As the name mentions, this will be something, like a cloud service, that can be triggered based on HTTP(S) requests.
What is an HTTP trigger in Azure Functions?
Azure Functions HTTP trigger is a type of Azure Functions trigger that enables you to execute your serverless functions in Azure whenever HTTP(s) requests are made to a specific URL endpoint. This is commonly used for building APIs, webhooks, and other HTTP-based interactions.
An HTTP Trigger is the basic and most straightforward trigger of an Azure Function. For example, it provides a flexible way to build and deploy APIs, webhooks, and other HTTP-based services without the need to manage the underlying infrastructure.
Of course, we always need to take security into consideration! That being said, to execute the Azure Function triggered by HTTP(s) request, you always need to specify one of the following authorization types:
- Function: This stands as the default option for authorization. For this authorization type, a function-specific API key is mandatory.
- Anonymous: No API key is required in the case of the Anonymous Authorization type. There is no restriction, and anyone can access it.
- Admin: The master key is a prerequisite for accessing the Azure Function when using Admin authorization.
Although keys offer a default security measure, exploring alternative methods for securing an HTTP endpoint in a production environment is advisable. For instance, distributing shared secrets in public applications is discouraged and not a good practice. If a public client accesses your function, it’s worth contemplating the implementation of a different security mechanism. To comprehensively safeguard your function endpoints in a production setting, you should consider the adoption of one of the subsequent function app-level security options:
- Enable App Service Authentication/Authorization: On the App Service platform, you have the option to employ Azure Active Directory (AAD) as well as multiple third-party identity providers for client authentication.
- Use Azure API Management (APIM) to authenticate requests: Within APIM, there are multiple API security options available for handling incoming requests, such as OAuth, subscription keys, OpenID Connect, and mutual TLS.
In the event that you’re running the Azure Function locally, the authorization attribute won’t be taken into account. Once you publish your Azure Function into Azure, then the authorization will work.
How does an HTTP trigger work in Azure Functions?
Here’s how an HTTP trigger works in Azure Functions:
- Function Creation: You define a new Azure Function and specify that an HTTP request should trigger it. You also describe the HTTP method (GET, POST, PUT, etc.) that the trigger will respond to, and of course, you will define the authorization type.
- Endpoint Generation: When you create the HTTP-triggered function, Azure generates a unique URL endpoint for that function. This endpoint will be used to invoke the function via HTTP requests.
- Request Handling: Azure Functions automatically routes the request to the appropriate function when an HTTP request is made to the generated endpoint. The function code is executed to process the request. It will perform the necessary logic that was implemented, like accessing data sources, performing data manipulation, or triggering other actions.
- Response: The function can generate an HTTP response, which is returned to the client that made the initial request. This response can include data, status codes, headers, and other standard HTTP elements.
- Stateless: Azure Functions are stateless by design, meaning each HTTP request is independent, and functions do not maintain any persistent state between requests unless you use Durable Functions. This makes them suitable for handling individual HTTP interactions without worrying about managing server state.
- Scalability: Depending on the hosting plan you have used to host your Azure Function, it can scale out automatically, even during periods of high load (Consumption and Premium plan) or defined to Manual/autoscale (Dedicated plan).
How to create an HTTP trigger in Azure Functions
To create an HTTP-triggered Azure Function, you would typically follow these steps:
- Create a Function App: The Function App serves as the container for your functions, allowing you to organize them into a logical unit for simplified management, deployment, scalability, and resource sharing. You have the option to create a Function App through the Azure Portal by utilizing the Azure CLI, with Visual Studio, or with Visual Studio Code.
- Select Create a resource from the Azure portal menu or the Home page.
- On the New page, select Compute > Function App.
- On the Basics page, use the function app settings as specified in the following table:
- Subscription: The subscription you use to create your new function app.
- Function App name: Select a name to identify your newly created function app. Acceptable characters include a-z (not case-sensitive), 0-9, and –.
- Do you want to deploy code or container image?: Choose between publishing code files or a Docker container.
- Runtime stack: Opt for a runtime that is compatible with the function programming language you prefer.
- Version: Select the installed runtime version of your choice.
- Region: Opt for a region.
- Operating system: The operating system is automatically chosen for you according to your runtime stack selection, but you have the option to modify this configuration if needed.
- Hosting options and plans: Hosting plan that defines how resources are allocated to your function app.
- Add a New Function: Inside the Function App, add a new function and select the HTTP trigger template.
- From the Overview panel, select the Functions tab, and then select Create in the Azure portal.
- In the Create Function window, keep the Development environment property set to Develop in portal, and then go ahead to choose the HTTP trigger template. Define a proper name and Authorization level on the Template Details. Click Create.
- Configure Trigger: Specify the HTTP method (e.g., GET, POST) and other settings for the HTTP trigger.
