At the time this was written, Azure Logic Apps were still in Preview. I was on a project where we needed to use an HTTP trigger for a logic app, but we didn’t want this endpoint to be exposed to the world. However, there was no way to lock down the endpoint.
So, I needed to come up with a workaround. The workaround consisted of inspecting the HTTP request headers for a specific header, and making sure it was the correct value. This was a little tricky to implement so I thought I’d do a blog post about it… and here we are!
The resulting POC logic app looked like this:
And here’s the code behind:
What the logic app does is first inspect the specific header (the “expression” line), and if the header value matches the key as shown, then it posts all of the request HTTP headers to a Requestb.in. If it fails validation, then the string “No way!” is posted to the Requestb.in.
I love the power of Logic Apps!