azure-api-management

问题 I have added an Azure Active Directory Identity Provider to my APIM (from an AAD in a different tenant). I have used that to successful add an Azure Active Directory Group to my APIM. I now want to check if the user is part of that group. When I use APIM Users/Groups I can do that check with this policy, but when I use Active Directory this policy always fails with a 401. <policies> <inbound> <choose> <when condition="@(context.User.Groups.Select(g => g.Name).Contains("org1"))"> <set-backend

问题 Using Powershell, how to you add a version to an azure api management API? Im using New-AzureRmApiManagementApi to create the API, and using version 5.1.2 of AzureRM.ApiManagement 回答1: To add the module version you can use the command Install-Module -Name AzureRM.ApiManagement -RequiredVersion 6.0.0 For further information check this link PowerShell gallery 回答2: I have implemented an Azure API Management Version Set under APIM via Azure REST API in PowerShell. With reference of Api-versioning

问题 I have a backend API I want to proxy by using Azure API Management. This backend API requires me to provide a Bearer Oauth2 token. I want to use Azure APIM to handle the Oauth2 flows for me, and I want to expose a very simple API that will be consumed by client apps. I want to avoid my client App to use Oauth2. How can I handle it with APIM? I found a lot of samples demonstrating how to protect a backend API with Oauth2, but it is not the use case I'm trying to implement. Thanks. 回答1: Here is

问题 I have multiple App Services inside my App Service Environment. Lets call them A, B and C. I also have a Azure Api Management inside the same VNet where the App Service Environment is located. What I need is to let Api Management reach A, B and C. I also need to have communication between App Service A and B. Can this be done without using own DNS server? If so, how? 回答1: You should be able to use the FQDN of each app, a. asebaseurl , b. asebaseurl , etc. If you are going through another

问题 This question already has answers here : How to use a variable when returning response in policy definition? (2 answers) Closed 2 months ago . I have two APIs added to Azure API Management. It's basically the same API, but for different environments. For monitoring purposes, I want to create an operation that would call the same method in both of the APIs and merge their result into one. I currently work on mocked APIs with mocked data. To achieve that I created a blank API with a blank

问题 If I look at the below URl for restricting IP Address in API Management with its policy "IP-Filter", we can either limit single IP Address or a range. Is there a way I can filter different IP Address like 172.2.2.2, 122.2.2.4, 134.2.2.3? https://docs.microsoft.com/en-us/azure/api-management/api-management-access-restriction-policies#RestrictCallerIPs Thanks and Regards, Manu 回答1: Graphical interface allows you to add many IP addresses in "Filter IP addresses" policy. It's changed to the

问题 I'm willing to log stuff from my Azure Api Management into an eventhub using policies. I'm following this documentation : https://docs.microsoft.com/en-us/rest/api/apimanagement/logger/createorupdate Here is my HTTP Request (using Postman): PUT /subscriptions/3f0a0802-0a42-4a73-82b2-094d41acd70a/resourceGroups/GRP-Poc-BilanHydrique/providers/Microsoft.ApiManagement/service/WaterBalance/loggers/end-user-logger?api-version=2017-03-01 HTTP/1.1 Host: management.azure.com Authorization: {my token}

问题 I have a very basic setup: APIM + SF with WebAPI Stateless Service (Kestrel). Just trying to make this POC work. Unsuccessful so far... :( Following the available instructions I got to the point, where I am having problems with the APIM inbound policies... What am I supposed to use for the backend-id? Besides the "servicefabric" one (from examples), I have tried probably all of the options from my "service fabric" instance metadata. It keeps coming back to me with: "Backend with id 'whatever

问题 I have an external endpoint which is going to hit the Azure API gateway and that would route it to the backend API which is protected by IdentityServer4 authorization. I am getting the access token if I hit it through the Postman client with the interactive UI from IdentityServer. Is there a way I can get the access token required from the Azure API Management to validate against the IdentityServer4 and append it to the header in the request to the backend API? 回答1: Yes it is possible to

问题 I'm trying to get api management sku condition using REST API but it doesn't work by occuring 401 Unauthorized error. However, I verified that the SAS is valid by trying to execute other API Management REST API. I have no idea, please help me. *API URL=https://management.azure.com/subscriptions/mysubid/resourceGroups/myrg/providers/Microsoft.ApiManagement/service/myservice API_VER=2017-03-01 SAS="**Generate by APIM Publisher portal**" curl -i GET "$URL?api-version=$API_VER" -H "Authorization: