Why the azure APIM does not have inbuilt OAuth server ..?

Achanta Prasad 0 Reputation points
2024-11-21T23:00:54.82+00:00

Why azure API management is not having in built oauth server and need relay on other external Idp..?Why the product subscription using subscription keys and they cleary states it is not an strong auntentication framework Authentication and Authorization Overview because we can track the efficiently if using OAuth alone.

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,219 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Shireesha Eeraboina (Quadrant Resource LLC) 235 Reputation points Microsoft Vendor
    2024-11-27T08:34:50.33+00:00

    Hi @Achanta Prasad ,

    Welcome to the Microsoft Q&A Platform! Thank you for your question.

    Azure API Management does not have an inbuilt OAuth server because its main focus is on API management, not identity management. OAuth is a complex protocol that requires handling authentication, consent, and token management. Instead, Azure API Management integrates with external Identity Providers (IdPs) like Azure Active Directory (Azure AD), which specialize in secure authentication and user management. This approach provides flexibility by allowing integration with various authentication mechanisms and enables stronger user authentication and fine-grained authorization. I hope this explanation is helpful. Let me know if you have any further questions.

    Feel free to reach out if you need more assistance. I would be happy to help.

    Thank you.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.