How to configure Azure APIM policy to send emails in case 401 errors

Question

Hi All,

I have a requirement to send alerts via emails in case if an API fails with 401 (Unauthorized access) errors. These apis use api-key for authentication.

I tried to trigger a logic app from the on-error section of the Azure APIM policy but that didn't work. Is there a way to trigger an email (via logic app or any other means) in case of a 401 error?

Please note: I have already configured Azure Monitor alerts for 401 errors which notify us when the number of 401 errors exceed a threshold value. However, for some of our critical APIs we want to get alerted as soon as there is an unauthorised access error.

Thanks

Answer 1

@Moonmoon Pathak Azure monitor alert does have the Frequency of Evaluation that can be set to a minimum of 1 minute. But as per your requirement, you want to send the alert as soon as possible without waiting for 1 minute. In that case, I will suggest you to leverage the Send-One-Way-Request or send-request policy to call any webhook or HTTP request only to those critical APIs using policy. In the inbound policy if the request is Unauthorized then you can leverage the above policy to call the logic app native HTTP trigger which will trigger your logic app workflow and according you can leverage other logic app connectors to send the email immediately and you don't have to wait one minute as in case of azure monitor alert.

Answer 2

Azure Monitor can provide this capability with action groups and can also alert with a frequency of 1 minute using the resource logs. You can use the built in Azure Monitor emails, or Logic apps, functions, webhooks to meet your goals.