question

SureshThakurKirti-1781 avatar image
0 Votes"
SureshThakurKirti-1781 asked SureshThakurKirti-1781 commented

X-Forwarded-For causing issue with authentication

When APIM forward request to backend it adds 'X-Forwarded-For' header. Is there any way to remove this header? I tired adding inbound policy (set-header - delete) but it does not actually remove this header. This header with IP address is causing me trouble for authentication at backend api.

If I cannot remove the header what is the alternate way to get my request authenticate as due to this header i am getting 401 Unauthorized error.

Backend system is SAP S/4 HANA

azure-api-management
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MayankBargali-MSFT avatar image
0 Votes"
MayankBargali-MSFT answered SureshThakurKirti-1781 commented

@SureshThakurKirti-1781 API Management is a reverse proxy and it must add X-Forwarded-For header to each request that passes through it per the HTTP spec. Therefore there is no way to remove it.
You can configure the ICM parameter icm/HTTPS/accept_ccert_for_x_forwarded_for_requests and set it value to true so the request that has X-Forward-For are not denied at the SAP end. The default value is false for icm/HTTPS/accept_ccert_for_x_forwarded_for_requests at SAP end.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you for the response!
Will connect with backend system to configure the parameter.

1 Vote 1 ·