azureazure-api-managementazure-api-appsazure-security

How to expose Azure APIM API through API App?


We have Azure APIM exposing API for angular application. But it seems that there is no way to secure the subscription key for public APIs. So what is the best way to expose the API for angular application? Is there quick way to expose the API with same definition but through API app or any other azure feature?

-Rajesh


Solution

  • When you test the API from the Azure portal, you might notice that you can select a subscription key that is sent with the test as in below image. This key authorizes you need to use the API as per default, the API is protected and can't be used without authorization.

    enter image description here

    There are many option available to encrypt and decrypt subscription key. You need to encrypt the subscription key and store it an encrypted form in Web.config.` Before invoking the API you need to Decrypt it at runtime to get its actual value from within the code.

    For more information Please Refer the below links:-

    .Azure API Managment.

    . Create an API| MS DOC.

    .Creating on-premise API using Azure API management