Forum Discussion
What did you build last week?
waldek I greatly appreciate it! We are working with 3 main types of APIs in this solution - one of them uses API tokens, one of them (Atlassian) says it prefers HTTP Basic and supports OAuth, but I believe it's OAuth 1 (it's on-prem), and the third is wide open because we just built it and if it gets locked down, it will be however we choose.
Last night we started looking at Azure Functions as an option since we are reaching out to everyone we can for advice, and that was one recommendation to use to take in the APIs and feed them right to SPFx.
MicrosoftLindsayTShelton when looking at Azure Functions, please check out Proxies. They could offer you a lightweight way to pass requests between SharePoint Framework and your existing APIs extending them with the necessary information like API keys, tokens, etc.
When it comes to securing Azure Functions, the easiest way is by using the Authentication and Authorization settings and secure your Function with Azure AD.
SharePoint Framework has a built-in support accessing APIs secured with Azure AD.
One thing that I haven't checked, if configured proxies are subject to authentication and authorization settings. If they are, and proxies are sufficient for you to relay requests, they would be a great and robus solution that doesn't request any custom code on the API side.