Azure Function with AD auth results in 401 Unauthorized when using Bearer tokens

Question

I have a very simple Azure function in C# for which I\'ve setup Azure AD Auth. I\'ve just used the Express settings to create an App registration in the Function configurati

Answer 1

I'm facing the exact same issue today. The issue turned out to be the resource id that I was passing when requesting the access token.

For example, initially I was requesting a token like this, using the function URL as the resource id:

AuthenticationResult authenticationResult = authenticationContext.AcquireTokenAsync("https://myfunction.azurewebsites.net", "myClientAppIdGUID", new Uri("https://login.live.com/oauth20_desktop.srf"), new PlatformParameters(PromptBehavior.SelectAccount)).Result;

While this returned an access token, I was receiving a 401 unauthorized when using the access token to call my function api.

I changed my code to pass my function apps App Id as the resource:

AuthenticationResult authenticationResult = authenticationContext.AcquireTokenAsync("myFunctionAppIdGUID", "myClientAppIdGUID", new Uri("https://login.live.com/oauth20_desktop.srf"), new PlatformParameters(PromptBehavior.SelectAccount)).Result;

Everything works fine now.