![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 35%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
5,526 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 16%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Hi @Gagandeep Singh,
Adding the default GUID (00000002-0000-0000-c000-000000000000) to your Azure Function's allowed audience may allow tokens intended for Microsoft Graph or other services to access your function, posing a security risk. It's better to specify a more targeted audience and scope in the token request, ensuring the token is meant for your application or API. In Azure AD v2.0, you can specify custom scopes to ensure the token is valid for your function and more securely manage authentication, instead of relying on the default GUID.
For further clarification, please refer to the following documentations:
- Manage tokens for Zero Trust
- Acquire and cache tokens using the Microsoft Authentication Library (MSAL)
I hope this helps resolve your issue. Feel free to reach out if you have further concerns.