需要的帮助:如何从API管理访问机密(存储在密钥库中) [英] help needed: how to access secret (stored in key vault) from API Management
问题描述
我正在尝试在API管理中设置策略以访问密钥库中的机密.
I am trying to set up policies in API Management to access the secret in key vault.
任何人都可以给我一些示例代码吗?
can anyone please give me some example code?
谢谢!
推荐答案
You need to use an API Management Policy (https://docs.microsoft.com/en-us/azure/api-management/api-management-policies).
需要构造该策略以将HTTP请求发布到Azure AD OAuth终结点以接收访问令牌( https://docs.microsoft.com/zh-CN/azure/api-management/api-management-advanced-policies#SendRequest ) .
该秘密将在您的标头中传递(
The policy needs to be constructed to post HTTP request to Azure AD OAuth endpoint to receive access token (https://docs.microsoft.com/en-us/azure/api-management/api-management-transformation-policies#TransformationPolicies).
Using the access token you just need to call to Key Vault API and retrieve the secret (https://docs.microsoft.com/en-us/azure/api-management/api-management-advanced-policies#SendRequest).
That secret will be passed along in your header (set-header
)
获取访问令牌的示例: 参考)
Sample to get access token: https://docs.microsoft.com/en-us/azure/api-management/policies/use-oauth2-for-authorization?toc=api-management/toc.json
(For
reference)
这篇关于需要的帮助:如何从API管理访问机密(存储在密钥库中)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!