Spring boot API key setup for azure web app

Question

I have problem with API key for azure web app. I have Spring Boot application in which I set up SecurityConfiguration and APIKeyAuthenticationFilter Localy with Poatman everything works fine (I specify the header and KEY in the Postman environment). But after deployment I have Whitelabel Error Page 403 Access Denied.

Regarding security, in application.yaml I have

#Security
ecoopt:
  http:
   auth-apikey-header-name: MyAppAPIKey
   auth-header-apikey: ${env.ecoopt_apikey:DEFAULT_API_PASSWORD}

The values are used in SecurityConfiguration like this

@Value("${ecoopt.http.auth-header-apikey}")
private String principalRequestValue;

@Value("${ecoopt.http.auth-apikey-header-name}")
private String principalRequestHeader;

Again. localy using Postman everything is ok.

How to specify my environment variable which is the ecoopt_apikey in Azure Portal -> Configuration-> Appplication Settings... Should it look like - Name: ecoopt_http_auth-header-apikey and value: mySecretKey

Answer 1

Whitelabel Error Page 403 Access Denied

• This error indicates that you are not authorized to access the requested resource.
• If the API key is not specified in the header or if you are unable to fetch the particular configuration from app service in your application or if the API key specified is incorrect, it leads to the 403-access denied error.

How to specify my environment variable which is the ecoopt_apikey in Azure Portal

As per my understanding, you are trying to add ecoopt_apikey and its value as Application Settings in App Service.

• Navigate to your App Service in Azure portal.

• Go to Settings in the left pane and select Configuration.

• Click on application settings and create it by giving proper Name and Value as key-value pair and save it as shown below: