I configured MSI to table storage in my API Management:
Then, in inboud
policy i am setting mocked url to table storage:
<inbound>
<base />
<set-backend-service base-url="https://<storage>.table.core.windows.net/<table>()?$top=10" />
<authentication-managed-identity resource="https://storage.azure.com/" />
</inbound>
And i see, that token is obtained correctly:
And i am getting 403
response as follows:
{
"response": {
"status": {
"code": 403,
"reason": "Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature."
},
My question is, how to call table
storage from Api Management
using managed identity
?
Just add this to inbound policy:
<set-header name="x-ms-version" exists-action="override">
<value>@{string version = "2017-11-09"; return version;}</value>
</set-header>