Within the area of the APIM Policy, using emit-metric to send the original call and client IP address to App Insights. I cannot find how to send the URI that is sent to the backend, which will not be the same as the original URI call due to transformations in the Policy.
Should the logging go into the section?
Cannot seem to find the spot in the docs.
Thanks.
Related
Hello I am trying to deploy my Azure Machine Learning pipeline with a REST endpoint. My problem is that I was able to generate an endpoint but has some sensitive information in it (ex: subscription id, resource group, etc). How can I generate a URL that forwards the request body to my Azure ML REST endpoint?
also, here is an approach I've done:
Used Application Gateway Redirect (this approach didn't forward the request body. It instead turned my POST request into a GET request when it redirected to the correct URL.)
The issue is raised because of some of the default security headers dependent on REST API and web based. Need to set the REST API CSP HEADER. Check the request and response headers in config file of the web application.
i have api management with in internal network with URL - "apimgmnt.azure-api.net" and having API :- apimgmnt.azure-api.net/hello"
also configured application gateway with url - "appgateway.cloudapp.azure.com" and access the API as appgateway.cloudapp.azure.com/hello
now i want to access this url by using "hello.appgateway.cloudapp.azure.com" which should be redirect to apimgmnt.azure-api.net/hello
what changes and transformation policy should i apply on api management level and application gateway url
As of now, URL rewriting is not supported in application gateway. So, you will not be able to rewrite and access apimgmnt.azure-api.net/hello.
There is already a feature request on UserVoice for this, which is being worked on. Feel free to upvote this to gain more traction.
I have deployed few .net APIs and applications as app service to Azure which is being used internally and also some of them can be called externally. Also have set up an Azure Alert for one of the major app services (let's call it Service A) which sends email notification in case of 404 error.
Looking into AppInsights, I can see some requests that result in 404 error when calling one the services without any endpoint included in the url (service B https://serviceB.mydomain.com/) and of course Service B returns 404 however AppInsights doesn't display the request caller (request referer). To investigate the 404 error I need to know about the caller url.
I'm aware that programmatically I can read request referer but how it can be done for 404 error which caused by a request to an endpoint which doesn't exist moreover some requests may not have referer. How can I log the caller url [preferably in Azure app services/appInsights]?
So far I was not able to find any facility in Azure portal to configure the AppInsights however it can be configured programmatically to track the referer and of course if the request doesn't have referer in the header for some reason, it can not be captured.
This link explains how AppInsight configuration can be done in codes to track the Referer.
UPDATE - And the root of issue:
Turned out "ALWAYS ON" feature in Azure Application Settings was ON for the Service B which means it sends request to the base url to keep it active and avoid recycling. For more info about Always On you can refer to here
One of the main reason for this would be that you might configure the availability test in App Insights
To be particularly this will be a URL ping test
This will hit the configured URL frequently at the location you configured
I want to purge an Azure CDN endpoint from Microsoft Flow. The CDN Profile's Pricing Ties is Standard Verzion.
I have created a Microsoft Flow with an HTTP - HTTP action.
I used an URL generated by the tool shown by clicking on Try it on https://learn.microsoft.com/en-us/rest/api/cdn/endpoints/purgecontent and filling the necessary fields.
I want to purge all CDN content so I put the following as a body (I hope this is the right way as the official docs were silent about this use case).
{
"contentPaths": [
"/*"
]
}
I have created a Registered application in the Azure Active Directory and used that to fill in Active Directory OAuth fields of the HTTP - HTTP action. I presume that the OAuth authentication is succeeding as if I put wrong values in any of the fields I get a respective error message.
So the HTTP - HTTP action is filled as on the following image. The image mostly shows where I got the values I used on the real flow.
When I run the flow it fails and shows just Unauthorized. inside the failed HTTP - HTTP action.
I have tried to add the app as a Contributor role of the CDN Profile but the error stayed the same.
How to get it working?
According to the error message, it seems that you missed the access token in the request.
If you want to generate the token for your azure ad app(service principal), you could refer to this article and the thread of generating the access token via postman.
Also, you could try to add the app as a role in the logic app.
I tried to implement custom Authentication via a authentication endpoint in an azure mobile app. I've created an Api Controller, that creates the Jwt using Azures AppServiceLoginHandler.CreateToken method. When I post to this controller with turned off Azure App Service Authentication, I get a token, but when I want to use it later, I always receive a "401 Unauthorized".
But when I turn the setting on in the Azure Portal, and send the very same request
I get:
The requested resource does not support http method 'GET'.
I'm not changing any code, and I'm certainly using a POST request - The exact same request, that works with turned off App Service Authentication.
My Code is essentially the same as here:
https://www.newventuresoftware.com/blog/custom-authentication-with-azure-mobile-apps
Could someone enlighten me here? Do I need additional configuration somewhere?
As adrian hall's book about Custom Authentication states as follows:
You must turn on Authentication / Authorization in your App Service. Set the Action to take when request is not authenticated to Allow Request (no action) and do not configure any of the supported authentication providers.
For custom authentication, you need to turn on the Authentication / Authorization in your app service for authenticating your token. Moreover, I would recommend you leverage fiddler to capture the network traces to narrow this issue. Additionally, you need to make sure that you send the custom login request with HTTPS. Details, you could follow this similar issue.