I am looking to implement an Azure API Management policy for bank account validation and as part of that API I want to call out to a token endpoint and pass that into the bank account validation. The problem I have is around setting the inbound send-request policy to accept the query parameters from NamedValues/KeyVault.
The URL for the token validation is as below:
I tried using the set-query-parameter policy but it appears that this is not allowed within the send-request node based on the below validation error:
Error in element 'send-request' on line 16, column 10: The element 'send-request' has invalid child element 'set-query-parameter'. List of possible elements expected: 'set-header, set-body, authentication-certificate, authentication-token, authentication-token-store, authentication-managed-identity, proxy'. One or more fields contain incorrect values:;Error in element 'send-request' on line 16, column 10: The element 'send-request' has invalid child element 'set-query-parameter'. List of possible elements expected: 'set-header, set-body, authentication-certificate, authentication-token, authentication-token-store, authentication-managed-identity, proxy'.
POLICY
<policies>
<inbound>
<!-- Send request to Token Server to validate token (see RFC 7662) -->
<send-request mode="new" response-variable-name="tokenstate" timeout="20" ignore-error="true">
<set-url>https://apps.applyfinancial.co.uk/validate-api/rest/authenticate</set-url>
<set-method>POST</set-method>
<set-query-parameter name="username" exists-action="override">
<value>{{BankValidationUsername}}</value>
</set-query-parameter>
<set-query-parameter name="password" exists-action="override">
<value>{{BankValidationPassword}}</value>
</set-query-parameter>
</send-request>
<base />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>
My question is how do you set query parameters in the send-request section of an API policy?
CodePudding user response:
OK,
You can't set a query parameter within the scope of the send-request but you can do it within the ionbound policy. Also it seems better to pull the KeyVault hosted Named Values in to variables and use them in the request that way.
<policies>
<inbound>
<rewrite-uri template="/" />
<set-variable name="username" value="{{BankValidationUsername}}" />
<set-variable name="password" value="{{BankValidationPassword}}" />
<set-variable name="errorresponse" value="" />
<send-request mode="new" response-variable-name="tokenstate" ignore-error="false">
<set-url>@($"https://apps.applyfinancial.co.uk/validate-api/rest/authenticate?username={(string)context.Variables["username"]}&password={(string)context.Variables["password"]}")</set-url>
<set-method>POST</set-method>
</send-request>
<set-query-parameter name="token" exists-action="override">
<value>@((string)((IResponse)context.Variables["tokenstate"]).Body.As<JObject>()["token"])</value>
</set-query-parameter>
<base />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<set-header name="ErrorSource" exists-action="override">
<value>@(context.LastError.Source)</value>
</set-header>
<set-header name="ErrorReason" exists-action="override">
<value>@(context.LastError.Reason)</value>
</set-header>
<set-header name="ErrorMessage" exists-action="override">
<value>@(context.LastError.Message)</value>
</set-header>
<set-header name="ErrorScope" exists-action="override">
<value>@(context.LastError.Scope)</value>
</set-header>
<set-header name="ErrorSection" exists-action="override">
<value>@(context.LastError.Section)</value>
</set-header>
<set-header name="ErrorPath" exists-action="override">
<value>@(context.LastError.Path)</value>
</set-header>
<set-header name="ErrorPolicyId" exists-action="override">
<value>@(context.LastError.PolicyId)</value>
</set-header>
<set-header name="ErrorStatusCode" exists-action="override">
<value>@(context.Response.StatusCode.ToString())</value>
</set-header>
<base />
</on-error>
</policies>