Access APIM through Private Endpoint using public App Gateway

Vasiliy Grinko 20 Reputation points
2024-04-30T13:13:02.18+00:00

I disabled public access in my APIM and trying to make it publicly available through Application Gateway (with public IP), but I'm getting 403 as requests are originating from a public IP:

{

"statusCode": 403,

"message": "Request originated from client public IP address ...., public network access on this `Microsoft.ApiManagement/service/my-apim` is disabled. To connect to `Microsoft.ApiManagement/service/my-apim`, please use the Private Endpoint from inside your virtual network. To learn more https://aka.ms/apim-privateendpoint "

}

From Application Gateway I'm targeting APIM Private Endpoint.

How I can make APIM (basic tier) available through Application Gateway and disable direct APIM public access?

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,792 questions
{count} votes

1 answer

Sort by: Most helpful
  1. JananiRamesh-MSFT 21,966 Reputation points
    2024-05-01T07:57:00.5533333+00:00

    @Vasiliy Grinko Thanks for reaching out. You can make APIM (basic tier) available through Application Gateway and disable direct APIM public access as long as Application gateway virtual network can connect to Private link of APIM.

    Error message says Request originated from client public IP address it means request going through public not private so configuration in app gateway could be incorrect.

    you need to check the network from app gateway to APIM see if it's really going through private endpoint.