api management

88 Topics

Ocp-Apim-Subscription-Key for Service to Service calls
I want to require a Ocp-Apim-Subscription-Key when calling an API that is managed using Azure API Management. If I am calling the API from another API, what Ocp-Apim-Subscription-Key should I use? Do I need to set up a "User" in Azure API Management that represents the calling API and add that User to a Product that has access to my API? Seems silly to have to add a fake user that represents an unattended call to my API.
Anonymous
Jan 01, 2018 Place Azure
28KViews
1like
4Comments
Unsupported but very useful way to use the hidden Azure API
Obviously not supported, but for those of us managing many tenants and/or setting up (test/training/pilot) tenants often, you may want to automate certain Azure AD or Intune settings that are not available through supported API's or PS modules, there is a 'hidden' API at https://main.iam.ad.ext.azure.com/api/MdmApplications/eab0bcaf-9b2e-4e62-b9be-2eea708422f8?mdmAppliesToChanged=true&mamAppliesToChanged=true, here's an example: http://www.lieben.nu/liebensraum/2018/03/set-intune-mdm-user-scope-to-all-using-powershell-and-hidden-api/ If you want to use this in a production environment, I recommend doing only READ operations.
Solved
JosLieben
Mar 26, 2018 Place Azure
19KViews
3likes
6Comments
ARM Templates (API Versions)
Hi All, I have question regarding ARM templates API versions. I notice that when I create some resources I have to specify different API Versions for them. Is there any common API version we can apply ? because sometimes its so cumbersome to use different API versions for different resources. Thanks
Solved
kasunsjc
Feb 20, 2017 Place Azure
11KViews
2likes
6Comments
we couldn't create the test subscription. Commerce Account is Null
Hi experts i have created an azure account for a user in EA portal(https://ea.azure.com/manage/account/accountlist). When user is trying to create a subscription user is getting the below error Failed to create the subscription TEST sorry, we couldn't create the test subscription. Commerce Account is Null
Roger Roger
Feb 28, 2020 Place Azure
8.7KViews
0likes
5Comments
How to validate Azure OAuth access token using a api end point?
Hi There, Apologies if this question has been asked already. How to validate azure oauth access token using a api end point from microsoft azure? Have read this article https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens#validating-tokens but couldn't find it there. Please help me with a url endpoint to post and validate an azure access token. Thanks in advance!
tech_user23
May 22, 2020 Place Azure
7.4KViews
0likes
0Comments
Is it possible to get Subscription name through REST API?
I would like to know if I can get subscription name for my Azure Resource, through REST API? To add further, I even have subscription id, but wondering how to get subscription name?
Solved
Vino55
Mar 15, 2019 Place Azure
6.6KViews
0likes
1Comment
Microsoft Azure virtual datacenter HUB-Spoke Model: From a Network Perspective
Microsoft Azure Hub-Spoke Model When you have your Microsoft Azure Architectural Design in place like a HUB-Spoke model this Microsoft documentation can help you with the Security and networking design in Microsoft Azure Cloud services. The Virtual Data Center (VDC) isn’t just the application workloads in the cloud. It’s also the network, security, management, and infrastructure. Examples are DNS and directory services. It usually provides a private connection back to an on-premises network or datacenter. As more and more workloads move to Azure, it’s important to think about the supporting infrastructure and objects that these workloads are placed in. Think carefully about how resources are structured to avoid the proliferation of hundreds of workload islands that must be managed separately with independent data flow, security models, and compliance challenges. Read the complete blogpost with tips about Azure Security and Networking here
JamesvandenBerg
Dec 02, 2018 Place Azure
6.1KViews
1like
0Comments
Azure REST API - $filter param for time delta throws ProviderError
Hello All, We are facing issues with the Azure API endpoint for fetching security alerts based on given time filter. https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Frest%2Fapi%2Fsecuritycenter%2Falerts%2Flistbyresourcegroup%23code-try-0&data=02%7C01%7Cannishprashan.stevi%40hcl.com%7Ce89ea1593b4247b8b13f08d70530766b%7C189de737c93a4f5a8b686f4ca9941912%7C0%7C0%7C636983578009379205&sdata=JavMX5P2vJPhQ5ERafc4kC5gxELv%2FEjtulWo%2B84xhIQ%3D&reserved=0 and screenshot for the API section, We encountered the following error while hitting the endpoint with the required params and Bearer access token. Error Details: { "error": { "code": "ProviderError", "message": "Resource provider 'Microsoft.Security' failed to return collection response for type 'alerts'." } } Endpoint URL: https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/{ResourceGroup}/providers/Microsoft.Security/alerts?api-version={version}}&$filter=properties.reportedTimeUtc eq '2019-07-06T08:00:51.8801218Z' NOTE: The URL gives response without specifying the time “filter” , but when using filter as one of the params, we get the above mentioned error. The param value used: $filter = properties.reportedTimeUtc eq '2019-07-06T08:00:51.8801218Z' Could anyone help in the resolution of this issue? Let me know for any additional details/clarifications. Thank You.
