In some of my previous blogs here, we have seen how we could use Azure Functions to to automate processes and SharePoint workloads.
Most of these jobs run using elevated or stored privileged accounts as the Azure Function is in a different context than the user context. There are various ways we could setup these accounts. Some of these approaches are below:
- Azure AD Service Accounts
- Suitable for all operations
- Need access to resource
- Reusable across multiple workloads
- Azure AD Apps
- Suitable for Graph Access
- Need exact permissions set up
- Might need Tenant Admin authentication
- SharePoint App Accounts
- Suitable for SharePoint workloads.