Reputation: 864
Calling Azure API Management from UI
This seems a simple question for whoever already implemented Azure API Management integration with UI i.e. Angular/HTML project. My question is that if we need to call an API in Azure, 1st need to call Azure API Management URL using it's security key. But UI is passing this Key and from browser any one can see the key using F 12 . API Management isn't integrated with Azure AD.
So how we can securely call the API Management from UI, if API Management isn't integrated with Azure AD?
Upvotes: 1
Views: 868
Answers (1)
Reputation: 1051
There is no point calling API Management itself - you are calling some API that sits behind APIM. So, get a token for that API and use that in the call. You can then configure APIM to validate that tokenand perhaps use a different method to authenticate itself to your API or pass it on. Your API would then need to validate it. In other words, you still need to secure the APIM to your API call.
APIM subscription key is not an authentication feature.
Use MSAL.JS to get a token in your app.
Upvotes: 2
Related Questions
- API Management Basic Authentication
- Azure API Managment - Configure operations through Code
- Enable API Management access to the REST API with ARM template
- Azure API Management CORS Issue
- Is it possible to configure API Management through customization UI (calling REST API)?
- Get Authorization token to call API
- How Do I Call Azure API Management From React?
- Azure API Management passthrough to backend service
- Use Azure Api Management as a passthrough
- Azure API Management REST API User