calling api from azure portal - apim - test add an unknown azure pub ip to x-forwarded-for header

Martin Kallukalam 355 Reputation points
2024-06-12T12:27:34.66+00:00

when calling aip from az portal an extra ip is added to x forwarded for header. What is this IP?

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,116 questions
Accepted answer
  1. Ben Gimblett 4,525 Reputation points Microsoft Employee
    2024-06-12T15:55:51.6366667+00:00

    Hi thanks for the question

    if you look very closely at the APIM test console in Az Portal you'll see a default checkbox which is unchecked next to the send and trace buttons "Bypass cors proxy"

    By default the request sent are not from the browser but go via a cors proxy, if you resend the test but check "bypass cors proxy" you should see that x-forwarded-for is what you originally expected.

    Hope this clears up the query

    1 person found this answer helpful.

6 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. JananiRamesh-MSFT 27,021 Reputation points
    2024-06-12T15:07:59.3833333+00:00

    @Martin Kallukalam Thanks for reaching out.

    Bypass Cors Proxy Box Unchecked: request goes from your computer -> to CORS Proxy (13.91.254.72)-> APIM -> backend

    User's image

    The traffic is forced through the proxy 13.91.254.72 only when the call is made from the Azure Portal and the box for “Bypass CORS Proxy” is un-checked.

    Bypass Cors Proxy Box Checked: request goes from your computer -> APIM -> backend

    User's image

    do let me know incase of further queries, I would be happy to assist you.

    1 person found this answer helpful.
    0 comments
  2. Martin Kallukalam 355 Reputation points
    2024-06-12T15:52:54.5+00:00

    thank you for your response. That makes sense. I am not able to post this as comment because auto bot flags it

    0 comments
  3. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

  4. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.