You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-signalr/howto-use-managed-identity.md
+3-10Lines changed: 3 additions & 10 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -21,7 +21,7 @@ This article shows you how to create a managed identity for Azure SignalR Servic
21
21
22
22
## Prerequisites
23
23
24
-
To use a managed identity, you must have the following:
24
+
To use a managed identity, you must have the following items:
25
25
26
26
- An Azure subscription. If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
27
27
- An Azure SignalR resource.
@@ -61,8 +61,6 @@ To add a user-assigned identity to your SignalR instance, you need to create the
61
61
## Use a managed identity in serverless scenarios
62
62
63
63
Azure SignalR Service is a fully managed service. It uses a managed identity to obtain an access token. In serverless scenarios, the service adds the access token into the `Authorization` header in an upstream request.
64
-
> [!NOTE]
65
-
> QUESTION: Is this a specific type of upstream request? If so, we should say so.
66
64
67
65
### Enable managed identity authentication in upstream settings
68
66
@@ -71,9 +69,7 @@ Once you've added a [system-assigned identity](#add-a-system-assigned-identity)
71
69
1. Browse to your SignalR instance.
72
70
1. Select **Settings** from the menu.
73
71
1. Select the **Serverless** service mode.
74
-
1. Enter the upstream URL pattern in the **Add an upstream URL pattern** text box.
75
-
> [!NOTE]
76
-
> QUESTION: Where do I get the upstream URL pattern?
72
+
1. Enter the upstream URL pattern in the **Add an upstream URL pattern** text box. See [URL template settings](concept-upstream#url-template-settings)
77
73
1. Select Add one Upstream Setting and select any asterisk to get into a detailed page as shown below.
@@ -112,10 +108,7 @@ You can easily set access validation for a Function App without code changes usi
112
108
1. Navigate to SignalR Service and follow the [steps](howto-use-managed-identity.md#add-a-system-assigned-identity) to add a system-assigned identity or user-assigned identity.
113
109
1. go to **Upstream settings** in SignalR Service and choose **Use Managed Identity** and **Select from existing Applications**. Select the application you created previously.
114
110
115
-
> [!NOTE]
116
-
> QUESTION: What application was created previously? The Function App?
117
-
118
-
After configuring these settings, the Function App will reject requests without an access token in the header.
111
+
After you configure these settings, the Function App will reject requests without an access token in the header.
119
112
120
113
> [!IMPORTANT]
121
114
> To pass the authentication, the *Issuer Url* must match the *iss* claim in token. Currently, we only support v1 endpoint (see [v1.0 and v2.0](../active-directory/develop/access-tokens.md)).
0 commit comments