Custom domains in Azure APIM Product API Level

Question

Having a APIM Instance associated with the 2 custom domains assigned like developerapis.neo.com and stagingapis.neo.com.

Is it possible to assign One custom domain to one product APIs and another custom domain to another product APIs?
If yes, how to assign?

Answer 1

anonymous user Thank you for reaching out to Microsoft Q&A. Custom domains can be set at Gateway, Developer, Management or SCM endpoints depending on the service tier. They cannot be done at a Product or API level since the validation happens during TLS handshake at the gateway level (Product and API fall under gateway endpoint). Check docs: https://learn.microsoft.com/en-us/azure/api-management/configure-custom-domain?tabs=custom#how-api-management-proxy-server-responds-with-ssl-certificates-in-the-tls-handshake for more info on this.

All APIs are accessible across custom domains. But if you like to restrict a product API(s) to one domain like developerapis.neo.com, you can then create a custom policy like below at product level (or API level) and return 401: unauthorized access when accessed from other domains.

Sample Policy snippet
<choose>
<when condition="@(context.Request.OriginalUrl.Host != "developerapis.neo.com")">
<return-response>
<set-status code="401" reason="Unauthorized"/>
</return-response>
</when>
</choose>

For more info check
context variable - https://learn.microsoft.com/en-us/azure/api-management/api-management-policy-expressions#ContextVariables
return-response - https://learn.microsoft.com/en-us/azure/api-management/api-management-advanced-policies#ReturnResponse
set-status - https://learn.microsoft.com/en-us/azure/api-management/api-management-advanced-policies#SetStatus

I hope this answers your question and feel free to add if you have any questions :). Please 'Accept as answer' and ‘Upvote’ if it helped so that it can help others in the community looking for help on similar topics.