question

jubinglong-1350 avatar image
0 Votes"
jubinglong-1350 asked MayankBargali-MSFT edited

May I use Azure API Gateway(API Management) to manager my api's access permissions

my web app supply same apis.
such as
/api/xxx/url1,
/api/xxx/url2,
...
/api/yyy/url1
/api/yyy/url2
...
/api/zzz/url1

May I Can use azure api gateway to manger the api's access permissions base on RBAC.
such as .
create a role role1, with the access permissions (api/xxx/url1, api/xxx/url2)
a role role2, with the access permissions (api/yyy/url1, api/yyy/url2,... api/zzz/url1)



Best wishes~

azure-api-management
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MayankBargali-MSFT avatar image
0 Votes"
MayankBargali-MSFT answered MayankBargali-MSFT edited

@jubinglong-1350 RBAC roles are at the Azure subscription level where you define the permission to the user for different operations over your Azure subscription. Whereas APIM APIs are created at the APIM level and to Consume the published APIs you need to pass the valid subscription key in the HTTP requests when calling to those APIs. Without a valid subscription key, the calls will be rejected immediately by the API Management gateway and the request will not be forwarded to the back-end services. You can refer to APIM subscription document for more details.

In nutshell, you cannot use RBAC permission to authenticate the APIM APIs.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.