http trigger urls cannot be displayed they require an authentication token

Question

When deploying the function from VS Code, I receive this warning: "WARNING: Some HTTP trigger URLs cannot be displayed in the output window because they require an authentication token. Instead, you may copy them from the Azure Functions explorer." However, when I use the URL provided under the "function" level, it already includes its token, but I'm still encountering a 403 error. What can I do?

11:33:55 AM fnIntunePowerBI: WARNING: Some http trigger urls cannot be displayed in the output window because they require an authentication token. Instead, you may copy them from the Azure Functions explorer.

[FunctionName("intunehttp")] public static async Task<IActionResult> Run( [HttpTrigger(AuthorizationLevel.Admin, "get", "post", Route = null)] HttpRequest req, ILogger log)

enter image description here

In a testing environment with no restrictions, it worked for me. However, when I moved it to production, something is preventing it from running.

Answer 1

To resolve this issue, you can check that the permission level is set correctly in the function's HttpTrigger property. The authorization level specifies the type of authorization key required to access the function endpoint. For a function triggered by HTTP, the authorization level can be one of the following values: anonymous, function, or admin. You can change the default authorization level using the authLevel attribute in the binding function.json or the Function code where authLevel is mentioned. Refer this Github Document.

According to this github Issue comment by chopeen on the same error code as yours, Try to Deploy the Function with Function Core Tools command instead of using VS Code. Make sure you have Azure Functions Core Tool Installed in your system for the command to work. Refer below:-

az login
az account set --subscription "Suscription-name"
func azure functionapp publish functionappname

In-order to Invoke the Function via URL use the above URL with the Function Key as we have selected Authorization as Function, Refer below:-

https://functionName.azurewebsites.net/api/HttpTrigger1?code=xxxxxv4FwMfqJkQmH-VQDgw96InAzFunWY1hg==

Also, If your Production Tenant is an Organizational level Tenant with some Restrictions, you can enable Azure Functions Authentication with Service Principal by referring the same steps as this SO thread answer By Frank Borzage and then access the Function url via Access Token generated by The service principal connected to your Function app, Refer below:-

Visit your Function app > Authentication > Add Identity provider > Microsoft > App registration type :- Create new App > Add :-

Application with the same name as your Function App is created.

Now generate an Access token in Postman like below:-

Get Client ID, Client Secret and Scope from your Application created with the name of your Function app and pass below Request in the Postman:-

https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token

Body:-

client_id:xxxxx-b4557997172d
scope:api://xxxx85-4435-ab7f-b4557997172d/user_impersonation
username:[email protected]
password:xxxxxx
grant_type:password
client_secret:y3N8Q~xxxxxxxxxxx

Access Token generated like below:-

Now Use the Access Token to access the Function URL like below:-