Azure Api management OUTH2 on Product level

ujjwalDev 46 Reputation points
2020-08-20T07:50:59.807+00:00

Hi,

How do we protect a APIM Product (set of Apis which are grouped) with OAUTH2 using Azure AD.
I am aware of protecting individual apis using OAUTH2. Is there any way to protect a Product without having to individually setting OAUTH2
restriction on each of the APIs.

Also with the subscription-key access way, there is a nice visual way of looking at the subscribers of a given product in the portal.
How can we have such a visualisation of Subscribers to a product whose APIs are OAUTH2 protected.

Regards,
Ujjwal

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,912 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. MayankBargali-MSFT 69,946 Reputation points
    2020-08-20T13:54:15.07+00:00

    Hi @ujjwalDev

    You need to use the validate-jwt policy in the product scope to protect at the product level. As of now for the visualization of Subscribers to a product whose APIs are OAUTH2 protected will not be possible since OAuth2 based users are not tracked by APIM core metrics. You can try to create your own custom solution to trace it using the subscription key and the validate-jwt policy

    Please 'Accept as answer' and ‘Upvote’ if it helped so that it can help others in the community looking for help on similar topics.

    0 comments