Skip to content

When are the scopes, as given in "Microsoft Account Authentication Settings" being used? #958

Description

@nils-a

I was redirected here by @MicahMcKittrick-MSFT, commig from https://social.msdn.microsoft.com/Forums/en-US/4430250b-dfe8-4eba-aa15-ef55f43e608e/when-are-the-scopes-as-given-in-microsoft-account-authentication-settings-being-used?forum=AzureFunctions

Originally I raised my question at https://github.com/MicrosoftDocs/azure-docs/issues/11744

To repeat the question:

Regarding an azure function, when securing the function using "Authentication / Authorization", after selecting the Authentication Provider "Microsoft Account" there is a page which contains a ClientId, ClientSecret and some Scopes.

image

The question is: When are the given scopes being used? Are they somehow enforced, when accessing the function? Or are they only used when the "Action to take when request is not authenticated"-Setting is set to "Log in with Microsoft Account"?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions