{"id":1817,"date":"2022-02-02T13:23:40","date_gmt":"2022-02-02T21:23:40","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/azure-sdk\/?p=1817"},"modified":"2022-02-02T13:49:13","modified_gmt":"2022-02-02T21:49:13","slug":"introducing-azure-identity-support-in-the-azure-functions-signalr-extension-beta","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/azure-sdk\/introducing-azure-identity-support-in-the-azure-functions-signalr-extension-beta\/","title":{"rendered":"Introducing Azure Identity support in the Azure Functions SignalR extension **Beta**"},"content":{"rendered":"

The Azure Functions SignalR extension enables serverless integration with the SignalR Service. We’re excited to announce the release of version 1.7.0-beta.1<\/a> for .NET, which introduces Azure Identity integration. The required configuration is similar to what has been discussed for other Function extensions in Introducing the new Azure Function extension libraries **Beta**<\/a>.<\/p>\n

Configuration<\/h2>\n

With the Identity integration, a Function app can authenticate without providing a connection string in the Function configuration. This post discusses the required configuration in the Azure portal’s app settings section of your Function app. For more information on configuring app settings for Functions apps, see Manage your Function app<\/a>.<\/p>\n

General setup<\/h2>\n

Unless otherwise specified, each configuration option is powered by the DefaultAzureCredential<\/a> type. There are two ways you can configure the Identity connection settings for the SignalR extension:<\/p>\n

    \n
  1. As part of your Connection setting.<\/li>\n
  2. As part of your Endpoints settings.<\/li>\n<\/ol>\n

    The SignalR Service Owner role<\/a> is needed to use an Identity-based connection.<\/p>\n

    Connection setting<\/h3>\n

    You can configure the service URI in a custom connection setting or in the default connection setting AzureSignalRConnectionString<\/code>:<\/p>\n

    Custom connection setting:<\/strong><\/p>\n\n\n\n\n\n
    Name<\/th>\nValue<\/th>\n<\/tr>\n<\/thead>\n
    MyConnection__serviceUri<\/code><\/td>\nhttps:\/\/{SignalRHost}<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

    Default connection setting:<\/strong><\/p>\n\n\n\n\n\n
    Name<\/th>\nValue<\/th>\n<\/tr>\n<\/thead>\n
    AzureSignalRConnectionString<\/code><\/td>\nhttps:\/\/{SignalRHost}<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

    Here’s a simple Function that runs when a message is sent from the SignalR Service. This example specifies a custom connection string setting, MyConnection<\/code>, where we’ve configured the connection information.<\/p>\n

