Using Azure API Management service, how do I setup authentication for browser to API FrontEnd requests?

0
votes

I realize that AZURE APIMS has a lot out of the box. Including subscription based server-side authentication.

However, I would like to know: What options are available for client apps which are browsers? For example, Assume I have a single backend API with a single endpoint. I want to expose this endpoint to external business partners who use browser based applications which make requests to the backend from client side (browser)

How can I achieve this using AZURE API management service?

1
azureazure-api-management

1 Answers

0
votes

APIM supports protecting your API with OAuth 2.0 which you can setup on your APIM instance and leverage in your browser-based applications.

Your application would first have to get the JWT token from your identity provider and then provide the same in requests to the APIM endpoint which are pre-validated using a policy.

Here are samples of applications using AzureAD (and its MSAL library) for authentication/authorization.