Application Settings in Azure Functions
Overview
Application settings provide the mechanism for storing configuration values that your Azure Functions can access at runtime. These settings function like environment variables, allowing you to modify your function's behavior without changing code. Proper configuration management is essential for maintaining secure, maintainable, and environment-specific function deployments.
What You'll Learn
- Configuring settings for local development using local.settings.json
- Managing settings in Azure through the portal and CLI
- Accessing configuration values from your function code
- Implementing Azure Key Vault for secure secret storage
- Following best practices for configuration management
Why Application Settings Matter
Application settings enable you to:
- Separate configuration from code - Change behavior without redeploying
- Support multiple environments - Different settings for dev, staging, production
- Secure sensitive data - Store connection strings and API keys securely
- Enable CI/CD - Inject settings during deployment
Local Development: local.settings.json
File Location
Project root folder
Structure
{
"IsEncrypted": false,
"Values": {
"AzureWebJobsStorage": "UseDevelopmentStorage=true",
"FUNCTIONS_WORKER_RUNTIME": "dotnet",
"MySetting": "MyValue",
"ConnectionString": "..."
},
"Host": {
"LocalHttpPort": 7071,
"CORS": "*"
}
}
Use in Code
public class MyFunction
{
[Function("HttpTrigger")]
public IActionResult Run(
[HttpTrigger(AuthorizationLevel.Function, "get", "post")] HttpRequest req,
ExecutionContext context)
{
var mySetting = Environment.GetEnvironmentVariable("MySetting");
var config = context.Configuration;
var value = config["MySetting"];
return new OkObjectResult($"Setting: {mySetting}");
}
}
Azure: Configuration
Via Portal
- Go to Function App
- Click Configuration in left menu
- Add new application setting
- Click Save
Via CLI
az functionapp config appsettings set \
--resource-group my-rg \
--name my-function \
--settings MySetting="MyValue" ConnectionString="..."
Environment Variables in Code
.NET (In-process model)
// Option 1: Direct
string setting = Environment.GetEnvironmentVariable("MySetting");
// Option 2: Options pattern
public class MyOptions { public string Value { get; set; } }
[Function("MyFunction")]
public IActionResult Run(
[HttpTrigger(AuthorizationLevel.Function, "get")] HttpRequest req,
IOptions<MyOptions> options)
{
return new OkObjectResult(options.Value.Value);
}
.NET (Isolated worker model)
public class MyFunction
{
private readonly IConfiguration _configuration;
public MyFunction(IConfiguration configuration)
{
_configuration = configuration;
}
[Function("MyFunction")]
public IActionResult Run([HttpTrigger(AuthorizationLevel.Function, "get")] HttpRequest req)
{
var value = _configuration["MySetting"];
return new OkObjectResult(value);
}
}
Azure Key Vault References
Store secrets in Key Vault, reference in app settings.
1. Enable Managed Identity
- Function App → Identity
- Turn on "System assigned"
2. Create Key Vault
az keyvault create \
--name my-keyvault \
--resource-group my-rg \
--location eastus
3. Add Secret
az keyvault secret set \
--vault-name my-keyvault \
--name my-secret \
--value "secret-value"
4. Grant Access
az keyvault set-policy \
--name my-keyvault \
--object-id <function-app-principal-id> \
--secret-permissions get
5. Reference in App Settings
Key: ConnectionString
Value: @Microsoft.KeyVault(SecretUri=https://my-keyvault.vault.azure.net/secrets/my-secret/)
Best Practices
- Never commit secrets - Don't put keys in git
- Use Key Vault - Store sensitive values in Key Vault
- Use different settings - Separate dev/prod configs
- Naming convention - Use prefixes like
APP_,AZURE_
Connection Strings
Azure Functions automatically handles some connections:
| Setting | Used For |
|---|---|
AzureWebJobsStorage | Function runtime, triggers |
WEBSITE_CONTENTAZUREFILECONNECTIONSTRING | Deployment files |
AzureWebJobs_<TriggerName> | Specific trigger |
Azure Integration Hub - Beginner Level