209 votesunder review · 7 comments · Networking » Content Delivery Network · Flag idea as inappropriate… · Admin →
We have created an early public preview of OpenID Connect support, allowing you to bring your own OIDC provider: https://docs.microsoft.com/azure/app-service/configure-authentication-provider-openid-connect
If you have an OIDC provider you wish to use, we encourage you to try out this path. There are still some rough edges to the preview, but we’re hoping to smooth those out soon.
Given that a Azure AD B2C tenant should only be used for configuring Azure AD B2C, would having programmatic API’s to configure all of the Azure AD B2C settings be useful or is there more that you are looking to achieve using ARM templates?
1 voteTamas shared this idea ·
We definitely recognize the popularity of this feature, and we discuss it constantly during the planning phases. However there are certain technical limitations in the system that add a large amount of development cost. Because of the cost and the fact that there is a workaround available, other features get prioritized over this one.
That being said, please keep voting for it. The popularity of the feature does help bring it up and makes us reconsider every time.
Apologies for the delay.
We’re doing some research both on the specifics of this ask as well as what it would take to support this.
Is the ask here to do the same thing that regular Azure AD does (see: https://blogs.technet.microsoft.com/enterprisemobility/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles/) or is are there different requirements around this for Azure AD B2C?
Thank you for the continued feedback on this request. We’re evaluating this support in the context of various storage services and connectivity mechanisms.
An error occurred while saving the commentTamas commented
Serving static pages from a blob is a mess. Cannot specify default content and SSL is not possible using custom domains.
Why I need SSL? Now that's a different story:
I'm using Azure B2C directory and Azure functions. B2C is only allowing HTTPS callbacks. Which is a bit too strict. There is one usecase where it is not necessary:
I have a single web page application and the token is returned using html anchors. (#hash). The connection to B2C is under https, so as the redirect directive when the authentication was finished.
Then the next GET won't include the part of the URL after the #, so it will never leave the browser, only the app could read it (then redirect away from it).
Leaving as started becasue we don’t have full docs out yet but this is completed. Just need to document and provide samples
Here’s the latest as there seem to be 2 types of ask here and so two seperate updates. Need comments for if this issue should close to be focused on one or other:
1. I want to control how many calls my function can make to another API (the 3rd party API rate limiting).
– In all plans we now have a way to specify the max instances. This can limit how far a function app instance can scale: https://docs.microsoft.com/en-us/azure/azure-functions/functions-scale#limit-scale-out
2. I want to stop my function from triggering more than x times an hour.
Nothing planned in this in the short term. Using API Management for HTTP functions with throttles would be our recommendation for HTTP, nothing out of box for non-HTTP triggers yet.
Just since it’s been a while, I wanted to reconfirm that this is planned.