How to debug 500 error from Azure API Management call?

9
votes

I have my API hooked up to Azure's API Management service. When I try to call one of my endpoints, I get the following error:

{
  "statusCode": 500,
  "message": "Internal server error",
  "activityId": "79c1bef9-a05d-4734-b729-0657c1749e40"
}

I enabled tracing and this is the trace json

{
"traceId": "79c1bef9a05d4734b7290657c1749e40",
"traceEntries": {
    "inbound": [
    {
        "source": "api-inspector",
        "timestamp": "2017-10-24T21:50:09.6322945Z",
        "elapsed": "00:00:00.0002259",
        "data": {
        "request": {
            "method": "GET",
            "url": "https://mysite.azure-api.net/partner/api/partner/ClientsActions",
            "headers": [
            {
                "name": "Ocp-Apim-Subscription-Key",
                "value": "..."
            },
            {
                "name": "Connection",
                "value": "Keep-Alive"
            },
            {
                "name": "Host",
                "value": "mysite.azure-api.net"
            }
            ]
        }
        }
    },
    {
        "source": "api-inspector",
        "timestamp": "2017-10-24T21:50:09.6322945Z",
        "elapsed": "00:00:00.0002352",
        "data": {
        "configuration": {
            "api": {
            "from": "/partner",
            "to": null,
            "version": null,
            "revision": "1"
            },
            "operation": {
            "method": "GET",
            "uriTemplate": "/api/partner/ClientsActions"
            },
            "user": {
            "id": "1",
            "groups": [
                "Administrators",
                "Developers"
            ]
            },
            "product": {
            "id": "57c59e76ea12f3007f060002"
            }
        }
        }
    },
    {
        "source": "cors",
        "timestamp": "2017-10-24T21:50:09.6322945Z",
        "elapsed": "00:00:00.0002544",
        "data": "Origin header was missing or empty and the request was classified as not cross-domain. CORS policy was not applied."
    },
    {
        "source": "choose",
        "timestamp": "2017-10-24T21:50:09.6322945Z",
        "elapsed": "00:00:00.0002633",
        "data": {
        "message": "Expression was successfully evaluated.",
        "expression": "context.Request.Url.Query.ContainsKey(\"key\")",
        "value": false
        }
    },
    {
        "source": "set-header",
        "timestamp": "2017-10-24T21:50:09.6322945Z",
        "elapsed": "00:00:00.0002744",
        "data": {
        "message": "Expression was successfully evaluated.",
        "expression": "(string)context.User.Id",
        "value": "1"
        }
    },
    {
        "source": "set-header",
        "timestamp": "2017-10-24T21:50:09.6322945Z",
        "elapsed": "00:00:00.0002802",
        "data": {
        "message": "Specified value was assigned to the header (see below).",
        "header": {
            "name": "x-client-id",
            "value": "1"
        }
        }
    }
    ],
    "backend": [
    {
        "source": "forward-request",
        "timestamp": "2017-10-24T21:50:09.6322945Z",
        "elapsed": "00:00:00.0002909",
        "data": {
        "message": "Backend service URL is not defined."
        }
    },
    {
        "source": "forward-request",
        "timestamp": "2017-10-24T21:50:09.6322945Z",
        "elapsed": "00:00:00.0004824",
        "data": {
        "messages": [
            null,
            "Backend service URL is not defined."
        ]
        }
    }
    ],
    "outbound": [
    {
        "source": "transfer-response",
        "timestamp": "2017-10-24T21:50:09.6322945Z",
        "elapsed": "00:00:00.0007989",
        "data": {
        "message": "Response headers have been sent to the caller."
        }
    },
    {
        "source": "transfer-response",
        "timestamp": "2017-10-24T21:50:09.6322945Z",
        "elapsed": "00:00:00.0008730",
        "data": {
        "message": "Response body streaming to the caller is complete."
        }
    }
    ]
}
}

The "Backend service URL is not defined." messages look suspicious to me but I can't find any information on what they might mean. If I had to guess I'd say API Management is having issues talking to my real API but I can access it fine directly.

Anyone have any idea what might be going on or what I should look at? I'm running the tests directly through the developer portal provided by Azure.

Jason

5
azureazure-api-management
Would you be able to show us the forward-request policy you have set into your back-end policy for this particular method?Pieter Vandenheede
Also: are any other calls working or is this the only call setup to your API at the moment?Pieter Vandenheede
It looks like all the calls are having the same issue. My backend policy is just <base /> but I also tried <forward-request timeout="60" />. I'm feeling my way along here as I inherited the project from a dev that's no longer working for us. I'm beginning to think the issue is in the initial Swagger import as I'm trying to recreate the API elsewhere and getting errors from the Swagger.json file. The file is generated by the .NET Swashbuckle toolset.Jason
Does your swagger file contain the correct host and relative uri?Pieter Vandenheede
Yep, that's exactly what the issue was. Turns out the Swagger.json file from Swashbuckle doesn't contain the host or schemes entries which are required by the import in Azure API Management. Go ahead and post an answer and I'll select it as the correct one.Jason

5 Answers

9
votes

In your Swagger file, make sure it mentions the correct host, basePath and schemes entries. Swashbuckle generated Swagger files tend not to contain those.

Here is an example: 

{
"swagger": "2.0",
"info": {
    "title": "Your title",
    "version": "1.0",
    "description": "Your description"
},
"host": "server.host.com",
"basePath": "/api",
"schemes": [
    "https"
],
"consumes": [
    "application/json"
],
"produces": [
    "application/json"
],

Take specific interest in "host", "basePath" and "schemes" and change those according to your API.

27
votes

I had the same issue. I resolved it by putting the back end API URL on the "Web service URL" of my API in the API Management. So at the time of writing, the steps using the portal would be:

  1. Open your API Management instance
  2. Open the APIs blade
  3. Select your API on the list
  4. Settings tab > Web service URL property
0
votes

I encountered similar error while configuring my endpoints in API management. This happens when API management is unable to validate the SSL certificate root authority chains. If you are using self signed certificate then use below powershell to skip the certificate chain validation for your endpoint. 

$subscriptionName = "MySubscription"
Get-AzureRmSubscription -SubscriptionName $subscriptionName | Set-AzureRmContext 

$context = New-AzureRmApiManagementContext -resourcegroup 'myResourceGroup' -servicename 'myApiManagementServiceName'
New-AzureRmApiManagementBackend -Context  $context -Url 'https://myService.abc.com/' -Protocol http -SkipCertificateChainValidation $true

I hope this will address your issue.

If you need to check which URLs have been setup to skip the certificate chain validation then use below powershell command - 

Get-AzureRmApiManagementBackend -Context $context
0
votes

Recently I have come across this issue. Was using the Swashbuckle.AspNetCore for creating the json file meta data from the api.The fields like host,schemes,securityDefinitions and apiKeyQuery are missing for some reason not sure why. But after explicitly added those the issue resolved. below missing fields

"host": "your api host .com",
"schemes": ["http", "https"],
"securityDefinitions": {
    "apiKeyHeader": {
        "type": "apiKey",
        "name": "Ocp-Apim-Subscription-Key",
        "in": "header"
    },
    "apiKeyQuery": {
        "type": "apiKey",
        "name": "subscription-key",
        "in": "query"
    }
},
"security": [{
    "apiKeyHeader": []
}, {
    "apiKeyQuery": []
}],
-1
votes

I had same error but realized that I had subscription requirement on although I didn't provide any secure key values.