Reputation: 451
how to log jwt properties from azure apim?
I'm logging various context properties from APIM. One category of properties that can be logged from the context variable is "Jwt" with properties like Algorithm, Audience, Claims. However, when I try to log these properties from a policy, APIM returns the following error:
'IProxyRequestContext' does not contain a definition for 'Jwt'
I'm assuming that this is because Jwt is not configured for my particular test instance. Is there a way to make my logging conditional for this? Something like?:
if Jwt exists on context then log Jwt.Algorithm
Although Jwt is not configured for my local environment I think it may be configured for the production environment and my company would be interested in capturing this information.
Upvotes: 1
Views: 2809
Answers (3)
Reputation: 2260
The encoded jwt will be in the Authorization header of a request. AsJwt can parse that token into a Jwt object. (Search for the context variable jwt)
Your call will look like this:
context.Request.Headers.GetValueOrDefault("Authorization","").AsJwt()
Accessing a property of the Jwt object will look like this:
context.Request.Headers.GetValueOrDefault("Authorization","").AsJwt()?.Algorithm
Upvotes: 1
Reputation: 785
There is option to parse the Jwt and get the algorithm Use
Jwt AsJwt(input: this string)
This will return Jwt object, which has below values in it.
Algorithm: string
Audience: IEnumerable<string>
Claims: IReadOnlyDictionary<string, string[]>
ExpirationTime: DateTime?
Id: string
Issuer: string
NotBefore: DateTime?
Subject: string
Type: string
please find link below to know more details https://learn.microsoft.com/en-us/azure/api-management/api-management-policy-expressions
Upvotes: 2
Reputation: 16
There's no Jwt property on context. However there's AsJwt/TryParseJwt methods that convert string to Jwt object that does have properties you've mentioned (Algorithm, etc). So if some part of request/response contains string representing jwt you can do things like below in policy expressions:
JsonConvert.SerializeObject(context.Request.Url.Query["jwt"][0])
Upvotes: 0
Related Questions
- Azure APIM Validate JWT based on two different claims
- Azure AD Custom Claims in JWT
- Azure Functions App with APIM using Managed Identity - Authentication and Authorization
- JWT Validation Failing in Azure APIM
- Azure APIM sending logs to EventHub( WebSocketConnection selected). How to set it up?
- Unable to diagnose why Azure APIM fails to log to Event Hub
- Azure API Management policy caching of JWKs for JWT validation
- JWT Validation policy suddently not valid when changed to a different audience with Azure API Management
- is there a way to easily log all context information from within an azure apim policy?
- azure event hub logging policy context filtering?