services / Azure / Function App authentication token
The Functions runtime/admin authentication token for a Function App, a bearer credential used to authenticate to and invoke the function host and key-management endpoints.
Returns usable credential material that grants control of the function runtime and can pivot to the app's identity.
Microsoft.Web/Sites/functions/token/read
Returns the Functions bearer token an attacker can replay to authenticate to and act as the function app, exfiltrating credential material and enabling lateral movement into the function identity/key store.
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Links
Contributed by P0 Security