Allow a third party dev team access to Azure resources

Andy Donkel 20 Reputation points
2023-09-11T19:33:03.75+00:00

I have a third party dev team i contracted to help us develop an APP. The app has a few api's that i need to host on Azure. how do i configure my subscription (authorization options) to allow this team to get access to my web app and api resources without giving them the keys to the kingdom?

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,062 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,272 questions
{count} votes

Accepted answer
  1. MayankBargali-MSFT 70,126 Reputation points
    2023-09-12T11:16:05.5433333+00:00

    @Andy Donkel Thanks for reaching out. Can you please confirm which azure resource you have hosted your API and are you using APIM to expose those API's?

    Assuming that you are hosting your API in azure webapps as per the tag added in the question and what to use APIM to access those API then to allow your third-party dev team to access your web app and API resources without giving them full access, you can create a new subscription in Azure API Management and configure it with the appropriate access policies. Here are the steps to create a new subscription.

    Once you have created the subscription, you can configure it with the appropriate access policies to restrict access to your web app and API resources. For example, you can use IP filtering to restrict access to specific IP addresses, or you can use OAuth 2.0 to authenticate and authorize access to your APIs.

    To configure OAuth 2.0 user authorization for the interactive test console in the Azure API Management developer portal, you can follow the steps outlined in the following document: Authorize test console of API Management developer portal using OAuth 2.0 user authorization.

    Import webapps API to APIM you can refer to this document.


1 additional answer

Sort by: Most helpful
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.