Calling a Helper API in an Azure APIM Inbound Policy

Premier Developer

Developer

Bryan Soltis explores how to incorporate API authentication into APIM.


Azure API Management is quickly becoming one of my favorite parts of the Azure platform. From SOAP (shudder) to REST APIs, developers can quickly register and secure their existing interfaces using Azure APIM. By implementing policies, they can transform requests, validate client/subscription information, check rate limits, and a whole mess of other features. And yes, there is a policy to allow you to call a completely different API as part of your process. Let me show you!

With Azure APIM, developers can register and expose their APIs, regardless of where they are located. The built-in developer portal and subscription/products system allows for an extremely customizable consumer experience, as organizations can tailor their API offerings to their users’ needs. It’s an extremely versatile tool in the Azure arsenal and one every API developer should know.

Recently, I had a client that was looking to migrate hundreds of existing APIs to Azure APIM. Part of this change would be to support their existing client credentials/logins that they validate with a home-grown API within their network. The challenge was how do they incorporate that authentication API into their APIM calls? Inbound Policies to the rescue!

I created a PoC to show how this can be done within APIM. Let’s see how I did it.

Check out the full walk-through on Bryan’s blog.

1 comment

Leave a comment