I am trying to generate the Active Directory Token via the Azure API gateway. For that i have created a API operation on my Azure API Gateway which accepts the following body parama.
{
"client_id" :"****************",
"scope":"https://graph.windows.net/.default",
"client_secret":"****************",
"grant_type":"client_credentials"
}
Whenever I try to test this the body is set for the inboud process but not able to forward the same to the backend service which is https://login.microsoftonline.com/{{ID}}/oauth2/v2.0/token/ so I modified my inboud policy as below but still no luck.
<set-method>POST</set-method>
<set-variable name="requestBodyData" value="@(context.Request.Body.As<string>(preserveContent: true))" />
<set-header name="Content-Type" exists-action="override">
<value>"application/x-www-form-urlencoded"</value>
</set-header>
<rewrite-uri template="/" />
<set-body>@{
return "client_id=*******&scope=https://graph.windows.net/.default&client_secret=*******&grant_type=client_credentials";
}</set-body>
<!-- Don't expose APIM subscription key to the backend. -->
<set-header name="Ocp-Apim-Subscription-Key" exists-action="delete" />
Any leads would be appriciated.
Got it , removed the headed and the method from the inbound policy and updated the inbound policy as :-
<set-variable name="client_id" value="********" />
<set-variable name="scope" value="********"" />
<set-variable name="client_secret" value="********" />
<set-variable name="grant_type" value="********" />
<rewrite-uri template="/" />
<set-body>@{
return "client_id="+(context.Variables["client_id"])+"&scope="+(context.Variables["scope"])+"&client_secret="+(context.Variables["client_secret"])+"&grant_type="+(context.Variables["grant_type"]);
}</set-body>
<!-- Don't expose APIM subscription key to the backend. -->
<set-header name="Ocp-Apim-Subscription-Key" exists-action="delete" />