Azure Functions App Key

Description

General

Documentation: https://learn.microsoft.com/en-us/azure/azure-functions/function-keys-how-to?tabs=azure-portal#use-access-keys
Summary: Azure Functions is a compute-on-demand service. Azure functions app keys can be used in an x-functions-key header to authenticate requests to trigger functions. This detector finds these keys.
IPs allowlist: See IP address restrictions
Scopes: Keys are specific to an App.

Revoke the secret

Keys can be rotated from the App's 'App keys' tab

Check for suspicious activity

Azure gives access to detailed logs, see Azure platform logs.

Details for `Azure functions app key header`

Family: Api
Category: Cloud Provider
Company: Microsoft
High recall: False
Validity check available: False
Analyzer available: False
Minimum number of matches: 1
Occurrences found for one million commits: 0.3
Prefixed: False
PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - azure
- type: ContentWhitelistPreValidator
  patterns:
    - functions?[_.-]?key

Examples

- text: |
    azure.headers("x-functions-key", "KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw==")
  apikey: KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw==

- text: |
    url = azurewebsites.net/api
    functionKey = "KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw=="
  apikey: KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw==

Details for `Azure functions app key query parameter`

Family: Api
Category: Cloud Provider
Company: Microsoft
High recall: False
Validity check available: False
Analyzer available: False
Minimum number of matches: 1
Occurrences found for one million commits: 12.1
Prefixed: False
PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - azure
- type: ContentWhitelistPreValidator
  patterns:
    - '[?&]code='

Examples

- text: |
    https://company.azurewebsites.net/api/function?code=KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw==
  apikey: KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw==

- text: |
    url = azurewebsites.net/api
    route = "/function?code=KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw=="
  apikey: KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw==

Azure Functions App Key

Description

General

Revoke the secret

Check for suspicious activity

Details for `Azure functions app key header`

Examples

Details for `Azure functions app key query parameter`

Examples

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Description​

General​

Revoke the secret​

Check for suspicious activity​

Details for Azure functions app key header​

Examples​

Details for Azure functions app key query parameter​

Examples​

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Subscribe to our newsletter

Description

General

Revoke the secret

Check for suspicious activity

Details for `Azure functions app key header`

Examples

Details for `Azure functions app key query parameter`

Examples