需要的帮助:如何从API管理访问机密(存储在密钥库中) [英] help needed: how to access secret (stored in key vault) from API Management

问题描述

我正在尝试在API管理中设置策略以访问密钥库中的机密.

I am trying to set up policies in API Management to access the secret in key vault.

任何人都可以给我一些示例代码吗?

can anyone please give me some example code?

谢谢！

推荐答案

您需要使用API​​管理策略(

You need to use an API Management Policy (https://docs.microsoft.com/en-us/azure/api-management/api-management-policies).

需要构造该策略以将HTTP请求发布到Azure AD OAuth终结点以接收访问令牌(设置标头)

The policy needs to be constructed to post HTTP request to Azure AD OAuth endpoint to receive access token (https://docs.microsoft.com/en-us/azure/api-management/api-management-transformation-policies#TransformationPolicies). Using the access token you just need to call to Key Vault API and retrieve the secret (https://docs.microsoft.com/en-us/azure/api-management/api-management-advanced-policies#SendRequest). That secret will be passed along in your header (set-header)

获取访问令牌的示例: 参考)

Sample to get access token: https://docs.microsoft.com/en-us/azure/api-management/policies/use-oauth2-for-authorization?toc=api-management/toc.json

(For reference)

这篇关于需要的帮助:如何从API管理访问机密(存储在密钥库中)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！