Get ClientIp in backend service (behind FrontDoor and APIM)

Copper Contributor

Context:

Azure Front Door connects to APIM (external mode) that forwards the requests to services inside AKS.

Services are monitored with Application Insights.

The target is to be able to retrieve client IP in our backend service thanks to an Header.

 

Situation:

We have tested multiple ways to do so:

- via the header X-Forwarded-For

- via the header X-Azure-ClientIP

- via a policy in APIM with the following field: "<value>@(context.Request.IpAddress)</value>"

 

None of these methods works to retrieve the clientIP, we get Microsoft datacenters IPs instead. 

 

Do you have an idea to be able to get this clientIP in backend service? Thank you for any tips!

1 Reply

@bertrandpons 

You can try few things

use context.Request.Headers.GetValueOrDefault("X-Forwarded-Host") or context.Request.Headers.GetValueOrDefault("X-Forwarded-For")

 

However, both cannot guarantee that you will get the client IP address. here is a sample which can filter on IP Address when using Application Gateway

 

https://github.com/Azure/api-management-policy-snippets/blob/master/examples/Filter%20on%20IP%20Addr...