question

WayneTheron-3037 avatar image
0 Votes"
WayneTheron-3037 asked ·

reverse lookup of subscription key

I need to access the group information of an api caller who has a subscription key for api management. I would like to be able to modify the header through policies and add the group info to the header. my backend api will use this information for enforcing row level security on the data being queried.

all I have when the caller makes the request is their subscription key so I would need to do the lookup and insert through group policies. is there a way I can access group info for the caller through api management policies?

azure-api-management
· 1
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ChaitanyaNaykodiMSFT-9638 avatar image ChaitanyaNaykodiMSFT-9638 ·

Hello @WayneTheron-3037, Thank you for reaching out. I am currently working on the issue faced, I will share my updates soon.

0 Votes 0 ·

2 Answers

WayneTheron-3037 avatar image
0 Votes"
WayneTheron-3037 answered ·

it seems to me that the only way to achieve this is via portal delegation where we can take ownership of login and subscribe where we can then access the information programmatically. I don't see any api management sdk or feature that allows programmatic access to user, groups and subscription keys.

·
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ChaitanyaNaykodiMSFT-9638 avatar image
0 Votes"
ChaitanyaNaykodiMSFT-9638 answered ·

Hello @WayneTheron-3037, apologies for the delay. I think the requirement can be satisfied using the Context variable. You can get the association of an user to a group using context.User.Groups then use the Set HTTP header policy to modify the header. To programmatically access the user, groups and subscription please go through this REST API for API management.
You can refer to this question here for implementation. Please let me know if there are any additional concerns. Thank you!


·
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.