Advanced Application Settings - cgillum/easyauth GitHub Wiki
This page describes settings that are not included in the Azure Resource Management APIs. They are instead configured using application settings.
| App Setting Name | Allowed Values | Description |
|---|---|---|
| WEBSITE_AUTH_DISABLE_IDENTITY_FLOW | true or false |
When set to true, disables assigning the thread principal identity in ASP.NET-based web applications (including v1 Function Apps). This is designed to allow developers to protect access to their site with auth, but still have it use a separate login mechanism within their app logic. The default value is false. |
| WEBSITE_AUTH_ENCRYPTION_KEY | ||
| WEBSITE_AUTH_HIDE_DEPRECATED_SID | true or false |
|
| WEBSITE_AUTH_NONCE_DURATION | ||
| WEBSITE_AUTH_PRESERVE_URL_FRAGMENT | true or false |
When this setting is set to true and users click on links to your site which contain URL fragments, the login process will ensure that the URL fragment part of your URL does not get lost in the login redirect process. More details can be found in the "Linking to Anchors" section of this blog post. |
| WEBSITE_AUTH_SIGNING_KEY | ||
| WEBSITE_AUTH_STATE_DIRECTORY | ||
| WEBSITE_AUTH_TOKEN_CONTAINER_SASURL | A fully-qualified blob container URL | Instructs the auth module to store and load all encrypted tokens to the specified blob storage container instead of using the default local file system. |
| WEBSITE_AUTH_TOKEN_REFRESH_HOURS | Any positive decimal number | |
| WEBSITE_AUTH_TRACE_LEVEL | ||
| WEBSITE_AUTH_VALIDATE_NONCE | true or false |
|
| WEBSITE_WARMUP_PATH | Any relative URL path | This setting is intended for use when an unauthenticated client, such as Azure Traffic Manager, needs to access a specific path in the web app without requiring authentication. When set, any HTTP requests to the specified URL path will not be rejected by Easy Auth, regardless of the specified rules for unauthenticated clients. (NOTE: This app setting does not change the path used by AlwaysOn.) |