API Management
Components¶
Component | Description |
---|---|
API gateway |
|
Azure portal |
|
Developer portal |
|
Authentication¶
Subscriptions and Keys¶
Subscriptions | Used to segment the access levels to an API |
Subscription keys |
|
Subscription scopes |
|
Client certificates¶
- Certificates can be used to provide TLS mutual authentication between the client and the API gateway.
- With TLS client authentication, the API Management gateway can inspect the certificate contained within the client request and check for properties like:
Property | Reason |
---|---|
Certificate Authority (CA) | Only allow certificates signed by a particular CA |
Thumbprint | Allow certificates containing a specified thumbprint |
Subject | Only allow certificates with a specified subject |
Expiration | Date Only allow certificates that have not expired |