Azure Function with AD auth results in 401 Unauthorized when using Bearer tokens

Question

I have a very simple Azure function in C# for which I\'ve setup Azure AD Auth. I\'ve just used the Express settings to create an App registration in the Function configurati

Answer 1

You can now use v2.0 tokens!

Instead of choosing 'Express' when you configure AAD, you have to choose 'Advance' and add the /v2.0 part at the end of the URL.

This is the code that I use in my console app to present the user with a login prompt, then take the bearer token for use with the Azure Function.

string[] scopes = new string[] { "profile", "email", "openid" };
string ClientId = [clientId of Azure Function];
string Tenant = [tenantId];
string Instance = "https://login.microsoftonline.com/";
var _clientApp = PublicClientApplicationBuilder.Create(ClientId)
    .WithAuthority($"{Instance}{Tenant}")
    .WithDefaultRedirectUri()
    .Build();
var accounts = _clientApp.GetAccountsAsync().Result;

var authResult = _clientApp.AcquireTokenInteractive(scopes)
            .WithAccount(accounts.FirstOrDefault())
            .WithPrompt(Prompt.SelectAccount)
            .ExecuteAsync().Result;
var bearerTokenForAzureFunction = authResult.IdToken;