Unable to send test requests to backend APIs using the Azure APIM interactive portal-CodePudding

Using the Azure portal, I’m unable to send test requests to the Echo API (and all other backend APIs).

When sending a request, I’m getting the following error:

HTTP/1.1 401 Access Denied
cache-control: private, s-maxage=0
content-length: 152
content-type: application/json
date: Tue, 12 Apr 2022 05:13:28 GMT
vary: Origin
www-authenticate: AzureApiManagementKey realm="https://AAAA.azure-api.net/echo",name="Ocp-Apim-Subscription-Key",type="header"
    {
    "statusCode": 401,
    "message": "Access denied due to missing subscription key. Make sure to include subscription key when making requests to an API."
}

The request works fine when I tick the “Bypass CORS proxy” checkbox and through Postman.

I have the following global inbound CORS policy:

<policies>
    <inbound>
        <cors allow-credentials="true">
            <allowed-origins>
                <origin>https://AAAA.developer.azure-api.net</origin>
                <origin>https://AAAA.azure-api.net</origin>
            </allowed-origins>
            <allowed-methods preflight-result-max-age="300">
                <method>*</method>
            </allowed-methods>
            <allowed-headers>
                <header>*</header>
            </allowed-headers>
            <expose-headers>
                <header>*</header>
            </expose-headers>
        </cors>
    </inbound>
    <backend>
        <forward-request />
    </backend>
    <outbound />
    <on-error />
</policies>

and the inbound base policy set on the Echo API.

I haven't expereinced this problem previously. Any ideas how I can bupass the CORS error while submitting test request in the APIM portal?

CodePudding user response：

HTTP/1.1 401 Access Denied
www-authenticate: AzureApiManagementKey realm="https://AAAA.azure-api.net/echo",name="Ocp-Apim-Subscription-Key",type="header"
"message": "Access denied due to missing subscription key. Make sure to include subscription key when making requests to an API."

In this

Scenario 2:

There are 2 more product subscriptions that come by default when an APIM instance is created which are Starter and Unlimited.

When the API is subscribed to that product subscriptions, then the subscription key passing in the header should match with the Original Product Subscription Keys available in the Subscriptions Menu.

enter image description here

Here, the Echo API is subscribed to both the products Starter and Unlimited as shown in 1st Image. enter image description here That Product Subscriptions has given with some permissions called Administrators, Developers and Guests. Any one among these should have on the user to access the APIs subscribed these products.

In the 3rd Image, you can see what APIs are subscribed to Starter Product like Echo API.

If any of the above workaround did not solve the issue, please refer the troubleshooting steps doc provided that shows all of the causes that produces this specific error 401 Unauthorized and Missing the Subscription Key along with the resolution.

CodePudding user response：

ByPass CORS option allows the requests originating from any domain. Sometime, allowing the cross-domain access also fixes the issue. Try Azure Cross-domain policy as given below to allow access from 'any' domain (you can specify your domain too).

<cross-domain>
<cross-domain-policy>
    <allow-http-request-headers-from domain='*' headers='*' />
</cross-domain-policy>

For details refer MS documentation on managing cross domain access : https://docs.microsoft.com/en-us/azure/api-management/api-management-cross-domain-policies