Are there options to restrict certain operations in my API from being visible to specific user roles in the developer portal?

Ummi Aiman Izani 0 Reputation points
2023-10-13T00:26:09.9233333+00:00
  • I have an API in APIM with the following operations:
    • Operation1
      • Operation2
      And the groups of users: - Group1
                - Group2
      
                so the idea is to give access to the groups according some business rules for instance:
                      - Group1 (Operation1)
      
                            - Group2 (Operation2)
      
  • is there a way to do it and make it display only that operation to specific group.
  • Are there options to restrict certain operations in my API from being visible to specific user roles in the developer portal? For azure api management gatewayCan I control access to specific operations (endpoints) within an API for different user roles in Azure API Management's developer portal?
  • Is it possible to limit access to certain operations based on user roles directly within the developer portal, without modifying the API code.
Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,814 questions
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,008 questions
{count} votes

1 answer

Sort by: Most helpful
  1. MuthuKumaranMurugaachari-MSFT 22,236 Reputation points
    2023-10-16T18:41:43.1766667+00:00

    Ummi Aiman Izani Thanks for posting your question in Microsoft Q&A. Currently, you can assign groups (built-in or custom groups) to the products and users in that group (associate members with the group) can access all APIs and Operations belong to that product. Unfortunately, you cannot restrict access only to certain operations like described above.

    So, the workaround is to define own APIs with specific operations and expose it via a product. For example, you can define ProductA with API1 -> Operation1, ProductB with API2 -> Operation2, ProductC with API3 -> Operation1, Operation2 and then assign groups to the product like group1 -> Product1, group2 -> Product2 etc.

    I agree this would be a great feature request, and other customers have shared similar feedback: https://feedback.azure.com/d365community/idea/ba08e6f3-ff24-ec11-b6e6-000d3a4f0858#comments in the azure feedback. Please feel free to upvote the idea too or share your feedback and I will also pass it along internally to our product team.

    I hope this helps and let us know if you have any questions.


    If you found the answer to your question helpful, please take a moment to mark it as "Yes" for others to benefit from your experience. Or simply add a comment tagging me and would be happy to answer your questions.

    0 comments No comments