Scenario Outline

Start course

Overview

Difficulty

Advanced

Duration

54m

Students

3874

Ratings

4.3/5

Description

This course deals with how to deploy, configure, and manage some keys aspects of Azure API management (APIM). In particular, we focus on the authentication mechanism and go into depth about how to set up OAuth 2.0, including creating the Azure AD required application registrations. To help with understanding and troubleshooting the OAuth flow, we utilize Postman to check and validate our configuration.

Next, we take a look at how we can alter API requests at various scopes using API policies. Finally, we look at how to view effective API policies that span multiple scopes and also how to trace API policies during runtime.

Learning Objectives

Deploy Azure API Management and import an existing API
Gain an understanding of how the configure authentication against APIM using OAuth 2.0
Implement API policies against the imported API to alter the API request
Use Postman to make API requests against APIM and request and use OAuth authorization tokens
Secure the imported API by requiring a valid Azure AD token

Intended Audience

People who want to become Azure developers and who design and build cloud solutions
People preparing for Microsoft’s AZ-203 exam

Prerequisites

General knowledge of Azure

Transcript

There are a lot of components that make up the configuration of the service. Here we are going to explain what we are going to work through. We have already started the creation of the Clouddemo API in our subscription. Once this completes we are going to ingest an API provided by Microsoft. This API contains a number of API operations around getting conference data. We will then create a simple API request in Postman. From there we can create the required applications in Azure AD, I've already provisioned an Azure AD called Cyber Labs for this demo. And will expect you to have your own Azure AD or if you don't have one to configure it now. In the Azure AD we will create a backend app, a front end app along with a secret key. We will also grant the front end application permission to access the backend app. We will use the Azure Portal, the Developer Portal, and Postman to query the import of Microsoft Demo APIs using these applications. We will then add API policies and look at how we can scope and understand effective policy and how to trace these policies. Finally we will make sure that our API is secure and that requests to the API require a valid access token or bearer token from our Azure AD tenant which in this case is Cyber Labs.

There are a lot of configuration items throughout this demo I record into Notepad To help you here is all the text. You may just want to copy it from the transcript and fill it out with your specific data as you go through the demos.

https://conferenceapi.azurewebsites.net?format=json
https://{name}.azure-api.net/sessions
Starter Subscription Key: 76c24a0abeb94104809b0810f74a20e5
Subscription Header: Ocp-Apim-Subscription-Key

Azure AD Tenant: mycyberlabs.onmicrosoft.com
Azure AD Tenant GUID: fc9f98a5-2d78-4a13-afa4-2ccfe88db15a

Apps
myFrontEndApp ID: 902eef25-668f-4e58-8398-f72a5da893ea
myFrontEndApp Secret Key: QZdqqvNXBxm466IvJd5ociARYInUwNyPbXJuJLP3IyE=
myBackEndApp ID: f9a45df4-6102-4f5c-a855-e2a2cbbab627

Call Back URLs
Postman Call back URL: https://www.getpostman.com/oauth2/callback
https://{name}.portal.azure-api.net/signin
https://{name}.portal.azure-api.net/docs/services/cyberlabs/console/oauth2/authorizationcode/callback
https://{name}.portal.azure-api.net/signin-aad

Endpoints
OAuth 2.0 (v1) Authorization Endpoint: https://login.microsoftonline.com/{aad-tenant}/oauth2/authorize
OAuth 2.0 (v1) Token Endpoint: https://login.microsoftonline.com/{aad-tenant}/oauth2/token
OpenID Connect meta document: https://login.microsoftonline.com/{aad-tenant}/v2.0/.well-known/openid-configuration

V1
https://login.microsoftonline.com/mycyberlabs.onmicrosoft.com/.well-known/openid-configuration

postman Oauth
https://login.microsoftonline.com/{aad-tenant}/oauth2/authorize?resource={resource ID}

https://login.microsoftonline.com/{aad-tenant}/oauth2/authorize?resource={resource ID}&response_type=code&client_id={client ID}&redirect_uri=https://{name}.portal.azure-api.net/docs/services/cyberlabs/console/oauth2/authorizationcode/callback&state={state ID}

About the Author

Matthew Quickenden

Instructor

Students

5333

Courses

Matthew Quickenden is a motivated Infrastructure Consultant with over 20 years of industry experience supporting Microsoft systems and other Microsoft products and solutions. He works as a technical delivery lead managing resources, understanding and translating customer requirements and expectations into architecture, and building technical solutions. In recent years, Matthew has been focused on helping businesses consume and utilize cloud technologies with a focus on leveraging automation to rapidly deploy and manage cloud resources at scale.

Covered Topics

Name: Scenario Outline - Configuring Azure API Management Course
Rating: 4.364705882352941 (168 reviews)

Web Development Compute Microsoft Azure Development for Azure Compute for Azure Azure API Management

Learning Objectives

Intended Audience

Prerequisites

Covered Topics

SOLUTIONS

CERTIFICATIONS

TRAINING LIBRARY

RESOURCES

PAST EVENTS

COURSE INDEX