I've created a web application API with a swagger interface that I've deployed as an API App to Azure.
When creating a Logic App I can find my API App but whenever I try to use it I get the following error:
Failed to fetch swagger. Ensure you have CORS enabled on the endpoint
and are calling an HTTPS endpoint.
I'm using the default https url for the API definition in the API App:
https://microsoft-SOME-LONG-MS-INTERNAL-ID.azurewebsites.net/swagger/docs/v1
The swagger docs have been provided in my C# web API application through Swashbuckle.
For CORS I've set a single * item.
This didn't seem sufficient for the Logic App to access the API App I then configured Authentication / Authorization for the API App to use Azure Active Directory (express), creating an AD Azure App.
I believe the issue will be one of configuring security which is all pretty new to me in Azure. I'd like to make the API App inaccessible externally, but available to Web Apps and Logic Apps within my Azure subscription.
I've not added any authentication mechanism to the ASP.NET web application itself as I figured the web application would effectively be sitting in a private network on Azure. Perhaps this is a bad assumption and I need to add authentication to allow Azure AD to work?
Any pointers / suggestions?
Turns out I needed to update the Azure SDK for Visual Studio. I had an older version that was deploying a preview Api App which resulted in a "Api app host" type being deployed rather that an "API app" type.
Everything works after the update and I've found some documentation for securing the API App and making it available in the Logic App - https://azure.microsoft.com/en-us/documentation/articles/app-service-logic-custom-hosted-api/
Related
Steps to enable swagger. From code it is enabled. From API App it is working. But not when I place my API app behind API management
I am having a Web API project in asp.net and this project is hosted on Azure web app services .Azure endpoint of the api works . How can i wrap this api under azure api management ?
Current setup
Asp.net web Api project > Hosted in azure web app services
I tried to add the api in API management via blank and open api specification.
I would expect the Azure API Management could connect to my web app service where my asp.net web api project is hosted.
Deploy your Web API to Azure App Service API App instead of App Service Web App. You will be able to import the API's directly from the UI. Here is the doc.
Alternative to Ketan's approach is to configure API manually using "Blank API" option. where you'll need to specify your App's base URL. You will be required later on to create all operations manually.
I have a design issue that I've been struggling with in Azure. I have created a .NET Core API and deployed it as an App Service in Azure. On top of that, I have an instance of Azure API Management with oAuth 2 securing it. I was able to achieve this by following this tutorial:
https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-protect-backend-with-aad
So, the API Management instance is secured with policies and rate limiting, but the back-end URL is wide open and requires no authentication. What is the best process to secure the back-end URL?
you can set APIM public IP in accessing whitelist of your App service to make sure only APIM requests will be able to access your App Service. For how to set IP restriction , you may refer to this doc : https://learn.microsoft.com/en-us/azure/app-service/app-service-ip-restrictions#adding-and-editing-ip-restriction-rules-in-the-portal
I have two Web Apps, inside the same App Service. One is a back-end portion (with API on it, using .NET Core, SSL cert installed) and the other one is the front-end (ReactTS, created using create-react-app).
When I try to call the API method (an Auth method) using my Front-end I got this message as response:
Login failed: The resource you are looking for has been removed, had
its name changed, or is temporarily unavailable.
-404 error
Another fact is, if I run my ront-end solution locally, I can use the API (published on the Web App), normally.
My API URL is set inside the package.json file, as proxy.
My first thought was about an CORS problem, but it throws a 404 error.
Any configuration that I can do on my Azure, or something that I need to change in my application to allow my front-end to communicate with my API?
If we publish two web applications to one Azure Web App, the later one will cover the first one. It will cause that the first web application can't work. I suggest you create different Azure Web Apps for your web applications. You could choose one Azure Web App Plan for your Azure Web Apps. It will not add extra costs except for Shared plan.
If you use Shared App Plan and don't want to increase the extra cost, you could add a virtual directory to your Azure Web App. Then you could publish your second web application to the virtual directory. To create a virtual directory, steps below are for your reference.
Azure portal -> Web App Panel -> Application settings
This question is related to following questions but not the same question
How can i integrate Azure Mobile App win Azure API app
How to combine azure AppServices API, Mobile and Web apps
I have been trying to setup an API to use with my mobile app(Xamarin) and Web app(Angular or ASP.NET MVC). I wanted to use "Azure App Service".
As i understand there are three things in Azure app service
Web Apps
Mobile Apps
API Apps
I wanted to select the "API APPS" as i wanted to use my Existing ASP.Net Web Api and wanted to expose the Api to swagger. Also I wanted to share this api with Mobile app as well as Web App.
Based on the documentation "API APPS" can be consumed by Mobile and Web clients.Web client is OK but i need to use Azure Mobile features(such as Single Authentications,Notifications,Offline Sync with Sql lite and etc ) to make things easy in Mobile app.
As per answers for above questions and the documentation, i can install mobile app back-end packages to ASP.Web API and host it as "Mobile APPS". So i can use all the features related to mobile.
My problem if i install the mobile back-end, can i use the same API
for Web Front end? Because I am hosting it as "Mobile APPS" service
not the "API APPS" service.
How can I share a single API host with mobile client (With Mobile back end feature) and Web client?
Is it possible to install the Mobile back-end packages and host the
API as "API APPS" , then use Mobile SDK in Xamarin app and the HTTP client or other client in Web APP to consume the same API?
If you want to use the Azure Mobile client SDK, especially features like offline sync, then you need to use the Azure Mobile server SDK. It's a set of NuGet packages that simply extend ASP.NET Web API.
If you want to roll your own mobile client, or just use the authentication feature, then you don't need to use the Azure Mobile server SDK and you can use just Web API.
If you do want to use the server SDK, we have samples that show how to consume this TableController API from a web client:
https://github.com/azure-appservice-samples/contosomoments
Azure App Service field engineer sample with web admin portal and offline-sync-enabled Xamarin.Forms client