Share via

How to secure a API Logic App preferably without Key Vault or Active Directory

Jun Ting Ho 141 Reputation points
2021-03-18T09:37:28.263+00:00

Hi, my team needs to secure an Azure API that connects to a Logic App such that a range of users can access it, but only if they each provide unique access credentials. Is there a simple way to solve this issue that a beginner can understand and implement (including testing) within 1 day? The ideal solution would be to implement it either within the Logic App itself or within API Management, but without using Key Vaults or AD preferably. Please let us know if such a solution can be implemented, or if a Key Vault / AD is a must.

We are currently utilising subscriptions, but that is no longer adequate as we require more than two keys.

Thanks!!!

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,078 questions
Azure Logic Apps
Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
3,094 questions
Accepted answer
  1. Rahul Metangale 106 Reputation points
    2021-03-19T07:58:20.807+00:00

    Hi @Jun Ting Ho

    Based on your question i understand that you want to secure the web api without using Azure AD or Keyvault.

    You can look at API key based authentication or certificate based authentication. It is easy to implement and same API key or certificate can be used by logic app while calling API irrespective of which user.

    I hope this answers your question.

    Thanks
    Rahul

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.