Annish_Prashanth
Jul 10, 2019 Place Azure
5.7KViews
1like
3Comments
ServicePrincipal StartDate and EndDate not displaying Using Graph API In Power Shell
Hi, I am trying to get list of SPNs that are going to expire soon. Using Graph API I am executing below powershell script. I am getting output appid and name always but StartDate and EndDate are not displaying for few of SPN. Can you please help how to get it ? Below is Power shell script I am using: $TenantId = "*************" $ClientId = "*************" $ClientSecret = "*************" $Body = @{ 'tenant' = $TenantId 'client_id' = $ClientId 'scope' = 'https://graph.microsoft.com/.default' 'client_secret' = $ClientSecret 'grant_type' = 'client_credentials' } $Params = @{ 'Uri' = "https://login.microsoftonline.com/$TenantId/oauth2/v2.0/token" 'Method' = 'Post' 'Body' = $Body 'ContentType' = 'application/x-www-form-urlencoded' } $AuthResponse = Invoke-RestMethod @Params $Headers = @{'Authorization' = "Bearer $($AuthResponse.access_token)"} $method = "GET" $uri2 = "https://graph.microsoft.com/v1.0/applications/{Id}" $query2 = Invoke-WebRequest -Method $method -Uri $uri2 -ContentType "application/json" -Headers $Headers -ErrorAction Stop $query2.content | ConvertFrom-Json | select appId,displayName,@{l="SecretExpiryDate";e={$pwdcreds2.passwordCredentials.endDateTime}} $pwdcreds2.passwordCredentials I have another Powershell script it is giving startdate and enddate for same SPN but the problem is my Org is not allowed to fetch APP details from Azure AD due to security guidelines. $ServicePrincipalIds = Get-AzADServicePrincipal | Where {$_.DisplayName -like '*'} foreach($ServicePrincipalId in $ServicePrincipalIds) { $ServicePrincipalInfo = Get-AzADSpCredential -ObjectId $ServicePrincipalId.Id $ServicePrincipalInfo } Thanks, Brahma
Solved
Brahmaiah
Oct 23, 2020 Place Azure
3.9KViews
0likes
3Comments
How to Generate JWT in Azure API Management
Hello Members, I'm trying to secure a backend external API through Azure API Management platform. The backend API needs and validates the request using a JWT(JSON Web Token). I have spent quite some time in searching and trying different option on how to generate a JWT token in APIM before calling the backend API, but yet to get it working. I have working JavaScript code which can generate JWT for backend, but JavaScript is not supported in APIM. Have anyone tried/implemented this before? PS: The JWT generation just require UserId, Secret and key. No calls to backend. Similar to one here: https://jwt.io/
GGandhi
Jul 12, 2022 Place Azure
3.8KViews
0likes
1Comment