Reputation: 2434
Is There a Way to Restrict Azure API Management Endpoint By Subscription?
In Azure API Management, is it possible to restrict an endpoint for an API by a subscription?
I know it's possible to restrict access to the whole API/Product by subscription, but can that be filtered down even further such that a subscription could be limited to specific endpoints of an API?
Upvotes: 3
Views: 1508
Answers (1)
Reputation: 641
Restricting access for specific endpoints can be achieved using policies, and more specifically through the use of the Validate JWT policy. It allows authorizing access to specific operations (specific endpoints) of the API.
The documentation has the following example which shows how to define a policy that restricts HTTP methods: https://learn.microsoft.com/en-us/azure/api-management/policies/authorize-request-based-on-jwt-claims. You can modify the when condition to check the request URL instead of the method.
Upvotes: 1
Related Questions
- Azure Api Management restrict users from operational level
- How to bypass Subscription Key for single endpoint in the API in Azure API Managment
- Azure Api management Is it possible to disable Subscription Key
- is it possible to block users from using api operations in azure api management?
- Securing an endpoint on Azure API Management so that only an app (no login) can call it
- Make back end APIs only accessible via Azure API management
- Azure ApiManagement - limit requests for certain user
- Is it possible to create a policy that will conditionally expose an api management endpoint in azure even when a opim-subscription key is required?
- Azure apimanagement with subscriptions on a subset of operations, is it possible?
- Restrict Azure Web API to Just API Manager