azure-api-management

问题 I have the same API running multiple times connecting to different databases which represents the private data of each user that connects. I have one web site that authenticates with Active Directory to determine which user is connected. The same API calls are made whichever user is logged in, however, the host at the root of the API call needs to be dependent on the user logged in. How do I configure Azure API Management to route to the correct host depending on which user is logged in? A

问题 An example of what I am looking for is as follows but the allow-access element does not exist. What can I replace with so that the subscription key is not checked. i.e. in this case it would allow all callers access to the controller as long as they are making GET requests. <policies> <inbound> <base /> <choose> <when condition="@(context.Request.Method.Equals("GET"))"> <allow-access /> </when> </choose> </inbound> <backend> <base /> </backend> <outbound> <base /> </outbound> <on-error> <base

问题 I am working on microservice architecture and I want to aggregate data from two microservices. For example, Frontend calls the API Gateway and API Gateway calls two microservices Customer and Order microservices. Customer microservice returns customer details and Order microservice returns all ordered products by customer. This is the format returned by API Gateway after aggregation from two microservice using Ocelot or Azure API Management. Format 1 { "Customers":[ { "customerId":1001,

问题 On Azure API Management, I would like to use the subscription-key passed from the proxy to the service to identify the user behind the call. The only solution I can find is to get all subcriptions and filter on the primaryKey or the secondaryKey to finaly find the user with this REST API but it will be too long because I will have a lot of subscriptions. https://xxx.management.azure-api.net/subscriptions?api-version=2014-02-14 When I activate the trace to see how the message is handled by the

问题 On Azure API Management, I would like to use the subscription-key passed from the proxy to the service to identify the user behind the call. The only solution I can find is to get all subcriptions and filter on the primaryKey or the secondaryKey to finaly find the user with this REST API but it will be too long because I will have a lot of subscriptions. https://xxx.management.azure-api.net/subscriptions?api-version=2014-02-14 When I activate the trace to see how the message is handled by the

问题 We have an existing set of REST APIs (.NET Core). We have a requirement to expose these APIs as SOAP services, hopefully by using the Azure API Management. Is this possible? I have seen plenty of posts about exposing SOAP services as REST API, but not the other way around. 回答1: When you SOAP API as REST in APIM all it does is creates a bunch of policies for operations to process request/response payload on the fly and convert JSON to XML. Even though there is no wizard to create

问题 I was trying to implement AAD in my APIM instance based on this article and this article. Unfortunately when it came down to Developer console, right after I picked Authorization code as the Authorization method a popup showed up and showed me the following error: AADSTS900144: The request body must contain the following parameter: 'scope'. It failed on https://login.microsoftonline.com/{Directory (tenant) ID }/oauth2/v2.0/authorize?response_type=code&client_id={client id}&redirect_uri=https:

问题 I have multiple Web APIs deployed in Azure without applying authentication, so anyone has access to internet has the access to the Web APIs. Now I would like to apply authentications to the Web APIs, instead of implementing the same authentication logic in different Web APIs, I found Azure API gateway (API management) is a potential solution. With Azure API management documentation, I learned I can apply policies like validate-jwt to authenticate requests to back end Web APIs. However,

问题 I have multiple Web APIs deployed in Azure without applying authentication, so anyone has access to internet has the access to the Web APIs. Now I would like to apply authentications to the Web APIs, instead of implementing the same authentication logic in different Web APIs, I found Azure API gateway (API management) is a potential solution. With Azure API management documentation, I learned I can apply policies like validate-jwt to authenticate requests to back end Web APIs. However,

问题 I'll be so gratefull if you can help me with the following question: I´m resticting the access to use an API in APIM using groups, but I want to restrict even its operations for example: I have an API in APIM with the following operations: OperationA OperationB OperationC And the following groups of users: Group1 Group2 Group3 so the idea is to give access to the groups according some business rules for instance: Group1 (OperationA, OperationB) Group2 (OperationA) Group2 (OperationA