    [FunctionName(\"SignalRTriggerFunction\")]\r\npublic static void Run(\r\n    [SignalRTrigger(\"SignalRTest\", \"messages\", \"SendMessage\", ConnectionStringSetting=\"MyConnection\")] InvocationContext invocationContext,\r\n    [SignalRParameter] string message,\r\n    ILogger logger)\r\n{\r\n    logger.LogInformation($\"Receive {message} from {invocationContext.ConnectionId}.\");\r\n}<\/code><\/pre>\n
    You can still use connection string configuration by setting your connection setting to your connection string. This approach is demonstrated in the library’s README<\/a>.<\/em><\/p>\n
    Multiple endpoints setting<\/h3>\n
    You can also configure your service URI and other Identity settings per endpoint. The multiple-endpoint feature is only supported on the Persistent transport type.<\/p>\n\n\n\n\n\n\n
    Name<\/th>\nValue<\/th>\n<\/tr>\n<\/thead>\n
    Azure__SignalR__Endpoints__eastUs__serviceUri<\/code><\/td>\nhttps:\/\/{SignalRHost1}<\/td>\n<\/tr>\n
    Azure__SignalR__Endpoints__westUs__serviceUri<\/code><\/td>\nhttps:\/\/{SignalRHost2}<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
    When using multiple-endpoint configuration, the connection setting wouldn’t be specified in your Function:<\/p>\n
    [FunctionName(\"SignalRTriggerFunction\")]\r\npublic static void Run(\r\n    [SignalRTrigger(\"SignalRTest\", \"messages\", \"SendMessage\")] InvocationContext invocationContext,\r\n    [SignalRParameter] string message,\r\n    ILogger logger)\r\n{\r\n    logger.LogInformation($\"Receive {message} from {invocationContext.ConnectionId}.\");\r\n}<\/code><\/pre>\n
    For more information, see Multiple Azure SignalR Service Instances Support in Azure Functions<\/a>.<\/p>\n
    Advanced configuration<\/h3>\n
    In each of the preceding examples, the DefaultAzureCredential<\/a> type would be used by the extensions to attempt to authenticate with the service. It’s also possible to configure more fine-grained authentication. We’ll use the connection setting approach as an example. The same settings are available when using the endpoints setting.<\/p>\n
    To configure using Managed Identity, which uses the ManagedIdentityCredential<\/a> type:<\/p>\n\n\n\n\n\n\n\n
    Name<\/th>\nValue<\/th>\n<\/tr>\n<\/thead>\n
    MyConnection__serviceUri<\/code><\/td>\nhttps:\/\/{SignalRHost}<\/td>\n<\/tr>\n
    MyConnection__credential<\/code><\/td>\nmanagedIdentity<\/td>\n<\/tr>\n
    MyConnection__clientId<\/code><\/td>\n{myClientId}<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
    To configure using a client secret credential, which uses the ClientSecretCredential<\/a> type:<\/p>\n\n\n\n\n\n\n\n\n
    Name<\/th>\nValue<\/th>\n<\/tr>\n<\/thead>\n
    MyConnection__serviceUri<\/code><\/td>\nhttps:\/\/{SignalRHost}<\/td>\n<\/tr>\n
    MyConnection__tenantId<\/code><\/td>\n{myTenantId}<\/td>\n<\/tr>\n
    MyConnection__clientId<\/code><\/td>\n{myClientId}<\/td>\n<\/tr>\n
    MyConnection__clientSecret<\/code><\/td>\n{myClientSecret}<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
    And finally, to configure using a client certificate, which uses the ClientCertificateCredential<\/a> type:<\/p>\n\n\n\n\n\n\n\n\n
    Name<\/th>\nValue<\/th>\n<\/tr>\n<\/thead>\n
    MyConnection__serviceUri<\/code><\/td>\nhttps:\/\/{SignalRHost}<\/td>\n<\/tr>\n
    MyConnection__tenantId<\/code><\/td>\n{myTenantId}<\/td>\n<\/tr>\n
    MyConnection__clientId<\/code><\/td>\n{myClientId}<\/td>\n<\/tr>\n
    MyConnection__certificate<\/code><\/td>\n{myCertificateThumbprint}<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
    Conclusion<\/h2>\n
    The Functions SignalR extension enables serverless integration with the SignalR Service. By using Azure Active Directory configuration, you can avoid deploying secrets along with your app.<\/p>\n
    For more information about the Functions SignalR extension, see the README<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"
    Azure Identity support has arrived in the Azure Functions SignalR Service extension’s 1.7.0 Beta 1 release.<\/p>\n","protected":false},"author":55909,"featured_media":1815,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[701,765,841,24,856],"class_list":["post-1817","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure-sdk","tag-net","tag-azure-functions","tag-azure-identity","tag-releases","tag-signalr"],"acf":[],"blog_post_summary":"
    Azure Identity support has arrived in the Azure Functions SignalR Service extension’s 1.7.0 Beta 1 release.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/azure-sdk\/wp-json\/wp\/v2\/posts\/1817","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/azure-sdk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/azure-sdk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azure-sdk\/wp-json\/wp\/v2\/users\/55909"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azure-sdk\/wp-json\/wp\/v2\/comments?post=1817"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/azure-sdk\/wp-json\/wp\/v2\/posts\/1817\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azure-sdk\/wp-json\/wp\/v2\/media\/1815"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/azure-sdk\/wp-json\/wp\/v2\/media?parent=1817"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azure-sdk\/wp-json\/wp\/v2\/categories?post=1817"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azure-sdk\/wp-json\/wp\/v2\/tags?post=1817"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}