使用Azure功能的Authenticate-Authorizate REST API的文档 [英] Documentation for Authenticate-Authorizate REST API with Azure functions

问题描述

我需要使用Azure功能构建RESTfull API。 API必须 拥有身份验证授权会计系统来保护API（功能）。

I would need to build RESTfull API with Azure functions. The API must  have authentication-authorization-accounting system to secure API (functions).

最大的问题是如何使用Azure工具实现这一点？哪些是最佳实践以及在何处查找文档？

The big question would be how to implement this with Azure tools? Which are the best practices and where to find documentation?

我已经阅读了几个小时的Azure文档，但找不到"使用Azure功能和WITH身份验证和授权构建RESTfull API"。风格的文档。有些文件（实际上很多）已经过时了。一些房产说
"你正在尝试做一些旧的事情，按照链接进行并通过新的方式进行"在链接后面你根本找不到任何文档。有些文档会引用API参考，其中用户可以获得Azure workgourps等列表。显然
我不想为我们的Azure帐户内部信息的API用户列表提供。大多数文档（实际上每个我都能找到的）处理这种情况。相比之下，我需要创建应用程序（API），我可以管理
并为我们的api应用程序用户分发API访问权限。

I have been reading Azure docs for several hours and couldn't find "build RESTfull API with Azure functions AND WITH authentication and authorization" -style documentation. Some documents (actually quite many) are out of date. Some properties says "Hi, you are trying to do something old, follow the link and do it through new way" and behind the link you couldn't find any documentation at all. Some documents leads to API reference where user could get list of Azure workgourps etc. And obviously I don't want to give for our API users list of our Azure account internal information. And most of the documentation (Actually every single I can found) handles this situation. In contrast I would need to create application (API) where I could Administrate and distribute API access for our api application users.

你能指导我找到我能找到的文档吗？任何需要的信息来实现我的目标。

Could you direct me to documentation where I could find any needed information to achieve my goal.

提前谢谢

Jani H。

推荐答案

你好Jani，

Hi Jani,

我认为你最好的选择是  https://docs.microsoft.com/en-us/azure/azure -functions /功能-绑定-HTTP-网络挂接＃安全-AN-HTTP-端点在生产。
我同意 https://stackoverflow.com/a/46618968/10987310 上发布的答案，使用API​​管理服务或将Azure功能置于网关后面以限制流量使用
中的令牌来验证请求。

I think you're best bet is going to be https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-http-webhook#secure-an-http-endpoint-in-production. I would agree with the answer posted at https://stackoverflow.com/a/46618968/10987310, use API Management service or put your Azure function behind a gateway to restrict traffic use a token in the HTTP header to validate requests.

这篇关于使用Azure功能的Authenticate-Authorizate REST API的文档的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！