Scenario: AppInsights resources created on the Azure portal each of them associated with a relative FunctionApp. All the AppInsights are bound to a same Log Analytics workspace. The FunctionApps make calls to log.LogInformation().
Problem: I have to access the logs of those FunctionApps using a REST API and a client application registered on MS Entra (Azure AD) and I don't know if it's gonna work.
Information and details
I can successfully query endpoint https://api.applicationinsights.io to get the Function logs using an API Access Key generated for the Application Insights. You can see how I do the thing with Postman.
Unfortunately the API Access Keys will be retired in March 2026 and I shall make use of MS Entra ID.
The link in the image above says that there are some unsupported scenarios:
Plus, I can get the logs using API https://api.loganalytics.io too and a personal bearer token (the one I get loggin with my username).
Questions are
- Can I get the same logging information using a client application registered with Microsoft Entra? Can the bearer token obtained by a client application access this logging information?
- In other words: is my scenario supported or could be defined as "On-by-default autoinstrumentation/codless monitoring"?
Other details
I only have to query for data and not to submit telemetry to Application Insights. My FunctionApp has both env variables:
- APPINSIGHTS_INSTRUMENTATIONKEY
- APPLICATIONINSIGHTS_CONNECTION_STRING (holding instrumentation key too)
I've also seen this here on StackOverflow Query Application Insights via Azure REST API but my scenario is not included.