Share via

Ocp-Apim-Subscription-Key

LuLaCeK 46 Reputation points
2025-03-25T08:29:32.3933333+00:00

Hi guys,

need to insert to the header Ocp-Apim-Subscription-Key on backed serverice (APIM) to not expose the key on client side (browser/js).

When I edit inbound policy and add set header, GET method still not works (Direct from browser or from Postman). From Postman if I explicitly add to header Ocp-Apim-Subscription-Key key, respons work.

{
    "statusCode": 401,
    "message": "Access denied due to missing subscription key. Make sure to include subscription key when making requests to an API."
}

User's image

Azure API Management
Azure API Management

An Azure service that provides a hybrid, multi-cloud management platform for APIs.

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ranashekar Guda 2,905 Reputation points Moderator
    2025-03-25T13:47:35.1933333+00:00

    Hi @LuLaCeK,

    To resolve the issue of the Ocp-Apim-Subscription-Key not being recognized, ensure its correctly configured in the inbound policy. If the GET method works when you manually add the header in Postman, the backend is set up properly. Check that the set-header policy in the APIM is correctly configured and verify there are no conflicting hard-coded values. Use the APIM inspector to confirm the key is sent to the backend as expected. Test with different clients like cURL or Postman to see if the issue is environment-specific. Finally, ensure the subscription linked to the key is active and valid in the APIM Developer portal.

    For further clarification, please refer to the following documentations: Document1, Document2

    I hope this helps resolve your issue. Feel free to reach out if you have further concerns.

    Was this answer helpful?

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.