functions-and-net-core-3-1/\n\nhttps://anthonychu.ca/post/azure-functions-app-service-openid-connect-auth0/\n\nhttps://docs.microsoft.com/en-us/azure/app-service/configure-authentication-provider-openid-connect\n\nhttps://github.com/Azure/azure-functions-vs-build-sdk/issues/397\n\nhttps://blog.wille-zone.de/post/secure-azure-functions-with-jwt-token/#secure-azure-functions-with-jwt-access-tokens\n\nhttps://github.com/AzureAD/microsoft-identity-web\n\nhttps://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2\n\nhttps://jwt.io/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdamienbod%2Fazurefunctionssecurity","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdamienbod%2Fazurefunctionssecurity","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdamienbod%2Fazurefunctionssecurity/lists"}