GitHub Copilot Customization Explained for Beginners: Instructions, Prompt Files, Skills, Agents, and Hooks  Introduction If you've recently started using GitHub Copilot, you've probably come across terms like Instructions , Prompt Files , Skills , Agents , and Hooks . At first glance, they all seem to do the same thing—they tell Copilot what to do. So why does GitHub have five different customization features? The answer is simple: each feature solves a different problem. Think of GitHub Copilot as a new developer joining your team. On their first day, you don't just hand them code. You explain your coding standards, give them reusable templates, teach them specialized knowledge, assign them a role, and automate repetitive tasks. That's exactly how GitHub Copilot customization works. In this article, you'll learn what each feature does, when to use it, and how they all work together. By the end, you'll know which feature to start with and which ones can wait un...

Authenticate Azure Functions - API Keys

In this blog post, we will see one of the ways to secure your Azure Functions using API keys. Security plays a key role as part of SDLC (Software Development Life Cycle) doesn't matter whether it's exposed to the client/public or even if it's internal. There are multiple ways to secure your Azure Functions like API Keys, Certificate,  API Mgmt, App Service Authentication, etc. If you are new to the Cloud and Azure Functions but want to make a start with minimal effort and less setup of Infrastructure, then API Keys is the ideal choice.

Azure Functions allows you to secure HTTP-triggered functions by API access key in the request. As part of creating new Azure Functions, we can select the Authorization Level enum value. If we set the Authorisation level to Anonymous, no security applied which means no authentication applied for the endpoint.

Authorization Level - Function

By setting the Authorisation level to Function each Azure Functions require a specific API key to Authorize. Each deployed instance of Azure Function will have its own keys. A Host API key allows access to any function within the function app.

Authorization Level - Function


As part of creating Azure Functions with Authorization level - Function, the default key will be created named "default" as shown in the below screenshot. If you want to add your own custom key you can do it by navigating under "Functions" - "Function Keys" blade in the Azure portal. The below screenshot shows both the default key and the custom key (created manually).

Function Keys

Using Postman let's quickly verify. As part of the request passing in the header API Key value for the header name "x-functions-key" should work for us. As mentioned above you can verify the same using custom API keys or Host key as well.

Verify using Postman

Note: The Function level should be used if you want to give other systems or users access to this specific Azure Function in your deployment.

Authorization Level - Admin

If you are looking for a single API key for all your Azure Functions in the deployment then make use of Authorization Level to Admin. 

Authorization Level - Admin

From the Azure Portal we can set Admin API Keys for all Azure Functions as shown below. Using Postman you can verify the request by passing in the header API Key value for the header name "x-functions-key" should work for us. 

Authorization Level - Admin



References

Comments

Popular posts from this blog

Tidy up - Unused Project and Nuget package reference using Visual Studio 2019

Azure Front Door vs Azure Traffic Manager?