Service account for APIM developer portal

Gnanasoundari 25 Reputation points
2024-06-25T15:48:36.6+00:00

Developers has to access the API's deployed in Azure APIM Management and currently we have given access to them to developer portal for those users(individual AD access) who are accessing, we have also grouped the users. But the development team wants a common account/service account to access the API's from Azure APIM from their .net application.

From current Azure documents, I can say that Azure APIM portal is supporting for service account. Is that correct? what is solution to this problem.

Thanks in advance

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,932 questions
{count} votes

1 answer

Sort by: Most helpful
  1. SwathiDhanwada-MSFT 18,546 Reputation points
    2024-06-26T08:23:40.3733333+00:00

    @Gnanasoundari Thanks for reaching out. You have only below authentication options to secure developer portal access.

    • External users - The preferred option when the developer portal is consumed externally is to enable business-to-consumer access control through Azure Active Directory B2C (Azure AD B2C).
      • Azure AD B2C provides the option of using Azure AD B2C native accounts: users sign up to Azure AD B2C and use that identity to access the developer portal.
      • Azure AD B2C is also useful if you want users to access the developer portal using existing social media or federated organizational accounts.
      • Azure AD B2C provides many features to improve the end user sign-up and sign-in experience, including conditional access and MFA.
      For steps to enable Azure AD B2C authentication in the developer portal, see How to authorize developer accounts by using Azure Active Directory B2C in Azure API Management.
    • Internal users - The preferred option when the developer portal is consumed internally is to leverage your corporate Microsoft Entra ID. Microsoft Entra ID provides a seamless single sign-on (SSO) experience for corporate users who need to access and discover APIs through the developer portal. For steps to enable Microsoft Entra authentication in the developer portal, see How to authorize developer accounts by using Microsoft Entra ID in Azure API Management.
    • Basic authentication - A default option is to use the built-in developer portal username and password provider, which allows developers to register directly in API Management and sign in using API Management user accounts. User sign up through this option is protected by a CAPTCHA service.

    Among these, I think you have only basic authentication option to choose to use it as service account.

    0 comments No comments