Is there any reason to use an outbound policy in APIM? I tried a test where I used the same policy expression for inbound as well as outbound. The same expression worked without error and returned the same info for both. I don't see any need to configure an outbound policy if an inbound expression already captures all of the information. Have you also found the outbound section to be redundant and simply excluded the outbound section? Or have you found any reason to use the outbound section in addition to the inbound section?
Outbound policies can be used to manipulate/inspect a response body or headers returned from a backend API.
Examples of things you might do in an outbound policy:
Set the cache duration based on the Cache-Control header returned from the API
Remove headers created by the API framework like X-Powered-By and X-Aspnet-Version
Calculate an etag value using a checksum of the body
Create a signature header to prevent tampering with a response body
Update the returned response body with cached fragments
Log the returned response to a diagnostic system or audit trail
Related
Can API Management rewrite a backend URL to be the value of a request header? For example, if I have a request originating with header X-ProxyTarget: https://api.ipify.org/, and I send it to https://my-api.azure-api.net/proxy then can a policy (or combination of policies) on inbound (or backend) forward the request to https://api.ipify.org?
You can use the set-backend-service policy in the inbound section. This policy updates the backend URL as provided and read the input header value to set the url.
Sample Code:
<set-backend-service base-url="#(context.Request.Headers.GetValueOrDefault("X-ProxyTarget","http://my-api.net"))" />
References : https://learn.microsoft.com/en-us/azure/api-management/api-management-transformation-policies#SetBackendService
I am trying to call API endpoint as a POST and Content-Type as from-data using azure data factory web activity. Tried different way of passing Body parameters but it failed.
Here is the Postman Request.
Here is the Azure Data Factory Web Activity configurations.(use the body as a json and tried different combinations but all didn't work)
And above is the error message.
Any help would be highly appreciated.
Since your request is seen successfully executing from postman, try copying the entire body from that and use in web activity.
The format for passing body for a POST request from a web activity is shown here.
Also make sure you have entered valid “url–Target endpoint and path”. This is usually seen as Activity requires Public end point but you may have used Private vnet where this is not allowed. Web Activity is supported for invoking URLs that are hosted in a private virtual network as well by leveraging self-hosted integration runtime. The integration runtime should have a line of sight to the URL endpoint.
Note: The activity will timeout at 1 minute with an error if it does not receive a response from the endpoint.
Further going through some similar scenarios it is learnt that;
Mostly the header is passed as string in WebActivity whereas Postman
it is integer/long
In case your API tries redirecting, it seems that the web activity
in Azure Data Factory does not currently support following
redirects, meanwhile Postman and other tools and libraries usually
follow redirects by default or include a option for handling them.
Checkout the supported authentication types in the web activity. If you are trying to authorize your from, try set the following.
URL: https://login.microsoftonline.com/<<tenantid>>/oauth2/token
Headers: Content-Type - "application/x-www-form-urlencoded"
Body: grant_type=client_credentials&client_id=<<clientid>>f&client_secret=<<secret>>&resource=https%3A%2F%2Fmicrosoft.onmicrosoft.com%2F<<resourceId>>
Error code: 2108:
Message: Error calling the endpoint '%url;'. Response status code: '%code;'
Cause: The request failed due to an underlying issue such as network connectivity, a DNS failure, a server certificate validation, or a timeout.
Workaround: Make the API call using Powershell, and call that Powershell script from within Data Factory.
I have issues when trying to Post data to my API using ServiceStack's JsonServiceClient.
I get the following error message in the console
Access to fetch at 'https://192.168.10.191:5001/json/reply/CreateEquipment' from origin 'http://192.168.10.191:5000' has been blocked by CORS policy: Request header field headers is not allowed by Access-Control-Allow-Headers in preflight response.
I have added 192.168.10.191:5000 to the Whitelist.
I can see in the network tab that it tries to access "https://192.168.10.191:5001/json/reply/CreateEquipment" but nothing is showing when I capture the traffic using fiddler.
I have attached an image of the headers. https://i.stack.imgur.com/hUfII.png
Your requesting a https resource at port 5001 but your origin white list returns a http resource on 5000, they need to match.
I have a SPA (fronted by CloundFront) which calls a GET endpoint which I have set up on APIGateway. Domain of the spa is different than the domain of API Gateway. Am getting Same Origin policy exceptions like below when I my SPA tries to do a GET on a resource
"No Access-Control-Allow-Origin header is present on requested resource"
Here is my setup on API Gateway. I have an Options resource which returns the following
Access-Control-Allow-Methods: 'GET, OPTIONS'
Access-Control-Allow-Headers: 'Content-Type,X-Api-Key,X-Requested-With'
Access-Control-Origin: '*'
I have a Get Resource, which in turn calls my backend service (proxies to my service). I have setup the resource to return these headers as part of the response
Access-Control-Allow-Headers
Access-Control-Allow-Methods
Access-Control-Allow-Origin
Browser's Options call returns in a 200, with all the necessary Access Control Stuff. But when the browser makes the GET call, I get the same origin policy exception. Any ideas whats happening here? Is it because my GET response does not explicitly set a value for Access-Control-Origin?
Thanks
Kay
I have an Options resource which returns the following
The header you need is Access-Control-Allow-Origin: '*'.
But, yes, you do need to return it, because a simple GET doesn't do a pre-flight OPTIONS *.
I am trying to customize the UI page on Azure B2C using an Azure storage blob using this article. It needs to be CORS enabled. I have tested it using test-cors.org and I know it is not but I do not know how to set it
Ther article uses https://wingtiptoysb2c.blob.core.windows.net/b2c/wingtip/selfasserted.html which I test and returns a 200 but mine does not
https://bookssorted.blob.core.windows.net/b2c/selfasserted.html
This article talks about using this PUT https://myaccount.blob.core.windows.net/?restype=service&comp=properties HTTP/1.1 but how do I run this?
EDIT: I am using Azure Storage Explorer and I have these rules set on the blob but it is still not returning a http 200 from test-cors.org
EDIT2: this is the url that makes the request to the authentication policy which loads the page that makes the request to load the blob
https://login.microsoftonline.com/bookssorted.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_bookssortedAuthenticationPolicy&client_Id=35f308cd-8914-4035-9f62-cec7600c1727&nonce=defaultNonce&redirect_uri=https%3A%2F%2Flocalhost%2Fbookssorted%2Fsecure%2Fsuccess&scope=openid&response_type=id_token&prompt=login
EDIT3: headers as requested
In order for a cross-origin request to succeed, the request must match the CORS configuration. This includes the request origin, request headers & exposed (response) headers. Any mismatch there would result in request to fail.
If the origin is known, then that URL must be specified (including protocol & port number if applicable) in the CORS rule. If the origin is not known and you can specify * as the origin and all URLs will be able to make such requests.
Same thing goes for request headers and exposed headers. Since different requests to Azure Storage make use of different request headers and return different response headers, it is advisable to set the value for these as * in the CORS rule. This will ensure that all request/response headers are accepted.