Add feature to accept insights data only sent from domain in the allowed list
If somebody takes my Instrumentation key, they can use it to upload junk data to my App Insights.
With Google Analytics you can create a white list of domains from which data will be accepted. Any data incoming from any other domain is simply rejected.
I was hoping for AI to have this as well, but I didn't find it in my settings...
More than 2 years on, I feel this feature is essential. I also recall that there is no way to change the Instrumentation Key for an AI resource. I would ideally like all SDKs to support authentication using either an API key (so I can also delineate origins) or integrate with AAD.
I would go so far as to draw parallels between Instrumentation Key and Subscription I. Since no operation in the management plane is allowed just with the knowledge of the Subscription Id, I feel just the knowledge of the Instrumentation Key must not allow users to enter metrics into AI resources, there must be additional authentication.