Microsoft
MicrosoftMy API is hosted in Azure APIM. I have an app registration that exposes the API and requires a role 'MyAPI.Administrator' so that only clients presenting a token with that claim are permitted to call the API. The validation for this is added in the inbound policy for my api where I check that the presented token contains the expected claim using the validate jwt policy template. I also set up a client app registration that has this MyAPI.Administrator permission.
In postman, when I request a token using grant_type client_credentials, client_id the client app registration's client id and secret for the scope of {myapi}/.default and then use that token it to make a request to my API, it works as expected. However, I'm unable to get a custom connector correctly configured to query the api.
From what I can observe when testing the connector in the test tab of the configurator, the token that is sent to the api is an impersonation token (for my account), instead of an application token. Where can I find a sample for this scenario that shows how to configure the security tab of the connector configuration ?
