Segment Products/APIs by country in Azure API Management Developer Portal

Hernán Castellani 46 Reputation points
2022-02-14T16:08:37.42+00:00

Hello everyone,

In API Developer Portal, I would like to be able to segment the products and APIs by country for example, to only show those apis to users from this or that country. Do you know if this is possible in Azure API Management?

Regards,
Hernán Castellani

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,064 questions
0 comments No comments
{count} votes

Accepted answer
  1. MughundhanRaveendran-MSFT 12,476 Reputation points
    2022-02-15T09:22:05.383+00:00

    @Hernán Castellani ,

    Thanks for reaching out to Q&A.

    You could use ip-filter policy to allow or denies calls from specific IP addresses and/or address ranges. Or you could front API Management with Azure Front Door as explained in this article, or alternatively with Application Gateway and use a Web Access Firewall (WAF) with a custom rule to allow or deny calls from specific geographies. To create a geo-filtering custom rule, select Geo-location as the Match Type, and then select the country you want to allow/block from your application.

    If you use the ip-filter policy, so it's your responsibility to explicitly allow or deny ip address ranges, included any Front Door and/or Application Gateway health probe. If you use a WAF policy, this refers to the incoming calls to Front Door or Application Gateway. When using Front Door or Application Gateway in front of APIM you should not invoke APIM directly, but only through Front Door or App Gateway. This way the WAF custom rule could check if calls come from allowed

    I hope this helps!

    Please 'Accept as answer' and ‘Upvote’ if it helped so that it can help others in the community looking for help on similar topics.


1 additional answer

Sort by: Most helpful
  1. Hernán Castellani 46 Reputation points
    2022-02-16T11:19:08.403+00:00

    Hello @MughundhanRaveendran-MSFT ,

    First of all, thank you very much for your answer. Actually, what I'm looking for is that the Developer Portal only shows those APIs that are for the region of the connected user. This to avoid confusion with other APIs that are not intended for other countries.
    As a first approach, I have created user groups by country, and APIM Products for each of these groups. In this way, when the user logs in to the Developer Portal, he only sees those products of his group (country). What do you think about this solution?

    Regards,
    Hernán Castellani


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.