Supports API-Key or X-Functions-Key in API-based message extension

Brass Contributor

Hi all,

I am tring to imprement a Teams app with API-based message extension. The backend of the API is Azure Funtions HTTP trigger and requires an API key. The API-based message extension supports the API key authentiation, but the key is sent as Bearer token (Authtorization header). Unfortunately, Azure Funtions does not supports Bearer token. Also I tried to include an OpenAPI security schemas, but it was ignored. Some other API (e.g. OpenAI Service) accepts an API key with API-Key header. I think it is not common method to send an API key with Bearer token. I think it is helpful that the users can specifiy the authencation method (by OpenAPI spec, maybe).

4 Replies

@karamem0 - Could you please let us know what exactly you want to achieve here? Which functionality you want to be added/implemented?


My idea is Teams detects OpenAPI Security Schema when specified authType: apiSecretServiceAuth.

OpenAPI Specification v3.0.1 | Introduction, Definitions, & More



  "composeExtensions": [
      "composeExtensionType": "apiBased",
      "authorization": {
        "authType": "apiSecretServiceAuth",
        "apiSecretServiceAuthConfiguration": {
          "apiSecretRegistrationId": "9xxxxb0f-xxxx-40cc-xxxx-15xxxxxxxxx3"



"securitySchemes": {
  "apikeyheader_auth": {
      "type": "apiKey",
      "name": "X-Functions-Key",
      "in": "header"


@karamem0 - To achieve your requirements, we recommend you give your feedback in Teams Feedback Portal.


Thank you for replying, I will post the feedback.

As a workaround, I can convert Beaer token to X-Functions-Key header using APIM.

<set-header name="X-Functions-Key" exists-action="override">
    <value>@(Regex.Match(context.Request.Headers.GetValueOrDefault("Authorization",""), "^Bearer (?<key>.+)$").Groups["key"]?.Value)</value>