I have an Azure bot which is all developed and working fine. It currently talks to a 3rd party workflow application via a simple webhook.
I am now trying to replicate this using Azure Logic App. I have a simple logic app that responds fine to requests from POSTMAN. However, when I set the Messaging Endpoint in the Azure Bot service to the URL of the logic app's top node (when a http request is received), I see 401 unauthorized responses from all of my channels in the bot and I don't know why. POSTMAN is using the exact same target URL and works fine.
Any ideas what is going on here?
I had a similar problem, and found the solution was to first ensure an Authorization header is being sent, and 2nd, set the value to null.
Refer: https://learn.microsoft.com/en-us/outlook/actionable-messages/security-requirements#action-authorization-header
Related
Hello I am trying to deploy my Azure Machine Learning pipeline with a REST endpoint. My problem is that I was able to generate an endpoint but has some sensitive information in it (ex: subscription id, resource group, etc). How can I generate a URL that forwards the request body to my Azure ML REST endpoint?
also, here is an approach I've done:
Used Application Gateway Redirect (this approach didn't forward the request body. It instead turned my POST request into a GET request when it redirected to the correct URL.)
The issue is raised because of some of the default security headers dependent on REST API and web based. Need to set the REST API CSP HEADER. Check the request and response headers in config file of the web application.
I have developed an Azure logic app and Azure function to send actionable messages to users.
On the bottom are two buttons to reply to another logic app. If I test it on the outlook web app (O365 E3-E5 licensing), it works fine.
On the outlook desktop app it's not working with Error 401 not authenticated.
The logic app is not triggerd if I check the history logs.
Any ideas what causes the error or how to debug?
Best regards
Edit:
The Logic App uses an HTTP trigger with a specific json input.
In the Logic App the users JWT Token will be checked with an Azure Function. But, the logic app never shows an run started if I click on send in the outlook desktop app. It looks like the call is blocked by the outlook client.
I have found a solution or a workaround...
Instead of triggering the Logic App directly, the request is sent to an Azure function (which also authenticates the user). The function is just a "middleman" that forwards the request to the logic app after successful authentication.
I don't know why it doesn't work with Logic Apps in this particular version of the Outlook desktop application... but with Azure functions there is a solution :)
I tried to implement custom Authentication via a authentication endpoint in an azure mobile app. I've created an Api Controller, that creates the Jwt using Azures AppServiceLoginHandler.CreateToken method. When I post to this controller with turned off Azure App Service Authentication, I get a token, but when I want to use it later, I always receive a "401 Unauthorized".
But when I turn the setting on in the Azure Portal, and send the very same request
I get:
The requested resource does not support http method 'GET'.
I'm not changing any code, and I'm certainly using a POST request - The exact same request, that works with turned off App Service Authentication.
My Code is essentially the same as here:
https://www.newventuresoftware.com/blog/custom-authentication-with-azure-mobile-apps
Could someone enlighten me here? Do I need additional configuration somewhere?
As adrian hall's book about Custom Authentication states as follows:
You must turn on Authentication / Authorization in your App Service. Set the Action to take when request is not authenticated to Allow Request (no action) and do not configure any of the supported authentication providers.
For custom authentication, you need to turn on the Authentication / Authorization in your app service for authenticating your token. Moreover, I would recommend you leverage fiddler to capture the network traces to narrow this issue. Additionally, you need to make sure that you send the custom login request with HTTPS. Details, you could follow this similar issue.
I'm using IoTHub F1 subscription and facing following problem:
I'm calling REST endpoint for get device list from iothub,
Ex: https://my_iothub_name.azure-devices.net/devices?top=10&api-version=2016-11-14
The above api call is working fine from postman (postman is ApiAgent)
But the problem is when I'm calling same api from browser it's giving me 405 method not allowed error.
I've read about it and it's looks like problem with OPTIONS request from browsers.
Please throw some lights on this issue,
Thank you very much.
I don't think this is currently possible, first because, from what I see, Azure IoT hub REST API does not issue CORS requests (i.e. they don't write in the CORS header access-control-allow-origin), so your browser client can't access it.
I'm using an Azure function app for my website to help send email. I use Azure Function authentication and pass the key as header from Ajax request and that works well. But my issue is that, having the function call in the JS of the website make it prone to my friends sending automated Http requests, such that the function is repeatedly executed
Is there a way to avoid this. May be using the request sender IP?
Azure Function keys are not supposed to be shipped to the end user devices (be it browser, mobile app, IoT device etc). You should hide function calls behind some authentication flow.
See these links for some options:
Authentication and authorization in Azure App Service
Working with identity in an Azure Function
A very similar question, but from Mobile app point of view:
How to safely call Azure Function with function level authorization in Xamarin mobile app?