I want to create a C # Azure function using an http trigger. I want to protect it with an API key , provide a separate key for each client, and the function should provide client-specific data, so you need to determine who calls it.
Can I use the Azure function APIs to identify the client, for example. get the name of the key that was transferred? Or is there no way to find out in the azure function which key was used to authenticate the request?
If there was a method like GetApiKeyName() , I could check the key name for a list of clients in my database and return different data based on who called this function. for example, imagine that I have a sales tracking system and my function is /api/GetMonthlySales . If client 1 calls the function using their API key, they should receive monthly sales, and if client 2 calls it, they will have a different amount.
If this is not possible, this means that I need to provide additional authentication data to each client so that they can go to each function call, for example. customer id and secret key. But that defeats the goal of using Azure APIs, right?
A similar scenario would be if I wanted to charge clients when they called my function. How to determine which client calls my function?
source share