Skip to content

AZT603.1 - Service Principal Secret Reveal: Function App Settings#

If a Function App is using a service principal for authentication, an adversary may manipulate the function app logic to reveal the service principal's secret in plain text.


Function App


  • Microsoft.web/sites/functions/read
  • Microsoft.Web/sites/read
  • Microsoft.Web/sites/config/list/action


Detection Details#

No logs are generated when retrieving the settings of a function app.