will the API request still go through Azure resouce manager for my app which is deployed as a containerized app

Question

will the API request still go through Azure resouce manager for my app which is deployed as a containerized app

JA 131

So we are adding token authorization for an app which will be deployed on azure as a containerised app.
Now, we make the request for our endpoints which we have exposed on our app, and we validate the token.
our app is a spring boot app, and right now, in development we are making the queries locally but we do get the token from azure and add it to our APIs and then authenticate the token in our app for the required roles (this is done in our code).

Now, what my question is lets say this app is deployed on azure and we are making call to our deployed app, will the azure resource manager intercept the request first and validate the token or its my application which will intercept first and thus validate the token.

As per the Resource manager doc, all the requests will be intercepted by ARM :

so is it only specific to azure managed services or it is meant for everything deployed on azure?

Answer accepted by question author

0 additional answers

Your answer

Answer 1

Sam Cogan 10,822 Microsoft Employee Volunteer Moderator

Azure resource manager is pureley concerned with the deployment of resources into Azure and their configuration. Once your container is deployed and running, requests to your container will be sent directly to it. Any authentication/authorization will need to be handled by your application. The one exception to this is services that implement easy auth, such as App Service or Container Apps, where the platform can do the auth for you.

JA 131 Reputation points

2022-10-13T10:13:08.47+00:00

that contradicts to what is mentioned in the docu -> "When you send a request through any of the Azure APIs, tools, or SDKs, Resource Manager receives the request. It authenticates and authorizes the request before forwarding it to the appropriate Azure service. "

SO what is meant by this if the application has to handled authn and authz?
Sam Cogan 10,822 Reputation points Microsoft Employee Volunteer Moderator

2022-10-13T11:53:23.117+00:00

It mentions "Azure APIs, tools, or SDKs, Resource Manager", this is correct, your not sending a request to an Azure API, your sending it to your application. You are responsible for that API/Web App etc., it is not an Azure API.
When you do send requests to Azure API's to perform management operations then Azure with authenticate the request, but that is not what you are doing.
JA 131 Reputation points

2022-10-13T11:56:14.487+00:00

oh,,, this is what I am missinng.. I thought whatever API we expose through Azure are called as azure API.. which means the endpoints exposed on our app are also azure API> thanks for clairfying

Share via

will the API request still go through Azure resouce manager for my app which is deployed as a containerized app

0 additional answers

Your answer