azure-api-management

问题 I'll be so gratefull if you can help me with the following question: I´m resticting the access to use an API in APIM using groups, but I want to restrict even its operations for example: I have an API in APIM with the following operations: OperationA OperationB OperationC And the following groups of users: Group1 Group2 Group3 so the idea is to give access to the groups according some business rules for instance: Group1 (OperationA, OperationB) Group2 (OperationA) Group2 (OperationA

问题 I'll be so gratefull if you can help me with the following question: I´m resticting the access to use an API in APIM using groups, but I want to restrict even its operations for example: I have an API in APIM with the following operations: OperationA OperationB OperationC And the following groups of users: Group1 Group2 Group3 so the idea is to give access to the groups according some business rules for instance: Group1 (OperationA, OperationB) Group2 (OperationA) Group2 (OperationA

问题 I'm setting up an Azure API Management with with an ASP.NET WebApi 2 app behind it. API Management recommends setting up Basic auth between the API Management proxy and the ASP.NET WebApi to make sure the WebApi is only accessible through the API Management proxy. (Of course OAuth tokens will be still sent with requests for the "real" authentication, but I'll add that later.) With this in mind, I don't really want to implement the Basic auth in the application, I would like to have it handled

问题 I'm setting up an Azure API Management with with an ASP.NET WebApi 2 app behind it. API Management recommends setting up Basic auth between the API Management proxy and the ASP.NET WebApi to make sure the WebApi is only accessible through the API Management proxy. (Of course OAuth tokens will be still sent with requests for the "real" authentication, but I'll add that later.) With this in mind, I don't really want to implement the Basic auth in the application, I would like to have it handled

来源： https://stackoverflow.com/questions/56473786/how-to-upload-zip-file-from-api-management-to-blob-storage

来源： https://stackoverflow.com/questions/63983117/how-to-configure-azure-ad-to-allow-access-to-api-based-on-access-token

问题 I'm trying to call the API that I created by following these directions, I got to the point where I can call the API from Developer Portal using the JWT token. Now I'm confused, how will the angular client app get this JWT token in order to call the API? Currently, users of the angular app are in the Active Directory (same AD that was used in directions to set up the API). The sign-in process is done through MSAL library. When I try to get the token by calling acquireTokenSilent and try to

问题 We have an OData v4 API that we are putting behind an Azure API Management (AAM) service, but have run into a problem configuring the routes/oerations. In a nutshell, the issue is that AAM will reject a query for a route/operation unless it is explicitly configured (you get a 404 error), but with OData there can be a route for every attribute (property) of every operation (endpoint). The problem quickly becomes unmanageable. OData allows you to query an individual attribute/property (eg GET ~

问题 We have an OData v4 API that we are putting behind an Azure API Management (AAM) service, but have run into a problem configuring the routes/oerations. In a nutshell, the issue is that AAM will reject a query for a route/operation unless it is explicitly configured (you get a 404 error), but with OData there can be a route for every attribute (property) of every operation (endpoint). The problem quickly becomes unmanageable. OData allows you to query an individual attribute/property (eg GET ~

问题 With a simple policy below: <policies> <inbound> <cors> <allowed-origins> <origin>http://microfost.com/</origin> </allowed-origins> <allowed-methods preflight-result-max-age="300"> <method>GET</method> <method>POST</method> <method>PATCH</method> <method>DELETE</method> </allowed-methods> <allowed-headers> <header>content-type</header> <header>accept</header> <header>Authorization</header> </allowed-headers> </cors> </inbound> </policies> HTTP request OPTIONS https://XXXX.azure-api.net/demo