Guide to deploy an Azure Function

Overview

Below is a full step‑by‑step guide to deploy an Azure Function using the Azure Portal UI.

Prerequisites

• Azure subscription: You must have access to a valid Azure subscription.
• Permissions: You need permission to create resources.

Before setup – Step 1: Create an External Connected App

Note: If you already have an external app configured, please skip this step

1. Basic Information: Please fill out the required fields.
2. App Policies: Start Page: OAuth
3. OAuth Policies:

• Plugin Policies
  Permitted Users: All users can self-authorize
  OAuth Start URL: https://login.salesforce.com/services/oauth2/authorize

• OAuth Flows and External Client App Enhancements
  Enable Client Credentials Flow: checked
  Run As: enter the username of an existing active Salesforce user
  (this field expects the user’s username, not a lookup)
• App Authorization
  Refresh Token Policy: Refresh token is valid until revoked
  IP Relaxation: Enforce IP restrictions
  
  

Other fields: Leave as default unless you have specific requirements

4. API(Enable OAuth Settings):  Enable OAuth = checked

App Settings:

• Set the Callback URL to: https://example.com/

(You will update this later in Step 3.)

• • Select These OAuth Scopes:
    • Full Access (full)
    • Perform requests at any time (refresh_token, offline_access)
    • Access and manage your data (api)
  • Check These Boxes:
    

• Flow Enablement

• • • Enable Client Credentials Flow

• Security

• • Require Secret for Web Server Flow
  • Require Secret for Refresh Token Flow

Before setup – Step 3: After saving

1. Click on the Settings tab.
   
2. Scroll down to OAuth Settings.

Click Consumer Key and Secret → copy both.
You will use these values for the next step.

Before setup – Step 4: Create an Auth. Provider

1. Go to Setup → Auth. Providers
   
2. Click “New”
   
3. Provider Type: Select Salesforce
   
4. Fill in the fields:
   

• Name: (e.g., sf)
• URL Suffix: (e.g., sf)
• Consumer Key: (use from from step 3)
• Consumer Secret: (use from from step 3)
• Authorize Endpoint URL: https://<your instance url>/services/oauth2/authorize
• Token Endpoint URL: https://<your instance url>/services/oauth2/token
• Default Scopes: refresh_token offline_access full
• Other fields: Leave as default unless you have specific requirements.
  

      5.Save

!!! After saving, Salesforce will generate a Callback URL (copy this, you’ll need it in the next step).!!!

Before setup – Step 5: Update the External Client App (Callback URL)

1. Return to your External Client App from Step 1
   
2. Click Edit Settings
   
3. In the Callback URL field, paste the Callback URL copied from the Auth. Provider (Step 4)
   
4. Save the changes

Setup – Part  1: Create a Function App via Azure Portal (UI)

• Sign in to Azure Portal
• Go to https://portal.azure.com and sign in with your Azure account.
• Start creating the Function App
• In the left menu, click Create a resource.
• Search for a Function App.
• Click Function App → Create

Select a hosting plan

• On the Select a hosting option page, choose the Hosting plan for the Function App.
• Flex Consumption(is selected by default)
• Functions Premium
• App Service
• Container Apps environment
• Consumption

Note: The hosting plan should be selected based on the expected traffic and architecture requirements. If no specific preference exists, the default option (Flex Consumption) can be kept.

Basics tab 

• Subscription: The subscription in which the Function App is created is selected
• Resource Group: A resource group is used to group and manage related Azure resources as a single unit (for example, for deployment, monitoring, and deletion). An existing resource group can be selected, or a new one can be created.
• Function App name: A globally unique name for the Function App is entered. This name forms part of the app’s default hostname.
• Region: The Azure region in which the Function App will be hosted is selected.
• Runtime stack / Version: The language and version are selected (for example, Node.js, version 22 LTS).
• Instance size: The memory size for each instance is selected (for example, 2048 MB).
• Zone redundancy: Zone redundancy determines whether instances of the app are distributed across multiple availability zones for increased reliability. When Enabled, the app’s instances are spread across zones; when Disabled, the app runs without zone redundancy in a single zone.

After all fields on the Basics tab are completed, the Next button is selected to continue to the next tab.

