I have an Azure Function with Identity Provider Microsoft as Authentication. The Azure Function triggers when a post request is sent with an event from the webhook.
I am not 100% sure yet, how much I can configure the webhook other than that I can add an event, a body, and the url that the webhook should send the post request to. How can I give this webhook access to the Azure Function with oauth2 token? Is this easily achievable or is there something else I should do? Is it good enough to use Azure App Keys instead? And just add that to the webhook body.
Looking for tips on how to attack this task, as I am not very familiar with webhooks and authentication.
Webhooks are tricky to secure with Oauth because you typically need multiple requests to first fetch the token and then issue the actual request.
If the Azure Function key is sufficient security for your purposes (your infrastructure person if you have one should be able to weigh in on that) then use it. If you need to go oauth, I don't have a good solution for that.