.Net and Azure

Featureflags in Azure Web Apps


Feature flags are an easy way to toggle between different implementations.

They allow rolling out new features only to a certain part of the userbase or can turn off faulty new features instantly without a redeployment.

There are dozens of implementations and SaaS solutions for it, however in Azure Web Apps there is also direct support for using feature flags: The application settings override.

If you open your web app blade in Azure there is a “settings” section with one entry “Application settings”. On that blade you can scroll down to find the “App settings” section which contains the key/value pairs overrides (very concise naming, Azure).

Basically the key value/pairs entered there can be accessed by the website itself because they override any existing values.

The app settings can either be slot bound (don’t copy over when swapping slots) or not.

This allows you to pin certain featureflags to a specific slot (e.g. “AllowRealPushNotifications: false” on all but production slot to prevent accidently sending push notifications to all users).

Either way, the app settings (silently) override existing values in the web app settings provider.

Note that azure does not modify the web.config/appsettings.json. Instead the values are dynamically injected into the configuration provider at runtime.

For Asp.Net (classic) applications this means the appSettings section of the web.config.

And for Asp.Net Core application it affects the appsettings.json settings (this is the new settings provider in Asp.Net Core).

Since settings can be added arbitrarily in the new appsettings.json config (can even be split across multiple files) I decided to add a new section:

"FeatureFlags": {
    "AllowLegacyAuthentication": true,
    "AllowLegacyMotionController": true

To access them, the full path must be specified:

var legacyAuthVal = _configuration["FeatureFlags:AllowLegacyAuthentication"];
bool hasLegacyAuth = bool.Parse(legacyAuthVal);

In the Azure portal, I can now enter the same settings in the app settings section:

Azure feature flags (Using feature flags in Azure)

Note that I had to use the full “FeatureFlags:AllowLegacyAuthentication” path because I defined it as a subgroup in the appsettings.json. Thanks to dynamic reloading of the settings file the web app doesn’t even have to restart.

Now when I get around to updating the old motion controller, I can simple set these flags to false, and from that moment on, any requests to the motion controller will no longer use legacy auth but the new and improved auth.