Share via

APIM - Authentication-Certificate

Suresh Thakur, Kirti 86 Reputation points
2021-10-26T11:23:22.233+00:00

There has been API created as a gateway for backend service.
The authentication used is client certificate authentication.
Issues -

  1. Whenever the API request is send to backend which is a SAP system it expects a userId specifically.
    If the userId is provided in header than the response is 200 OK but if not then response is 401 Unauthorized.
    So the question is can we associate a Certificate which is used for authentication with a specific user which is configured in backend system.
  2. The next question is how do I identifty if the certificate installed in APIMis authentication certificate or client certificate.
Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,424 questions
0 comments
Accepted answer
  1. MayankBargali-MSFT 70,921 Reputation points Moderator
    2021-11-01T12:01:41.39+00:00

    @Suresh Thakur, Kirti You cannot associate the certificate to a specific user. APIM uses a subscription key for the authentication and any user passing the right keys will be able to authenticate the request. I think you can protect APIM with Azure AD and if you have a specific claim for that user then you can validate the roles using APIM policy as mentioned in restricting api-management access to users through aad.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.