Azure · Cloudintermediate

Azure Functions host.json

The global host.json for an Azure Functions app — Application Insights sampling, HTTP route prefix and concurrency, function timeout and retry policy — the runtime-wide behavior knobs.

azureazure-functionsserverlesshost-jsonlogging

Preview

{
  "version": "2.0",
  "logging": {
    "applicationInsights": {
      "samplingSettings": {
        "isEnabled": true,
        "maxTelemetryItemsPerSecond": 20,
        "excludedTypes": "Request"
      }
    },
    "logLevel": {
      "default": "Information",
      "Function.Host": "Warning"
    }
  },
  "extensions": {
    "http": {
      "routePrefix": "api",
      "maxConcurrentRequests": 100,
      "maxOutstandingRequests": 200
    }
  },
  "functionTimeout": "00:05:00",
  "retry": {
    "strategy": "fixedDelay",
    "maxRetryCount": 3,
    "delayInterval": "00:00:05"
  },
  "concurrency": {
    "dynamicConcurrencyEnabled": true,
    "snapshotPersistenceEnabled": true
  }
}

AI actions

Documentation

Purpose

Configure runtime-wide behavior for every function in a Functions app — logging, HTTP routing, timeouts, retries and concurrency.

When to use

Tuning a Functions app for production: controlling Application Insights cost via sampling, capping execution time, or shaping concurrency under load.

Required fields

  • version — the host.json schema version, "2.0" for the v2+ runtime

Optional fields

  • logging — Application Insights sampling and log level
  • extensions — per-binding settings such as http.routePrefix
  • functionTimeout — max duration a single execution may run
  • retry — the app-wide retry policy
  • concurrency — dynamic concurrency for scaling

Best practices

  • Keep Application Insights sampling on in production to control telemetry cost.
  • Set functionTimeout explicitly; the Consumption plan caps it at 10 minutes.
  • Use a retry policy for transient failures instead of custom try/catch loops.

Security considerations

  • Do not put secrets in host.json; use application settings or Key Vault references.
  • Scope the HTTP routePrefix and keep function-level auth keys out of source control.
  • Lower log verbosity in production to avoid leaking payloads into logs.