Storage tab

• Storage account
• Select an existing storage account, or create a new one.
• Blob service diagnostic settings
• Configure later: Set up advanced log and retention settings.
• Configure now: Enable basic monitoring.

Enable basic monitoring for the Blob service right away. If more advanced log and retention configurations are needed, they can be set up later.

After completing the fields on the Storage tab, click Next to continue to the next tab.

Azure OpenAI tab

• Enable Azure OpenAI(Optional)
  
  On the Azure OpenAI tab, you can choose whether to add an Azure OpenAI resource and vector database to your Function App:
  • Leave Enable Azure OpenAI unchecked if you do not need OpenAI or vector database features.
  • Check the box to enable Azure OpenAI if you plan to use intelligent app capabilities powered by OpenAI models.

After making your selection, click Next to continue to the next tab.

Networking tab

• Enable public access

Public access is applied to both main site and advanced tool site. Deny public network access will block all incoming traffic except that comes from private endpoints.

• On/Off

• Enable virtual network integration(Optional)

Virtual network integration allows your function app to make outbound calls from a private IP address of your virtual network. This is required for your app to access resources secured behind a virtual network

• On/Off

After completing your selections on the Networking tab, click Next to continue to the next tab.

Monitoring tab

Application Insights is an Azure monitoring service that helps track the performance, usage, and health of your Function App.
It automatically collects telemetry such as requests, errors, dependencies, and logs, allowing you to diagnose issues and understand how your application behaves in real time.

Enable Application Insights if you want built-in monitoring and diagnostics.
You can use the default settings or connect to an existing Application Insights resource.

After confirming your selection, click Next to continue.

Deployment tab

Continuous deployment is disabled.

This step is skipped because we will deploy the Function App using a ZIP file upload instead of GitHub Actions or automated pipelines.

Authentication tab

The Authentication tab settings are left as default.

All connected resources (storage and Application Insights) use the Secrets authentication type.
No changes are needed.

Click Next to continue.

Tags tab (Optional)

• Resource tags

On the Tags tab, you can optionally add name/value tag pairs to organize and categorize your Function App resources:

• Leave fields empty if no tags are needed.

Tags can be added later at any time.

Click Next to continue.

Review + created tab

On the Review + create tab, Azure displays a full summary of all selected configuration settings for your Function App.
Review the information to ensure everything is correct.

If any changes are needed, return to the corresponding tab and update the settings.

After reviewing the configuration, click Create to deploy the Function App.

Setup –Part 2: Deploy Code

Upload ZIP package

After the Function App is created, navigate to:

Function App → Deployment → Deployment Center → Settings

1. Under Source, select Publish files (new).
   
2. Upload a shared ZIP file containing the function code.
3. Click Save to start the deployment.

The Function App will automatically restart after the upload is complete.

After deployment finishes:“Function App → Overview → Functions.

• Your function name should appear in the list ( PeeklogicConnect).
  

Status should display Enabled.

The deployment process could take around 5 minutes. Also you will receive a notification about Successfull set up deployment.
If the function does not show up or something looks incorrect, you can review deployment messages in:

Deployment Center → Logs

This section shows upload status, errors, and diagnostic details to help identify any issues.

Environment Variables

Go to:

Function App → Settings → Environment variables

Add or update the following:

• SALESFORCE_BASE_URL

Your Salesforce org URL, for example:

https://your-salesforce-instance.my.salesforce.com

• SALESFORCE_CLIENT_ID

From the Salesforce External Connected App.

• SALESFORCE_CLIENT_SECRET

From the Salesforce External Connected App.

• ALLOWED_ORIGINS

Add all required origins. Include your Salesforce instance URL and your Function App URL.

http://localhost:3000,

https://login.salesforce.com,

https://dev.azure.com,

https://peeklogic.gallerycdn.vsassets.io,

https://your-salesforce-instance.my.salesforce.com,

https://your-function-app-name.azurewebsites.net

System values like

AzureWebJobsStorage,
APPLICATIONINSIGHTS_CONNECTION_STRING,
DEPLOYMENT_STORAGE_CONNECTION_STRING

must remain unchanged.

URLs should be added to CORS as well.