Home > front end >  SubscriptionKeyInvalid in Azure API Management for an endpoint in a product that does not require su
SubscriptionKeyInvalid in Azure API Management for an endpoint in a product that does not require su

Time:12-19

I have a very strange issue with Azure API Management, that I don't seem to figure out...

We have an API operation that is part of an APIM API that is linked with a Product that does not require a subscription. The intention is that this API endpoint is publicly available for consumers, without requiring any subscription keys, headers, etc...

  • When I call this endpoint from Postman, it works.
  • When I just do a GET to the endpoint in a private browser session (so nothing added in headers, etc), it works.
  • When I execute the API operation from the Azure APIM portal, without selecting a product, it works.

But, when I call the endpoint from a deployed web app in Azure App Service, I get a 401 back?!
So, the obvious thing is that something is misconfigured, but I cannot get my head around it...

When looking in Application Insights, linked to the APIM instance, this is the trace, I see:

App insights view

But in the following screenshot, I get a hint of the mismatch, though I don't understand how this happens... If I copy the full url to a browser private session, I get back a 200 with successful data.
But the root cause of the 401 is probably in the yellow box, where there is an API product dev-product-admin, which indeed requires a subscription (and has JWT token policies configured). So, what I need to find out now, is how I can make sure that APIM is linking my incoming request to the right product, which doesn't require a subscription. Any hints?

Wrong product

CodePudding user response:

And two minutes after writing down the question, you get your own insight... I checked the code and I was adding a SubscriptionKey header to that specific call (because of a configuration issue). And that subscription key was obviously making the link to the specific Product (which indeed requires more authorization)

  • Related