Posts

Microsoft Graph PowerShell SDK without Admin Rights

-
Image
 If you have used or are still using Azure AD PowerShell for interacting with Azure AD, you should probably already have taken note that Azure AD PowerShell will be deprecated on June 30, 2023. The alternative - Microsoft Graph PowerShell SDK, uses the power of the new Microsoft Graph and all underlying Graph APIs - allowing you to do much more than just Azure AD related tasks, supports PowerShell 7 making it work cross platform, use modern authentication and a whole bunch of other things that you expect from a modern solution. See link to learn more: https://learn.microsoft.com/en-us/powershell/microsoftgraph/overview?view=graph-powershell-1.0 The SDK supports two types of authentication: delegated access and app-only access. If you follow the tutorial in the documentation, you will be using the delegated permission model. This is effective for ensuring least privilege. However, there is one important thing when dealing with delegated permission
Post a Comment
Read more

Managing built-in cache in Azure API Management

-
Image
 Azure API Management offers caching possibilities to improve performance.  There are 2 caching options: Response Caching - Useful for caching entire HTTP responses Value Caching - To cache arbitrary pieces of data from within policy definitions. When it comes to the actual store, APIM supports: Built-in cache External Redis Compatible cache In this blog I will focus on how to manage "Value Caching". How do we set/retrieve/delete values using APIM policies? Typically, Value storage is used for fragment caching - where responses contain data that is expensive to determine and yet remains fresh for a reasonable amount of time. Also, within the APIM policies, we want to cache certain values e.g. OAuth tokens, key-vault secrets, etc. because these remain relatively fresh for a longer period of time. With caching comes the need to manage the cache specially when you need to clear cached values because they are stale.  In some scenarios, where OAuth tokens or secrets are cached, yo
2 comments
Read more

Automate Import of Functions/WebAPI in Azure API Management as backend and using OpenAPI definition and Terraform

-
Image
 When hosting APIs in Azure it is more and more common to make them available for consumption via an API Management Gateway. The advantages of using a API Management gateway are well known.  When adding a Function/WebAPI to an API Management gateway, the most common method is to add the Function/WebAPI as a backend in API Management and then exposing the Function/WebAPI as an API that uses this backend to process requests. There is a very simple way to do this using the Azure Portal. The portal allows connecting an existing Function or WebAPI inside the API Management gateway.  The portal now also allows to expose a function/web api from the action pane of functions and web api. While this makes it very easy to add APIs to API Management gateway using the portal, this would very soon become unmanageable and for more complex and automated environments, the obvious tilt would then be towards a automated deployment using one of the Infrastructure as Code (IaC) possibilities. In this examp
2 comments
Read more

Request Schema Validation in Azure API Management

-
Image
 For those of use that use or have implemented an Azure API Management instance, one feature that we have all looked for is a way to perform "Request Schema Validation" for incoming requests. Quite strangely, this much wanted feature is not a part of Azure API Management yet, although, there has been a User Voice request open since 2016 but the item is still marked as "Under Review". If you want to vote for this feature, you can Vote Here . Although this feature has not been picked up by Microsoft engineers yet, this has not in any way dampened the enthusiasm around Azure API Management as an API Management tool. And as with most things, the community adapted and found workarounds to achieve what they otherwise expected out of the box. In this blog, I will first describe the most common workaround and also the limitations that you might run into with it. Then of course, I will share how I circumvented this limitation with another workaround. Using a Logic App The mo
Post a Comment
Read more

Azure API Management - Revisions vs Versions

-
Image
A lot of us would already be familiar with Azure API Management and might already be using it extensively as a gateway for our backend services. "API Management (APIM) is a way to create consistent and modern API gateways for existing back-end services. You can use Azure API Management to take any backend and launch a full-fledged API program based on it." -  Official Microsoft Documentation It is fairly easy to set-up and get started. But then over time, when the backend services or API goes through evolution, arises the need to have continuity while at the same time being able to make available updated APIs and/or backend services. If you are not familiar with Azure API Management, I recommend reading the Official Microsoft Documentation . Microsoft announced the public preview of "Versions and Revisions in Azure API Management" on September 14, 2017. 3 years later, I see that there are still quite some questions on the effective use of these features in a lot of
Post a Comment
Read more