'How to configure signalR's connection string in the Function using the managed identity?

I have a Function App running on .net6 using the isolated worker. I have built the negociate Function which allows to return to an authenticated client the SignalR endpoint.

[Function("negotiate")]
public Task<HttpResponseData> NegotiateAsync
(
    [HttpTrigger(AuthorizationLevel.Anonymous, Verbs.Post)]
    HttpRequestData httpRequestData,
    [SignalRConnectionInfoInput(HubName = "updates", UserId = "{headers.x-ms-client-principal-id}")] 
    ConnectionInfo connectionInfo
)
{
    [...]

    HttpResponseData httpResponseData = httpRequestData.CreateResponse(HttpStatusCode.OK);
    httpResponseData.Headers.Add("Content-Type", "application/json");

    string originalConnectionInfo = JsonSerializer.Serialize(connectionInfo);
    await httpResponseData.WriteStringAsync(originalConnectionInfo);

    return httpResponseData;
}

I have activated the System-Assigned identity on the SignalR instance:

SignalR's system identity

I have set the role of SignalR App Server to the Function App (and its staging slot):

SignalR's App Server

Now, I have to specify the endpoint of SignalR to the Function App. Usually, it is set up in the configuration using either the default AzureSignalRConnectionString or a custom one. Following the procedure when accessing storage accounts using Managed Identity, I simply the URL in the AzureSignalRConnectionString setting such as https://<signalr-name>.service.signalr.net.

However I end up with the following error:

Exception while executing function: Functions.negotiate <--- Connection string missing required properties endpoint and accesskey. (Parameter 'connectionString')

Question

How do I configure signalR's connection string in the Function using the managed identity?

c++sharpazureazure-functions.net-6.0azure-managed-identity


Solution 1:[1]

To clarify, the support for Azure Identity in SignalR extension for isolated workers has not been released yet. For in-process model, SignalR trigger binding supports Azure Identity since 1.7.0-beta.1.

Solution 2:[2]

I just read the (unfortunate) solution in the documentation:

Oh no

So the answer is no, I can't use managed identity with a SignalR bindin in an Function running in the isolated worker. For now.

Update: added precision regarding the worker.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 sindo
Solution 2

Related Questions