- Once Azure creates the HTTP trigger function, you will be redirected to the Azure function page we created above. There, from the left tree, select the option Integration.
- Select HTTP (req) from the Trigger block on the Integration panel, and on the Edit trigger panel, under Selected HTTP methods, select the desired HTTP methods. And Save the changes.
- Function Code: Write the code for your function. This code will be executed whenever an HTTP request is made to the trigger’s endpoint.
- On the Azure function page, from the left tree, select the option Code + Test. Then, you can make the necessary changes to the code and click Save.
- Testing: You can test your HTTP-triggered function using tools like cURL and Postman or by directly accessing the function’s URL in a web browser.
- On the Azure function page, from the left tree, select the option Code + Test. You can also test our function from there by selecting the Test/Run option.
Creating and working with Azure Functions in Visual Studio offers a more integrated development experience. Here’s how you can work with HTTP triggers in Azure Functions created in Visual Studio:
- Create a New Azure Functions Project: Open Visual Studio 2020 and create a new project using the Azure Functions template. Choose the appropriate language (C# or other supported languages) and select the Azure Functions project type.
- From the Visual Studio Get Started window, select Create a new project.
- Within the Create a new project, type functions into the search box, then select the Azure Functions template, and select Next.
- Within the Configure your new project, provide a Project name for your project, and then click Next. Keep in mind that the function app name should conform to C# namespace requirements, so refrain from using underscores, hyphens, or any other non-alphanumeric characters.
- In Additional information, set the Function worker to be .NET 6.0 (Long Term Support). Leave the rest of the configuration as is and click Create.
- Once you’ve created an Azure Functions project, the project template takes the necessary steps of creating a C# project, installs the Microsoft.NET.Sdk.Functions NuGet package, and sets the target framework.
- Function Configuration: Configure the HTTP trigger settings such as the HTTP method (GET, POST, etc.), route, and other options as needed.
- After the project is created, one of the first things we need to do is give the function a proper name. By default, it is Function1, which is not desired.
- Specify the HTTP methods the function will accept. By default, they are GET and POST, as shown in the picture above in line 17.
- Function Code: Visual Studio will generate the function code template for you. You’ll see a method that handles the HTTP request and generates an HTTP response. You can modify this code to implement the desired functionality for your HTTP-triggered function.
- Add a New Function: Inside your Azure Functions project, you can always add a new function to the project by:
- Right-click on the project name (or any existing folder) and choose Add > New Azure Function.
- This will open an Add New Item – <soluction-name> window. From there, select Azure Function type (should be already selected by default), give the function a proper name, and click Add.
- In the New Azure Function – <name-function> window, select HTTP trigger as the template for your function and specify the Authentication level (Function, Anonymous, etc.) that controls who can access the function’s HTTP endpoint. Click Add.
- Testing and Debugging: You can run and debug your Azure Functions locally using Visual Studio’s built-in debugging tools. When you run the project, a local development server will be started, and you can access your HTTP-triggered function at a local URL. This allows you to test and troubleshoot your function’s behavior before deploying it to Azure.
- Publish to Azure: Once you are satisfied with how your HTTP-triggered function operates, you have the capability to push your Azure Functions project directly to your Azure subscription through Visual Studio. This operation will result in the deployment of your function code and configuration to Azure, thus enabling access to the Azure platform.
- Monitor and Manage: After deployment, you can monitor your Azure Functions’ performance, usage, and logs using Azure Portal or other monitoring tools. You can also update your function code in Visual Studio and republish changes as needed.
Using Azure Functions in Visual Studio offers a well-known development environment equipped with robust debugging and testing capabilities. It streamlines the process of creating, coding, testing, and deploying HTTP-triggered functions in Azure.
Use cases of HTTP trigger in Azure Functions
Azure Functions HTTP triggers offer a flexible and serverless solution for creating and deploying APIs, webhooks, and other HTTP-driven services, eliminating the need to manage the underlying infrastructure. But the sky is the limit… or your imagination. You can use them in many scenarios. Some of them may be:
- Lightweight Web APIs.
- Proofs of concepts.
- Add additional capabilities, simplify the overall process, or workaround limitations of cloud services like, for example, Logic Apps. In the Logic Apps context, we can use them to apply:
- Message transformations.
- Message Validation.
- Work as a set of Helper classes – common generic functions we use to perform a variety of tasks.
The concept of invoking cloud-based functionality through basic HTTP(s) requests and receiving immediate responses is quite appealing, particularly when we’re spared the task of overseeing the underlying infrastructure. Azure Functions offers support for functions triggered by HTTP(s) requests, making it effortless to implement scripted functionalities in the cloud, easily accessible via straightforward HTTP(s) requests.
One of the great advantages of choosing Visual Studio Tools for Azure Functions over creating them directly in the Azure Portal is that we will gain the capability to run functions on our local machine without the requirement to publish them to the cloud.