Reputation: 709
How to use azure api management to do custom access token check and enrich data in request
All the incoming request to api management will have a token in a header, before backend service is hit token has to be verified. To verify token a GET tokenVallidationApi is to be hit and the response will tell us whether the token is valid or not. If the response exists for token validation , we have to take out few entries from response and enrich the body/header to hit the backend api. I am very new to api management tool and just figuring out how can we achieve this with azure api management?
Upvotes: 0
Views: 603
Answers (1)
Reputation: 6647
This is possible. You would have to implement your policies like something below
1. Validate Token
For this, you would first call the validation endpoint using send-request. You could also implement caching using value caching policies for multiple requests.
The doc also highlights how you can extract value from the response body.
2. Transform Body & Headers
For headers, you would use the set-header policy and for the body, you would use the set-body policy.
Upvotes: 4
Related Questions
- API Management Basic Authentication
- Validating Authorization token in incoming requests with Azure API management and third party Authorization Server
- custom header conditions APIM policy
- How to add custom header in Azure API Management before making a call to the backend
- Using azure API management restrict the api call based on the JWT token claim
- Authenticate Against Azure API Management
- Manage authorization with Azure API Management and Function App as back-end
- Custom Auth Policy
- Generate Access Token and validate against IdentityServer4 through Azure API Management
- How to include token in policy in azure api management?