Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,447 questions
Azure apim
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 7.000000000000001%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
凯旋 李
0
Reputation points
This page is where I write the APIM endpoint into the web app environment variables, and the backend of APIM is Azure OpenAI, with relevant token quota restrictions. Accessing the web app using AAD login still results in a 401 error. Should I write code into my application?
<policies>
<inbound>
<base />
<!-- 设置后端服务-->
<validate-jwt header-name="Authorization" failed-validation-httpcode="401" failed-validation-error-message="Unauthorized. Access token is missing or invalid." require-scheme="Bearer" output-token-variable-name="jwt">
<openid-config url="https://login.microsoftonline.com/common/.well-known/openid-configuration" />
</validate-jwt>
<set-backend-service id="apim-generated-policy" backend-id="likxaitest1-ai-endpoint" />
<set-variable name="userUpn" value="@(context.Request.Headers.GetValueOrDefault("Authorization", string.Empty).AsJwt()?.Claims.GetValueOrDefault("upn") ?? "anonymous")" />
<!-- 调试用头,可去掉 -->
<set-header name="X-User-Upn" exists-action="override">
<value>@((string)context.Variables["userUpn"])</value>
</set-header>
<!-- 特定用户限制 -->
<choose>
<when condition="@((string)context.Variables["userUpn"] == "******@xxxx.onmicrosoft.com")">
<llm-token-limit remaining-quota-tokens-header-name="remaining-tokens" tokens-per-minute="10000" token-quota="1000" token-quota-period="Daily" counter-key="@((string)context.Variables["userUpn"])" estimate-prompt-tokens="true" tokens-consumed-header-name="consumed-tokens" />
</when>
<otherwise>
<!-- 其它用户不限制/可自定义限制 -->
<llm-token-limit remaining-quota-tokens-header-name="remaining-tokens" tokens-per-minute="10000" token-quota="300" token-quota-period="Hourly" counter-key="@((string)context.Variables["userUpn"])" estimate-prompt-tokens="true" tokens-consumed-header-name="consumed-tokens" />
</otherwise>
</choose>
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>
Azure API Management
{count} votes
-
VenkateshDodda-MSFT 24,951 Reputation points Microsoft Employee Moderator2025-06-25T10:17:36.68+00:00 @凯旋 李 Thanks for posting your question in Microsoft Q&A, apologize for any inconvenience caused on this.
Could you please share more details to understand the issue better.
- what are your trying to achieve?
- is there any documentation steps that you are following?
-
VenkateshDodda-MSFT 24,951 Reputation points Microsoft Employee Moderator
2025-06-26T08:25:24.7333333+00:00 @凯旋 李 Following up to see if you have a chance to check my previous response and help us with requested information to assist you further.
-
凯旋 李 0 Reputation points
2025-06-26T08:54:18.71+00:00 can you give me your email?l will communicate with you in teams
-
VenkateshDodda-MSFT 24,951 Reputation points Microsoft Employee Moderator
2025-06-26T09:07:28.47+00:00 @凯旋 李 I have reached out to your over private message please do check and let me know.
Here is the reference link on How to access & Data Privacy policy of private messages in Microsoft QnA.
Sign in to comment
Sign in to answer