Azure Function with AD auth results in 401 Unauthorized when using Bearer tokens

Question

I have a very simple Azure function in C# for which I\'ve setup Azure AD Auth. I\'ve just used the Express settings to create an App registration in the Function configurati

Answer 1

When setting up your Active Directory authentication on your Function App, set management mode to advanced and fill in the Client ID and Issuer URL as required (and the client secret if necessary).

Importantly, under the Allowed Token Audiences, enter the Application ID URI. This can be found in your registered App Registration (in your AD) under the Expose an API option.

This is what I was missing to get authentication working on my Function App. Before I added that token audience, I would always get a 401 with a valid access token.

This Azure active directory - Allow token audiences helped me get my answer but it took me a while to realise what it was referring to. Remember, it's the Application ID URI that can be found within your App Registration.

I hope it helps!