Sometimes you don’t want to expose all the operations of your API on APIM. For example, you might have an API that has a lot of operations, but you only want to expose a subset of those operations on APIM. Or you might have an API that has operations that are not meant to be called by external consumers. In this post, I’ll show you how you can expose a subset of your openapi spec via Azure devops on APIM.
Over the years Microsoft has released ceveral libraries for authentication. We had ADAL. It was ok at the time, but didn’t work with the Azure AD 2.0 authorization endpoints. After some time we got the MSAL library, but it took a while before it was usable. Now new libraries are on the horizon to make it easier for the developers. Well … the constant change of libraries doesn’t make it easier for developers.
Azure API management automatically exposes openapi documentation through the developer portal. But what if your company doesn’t activate the portal? This article describes how you can make the openapi documentation available through your API.
When deploying your Azure API management via ARM templates you want to avoid putting environment depending variables in your template files. But injecting all settings via a parameter file is sometimes easier said than done. In my case, I needed to set an API policy to verify a certificate thumbprint. And that simple thing took me a few hours.
Everyone that worked with ARM templates knows that they are error prone. More often than not it’s a struggle get them right. So, if you don’t want your team to wonder if that 6th floor window isn’t an easier way out, you provide them reusable templates. One problem with linked templates is that they must be publicly available. As not all companies want their resources be publicly exposed, you need to find another way.