APIM to key vault request 400 bad request

Question

Hi,

I have APIM proxy which receives 400 bad request while fetching secrets from key vault. I have system assigned managed identity in APIM with reader role to key-vault, also no specials char in my secret following code using in my APIM proxy:

<inbound>  
        <base />  
        <send-request ignore-error="false" timeout="20" response-variable-name="keyResponse" mode="new">  
            <set-url>https://myvault.vault.azure.net/secrets/secretkey/</set-url>  
            <set-method>GET</set-method>  
            <authentication-managed-identity resource="https://vault.azure.net" />  
        </send-request>  
    </inbound>  

Thanks

Answer 1

@Vikas Tiwari Thanks for reaching out, I see the request url is set incorrectly could you please change as below

<send-request mode="new" response-variable-name="keyResponse" timeout="20" ignore-error="false">  
<set-url>https://myvault.vault.azure.net/secrets/{Secret-name}/{Secret-version}?api-version=7.3</set-url>  
<set-method>GET</set-method>  
<authentication-managed-identity resource="https://vault.azure.net" />  
</send-request>  

Reference: https://learn.microsoft.com/en-us/rest/api/keyvault/secrets/get-secret/get-secret?WT.mc_id=AZ-MVP-5000570

please let me know incase of further queries, I would be glad to assist you.

To benefit the community find the right answers, please do mark the post which was helpful by clicking on ‘Accept Answer’ & ‘Up-Vote’.

Answer 2

Shouldn't the <set-url> be,

<set-url>https://myvault.vault.azure.net/secrets/{secret-name}?api-version=7.3</set-url>  

Reference: Get Secret - Get Secret