Access denied due to missing subscription key

To test a functionapp api which I put behind APIM, I copied the URL and tried to trigger a request using Postman, but got following error:
access denied due to missing subscription key

Why it happened


 It is one of the basic features APIM offers – security, only authorized users can send request to an API, unless explicitly allowed. Here the error returned by APIM engine is about missing Subscription Key, which is used to access the service (authorization).
Subscription Key - In APIM each set of APIs are part of a Product and users need to subscribe to that product before they can access the APIs within it. The subscription has a primary and secondary key and one of these needs to be passed in the header of the request to the APIM. Thus securing your API from being called by anyone without a subscription key
This happens in either of the scenario
  1. The API which is called is not part of any Product
  2. The request send to the APIM url does not have the subscription key in the header


For me it was the first case, where I missed to add the API to a product.

What to do
The very first step is to add the API to product, get the key and add it to header while making call. 
copy subscription key

Add key in header 

Request without a key are stopped at the APIM gateway, never reaching your API backend
What if you want to allow public access to it ? In that case you simply uncheck the Remove Subscription and can make call without key. 
Adding new product in APIM

Below is the result of calling APi in Test Product without subscription key through postman





Related Post


ServerLess360



Comments

Post a Comment

Popular posts from this blog

Operation on target Copy data failed: Failure happened on 'Source' side

Image
A simple Pipeline created to fetch data by querying the Rest Api and dumping the data received in blob storage, failed with following error: Error Operation on target Copy data_From API failed: Failure happened on 'Source' side. ErrorCode=UserErrorHttpStatusCodeIndicatingFailure,'Type=Microsoft.DataTransfer.Common.Shared.HybridDeliveryException,Message=The HttpStatusCode 400 indicates failure. {"errors":{"detail":"Internal server error"}},Source=Microsoft.DataTransfer.ClientLibrary,' Why it happened As the error says, something went wrong at source side however, I have tested the Rest API using postman and was able to get the response back with data. And I have reflected same in Source setting of Copy Data activity while creating the pipeline i.e. query, headers – content type and authorization etc Still getting the error, I rechecked again the keys,content type etc - no clue. Took hel
Read more

Run Android emulator and Android Studio on Azure VM using Hyper V

Image
14 min to read. Due to Corona outbreak, times are hard! Please take care everyone! I wish good health for all! Stay safe! There is another outbreak I am seeing – Making Development environment available on Azure to enable Work from home. Almost in every customer call I hear about requirement to enable Development Environment on Azure and accessing it from Home laptop/ PC and continue the business. In the era of “Mobile first” almost every big enterprise, every Small and Medium Business (SMB), every Start up company have mobile development teams. They use variety of tools and one of the important IDE used for Mobile development is “Android Studio”. Installing and running Android studio is smooth; however Android emulator installation fails on Azure VM. It is not s07aight forward. In this blog we will see “how to enable Android emulator with Android Studio on Azure VM”. Let’s go! Without a virtualization technology and VM acceleration, the Android emulator must 0
Read more

The workflow with 'Response' action type should not have triggers with 'splitOn' property

Image
While working on a POC about Debatching in Logic Apps using SplitOn ,    I was encountered with an below error when tried to add Response action in the workflow                             " Failed to save logic app DebatchXMLUsingSplitON. The workflow with 'Response' action type should not have triggers with 'splitOn' property defined: 'manual'. " Why it happened As I had to debatch an xml message, following xpath expression was provided to splitOn property xpath(xml(triggerBody()),'//*[local-name()="PurchaseOrder"  and namespace-uri() ="http://www.adventure-works.com"]' ) So this property will make logic app to instantiate equivalent number of the instances as that of number of splitted message. Say, a batched message with 3 messages in it is posted to this Logic App, then 3 instances of logic app gets created. And this is the reason, why designer stops us when we try to a
Read more