question

JunTingHo-0477 avatar image
0 Votes"
JunTingHo-0477 asked ·

How to secure a API Logic App preferably without Key Vault or Active Directory

Hi, my team needs to secure an Azure API that connects to a Logic App such that a range of users can access it, but only if they each provide unique access credentials. Is there a simple way to solve this issue that a beginner can understand and implement (including testing) within 1 day? The ideal solution would be to implement it either within the Logic App itself or within API Management, but without using Key Vaults or AD preferably. Please let us know if such a solution can be implemented, or if a Key Vault / AD is a must.

We are currently utilising subscriptions, but that is no longer adequate as we require more than two keys.

Thanks!!!

azure-logic-appsazure-api-management
· 2
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @JunTingHo-0477 - Thank you for posting on MS Q&A! Could you clarify how your current solution with subscriptions is setup? Are you referring to the APIM subscriptions? Also, to confirm, are you looking to secure an HTTP endpoint exposed by Logic Apps such that it needs to authenticate user identity in the request without using AAD?

0 Votes 0 ·

Hello @MikeUrnun , thank you for the suggestion. We ended up doing similar to what Mr Rahul below suggested, but we will consider your points in future when troubleshooting such issues. Thank you.

0 Votes 0 ·

1 Answer

RahulMetangale-9479 avatar image
0 Votes"
RahulMetangale-9479 answered ·

Hi @JunTingHo-0477

Based on your question i understand that you want to secure the web api without using Azure AD or Keyvault.

You can look at API key based authentication or certificate based authentication. It is easy to implement and same API key or certificate can be used by logic app while calling API irrespective of which user.

I hope this answers your question.

Thanks
Rahul

· 1 ·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you @RahulMetangale-9479 . That was similar to what we ended up doing.

0 Votes 0 ·