What Changed
The Fortinet FortiGate Next-Generation Firewall solution Playbook Function App authentication level was changed from “anonymous” to “function” in the mainTemplate.json deployment template. Additional packaging updates include a storage account API version bump and updated release notes.
Security Impact
Before this fix: The Playbook Function App HTTP trigger accepted anonymous requests, creating an authentication bypass risk where any external entity could invoke the automation workflows without credentials.
After this fix: Function-level authentication is required, meaning callers must provide a valid function key to trigger the Playbook workflows.
This change eliminates unauthorized access to FortiGate automation functions and aligns with security best practices for Azure Function App deployments. SOCs using this solution should update to ensure their SOAR automation endpoints are properly authenticated.
Affected Files
(packaging artefacts: 3.0.9.zip, ReleaseNotes.md, mainTemplate.json)