I wanted the APIs that are hosted in Azure api management, should only be consumed by the web app hosted on same Azure tenant. APIs should not be publicly accessible, I can configure CORS so that domain pointed to my web app or forntdoor can only access those api's. Is there any other best way to achieve his functionality?
1 Answers
1
votes
You can put all your resources in a VNET: Enable VNET connectivity using the Azure portal
Internal: The API Management gateway and developer portal are accessible only from within the virtual network via an internal load balancer. The gateway can access resources within the virtual network.
