External users obtaining tokens through API Management API endpoints?
Hi, my APIs in API Management require both a Bearer token and a subscription key to be passed with each request. I'm looking for a way to automate the process of obtaining tokens without exposing secret client credentials. I'm considering creating a…
Manage MFA on Custom Application using AzureAD signing
Is there any API to call and manage Microsoft MFA to allow MFA enabled user to use the application. I have already enrolled the application as an enterprise application
APIM security related
We are moving applications from current SaaS provide to Azure b2C. One of the scenarios is In-vehicle-infotainment users, where the login/access is done from the vehicles. We reach them thru domain name from existing SaaS provider today. (url is…
Azure APIM Response code 0 - Client connection was unexpectedly closed
We have a Azure Logic app that uses APIM connector to call a Azure API management endpoint which forward the request to a backend. Both logic app and APIM is in a Azure Vnet under two subnets. On Azure API management log I have noticed some requests…
What does az apim api import --no-wait exactly do?
Hello, we use az apim api import in our GitHub workflow for updating API configurations in our API management instances. https://learn.microsoft.com/en-us/cli/azure/apim/api?view=azure-cli-latest#az-apim-api-update az apim api import \ --api-id…
Sweden Central AzureKeyVault API Management endpoint down?
Hi, We have a APIM set up in Sweden central and it has started to report the AzureKeyVault endpoint status as "Error" "Connection to https://.vault.azure.net failed with WebException: NameResolutionFailure : The remote name could not…
APIM "auto upgrades"
I have noticed on occasions there are upgrades that occur to APIM without intervention. I'm assuming that Microsoft is pushing upgrades to us. Is there a way to know when these upgrades will occur? I have both a developer and a premium APIM services.
How can users obtain Bearer access tokens outside of the Azure API Management developer portal?
I have APIs protected by both Azure API Management (APIM) subscription keys and Azure B2C Bearer tokens. Currently, users can use their subscription keys, but I’m unsure how to provide them with Bearer tokens outside of the developer portal. While I can…
How to limit or control the outbound IP addresses used by Entra ID for authentication?
I am looking for a solution or some kind of work-around regarding the amount of IP-addresses that Entra ID uses for redundancy. I want to somehow control or limit which IP-addresses are used for the outbound traffic when the DNS…
Azure APIM Deprecated flag in Open API Spec not working as expected
In Azure APIM, The Deprecated flag = true is updated for the endpoint in the the open API spec version 3.0.X, but it's not grayed out or strike through as expected. The deprecated flag itself is getting remove from APIM when the Open API spec is imported…
Can I set a timeout to Azure REST API? specifically using python SDK.
In python Azure sdk, I see following code. I am trying to find out if there is a way to set timeout value, so that I can control the longest time I will wait for a http request to response back or timeout. from azure.core.rest import HttpRequest,…
Where to find FPGA validation file for Azure attestation?
On the Azure FPGA attestation support website: https://learn.microsoft.com/en-us/azure/virtual-machines/field-programmable-gate-arrays-attestation, there is an instruction for validating the FPGA and starting attestation, however, this requires a file…
what happens when APIM cache is full?
When APIM cache is full , what happens to cache-store and cache-store-value policy ? Do these policies fail or APIM will transparently purge the oldest cache entry to make room for the new entry? Is there an official document which explains what the…
How to fix a 500 RC when trying to POST to APIM listDebugCredentials after APIM migration
After migrating APIM data from one environment to another, the target APIs can not use API tracing. A 500 RC occurs. A POST to listDebugCredentials returns 500
How to fix (ResourceNotFound) PoliciesConfiguration not found while fetching product policy
Hi, I am trying to download the current policy of a product that I have just created using the Python SDK. The code for the policy download is def download_product_policy(api_management_client, resource_group_name, service_name, product_id): #…
Unknown request for GET /** showing in logs every 5 minutes for private web apps.
I have three Linux Web Apps (AppSvc) that keep showing a failed request for a GET /** resource every 5 minutes that returns a 404 error. There is an App Gateway and a API Management Service in front of the web apps. The apps themselves are not accessible…
Is there a way to do an APIM backup?
We had a "glitch" in which all our APIs, groups, products, users, etc. were completely "dropped" so our APIM appeared as if we had just created it, luckily this was QA. Is there a way to do a backup and restore of APIM as a whole?…
How to connect the Microsoft Defender XDR event logs using the API?
I'm currently working on automating the deployment of a Microsoft Sentinel workspace using PowerShell scripts. So far, I have successfully used the Microsoft.SecurityInsights API to install solutions and enable analytic rules. Now, I am looking to…
How to connect the Microsoft Defender XDR event logs using the API?
I'm currently working on a project to fully automate the deployment of a Microsoft Sentinel workspace. I already developed a working PowerShell script that uses the Microsoft.SecurityInsights API to install solutions from the content hub and enable the…
How to connect the Microsoft Defender XDR event logs using the API?
I'm currently working on a project to fully automate the deployment of a Microsoft Sentinel workspace. I already developed a working PowerShell script that uses the Microsoft.SecurityInsights API to install solutions from the content hub and enable the…