This post provides an overview of the API First Approach, a guide to getting started with the Azure API Management service, instructions for setting up Azure APIM, and an exploration of two crucial aspects of APIM: Security and DevOps.
By following the guidelines provided in this document, you can ensure the successful implementation and operation of APIM in your organization.
UNDERSTANDING THE API-First Approach to Building Products (swagger.io)
Web APIs have been around for nearly 20 years, but it is only in the past few years that the concept of “API first” has gained traction with software teams.
What Does an API-First Approach Mean?
An API-first approach means that for any given development project, your APIs are treated as “first-class citizens.”
That everything about a project revolves around the idea that the end product will be consumed by mobile devices, and that APIs will be consumed by client applications.
An API-first approach involves developing APIs that are consistent and reusable, which can be accomplished by using an API description language to establish a contract for how the API is supposed to behave. Establishing a contract involves spending more time thinking about the design of an API.
It also often involves additional planning and collaboration with the stakeholders providing feedback on the design of an API before any code is written.
Azure APIM
Azure API Management – Overview and key concepts | Microsoft Learn
Azure API Management is a hybrid, multicloud management platform for APIs across all environments. As a platform-as-a-service, API Management supports the complete API lifecycle.
Scenarios
APIs enable digital experiences, simplify application integration, underpin new digital products, and make data and services reusable and universally accessible. With the proliferation and increasing dependency on APIs, organizations need to manage them as first-class assets throughout their lifecycle.
Azure API Management helps customers meet these challenges:
- Abstract backend architecture diversity and complexity from API consumers
- Securely expose services hosted on and outside of Azure as APIs
- Protect, accelerate, and observe APIs
- Enable API discovery and consumption by internal and external users
- Common scenarios include:
Unlocking legacy assets – APIs are used to abstract and modernize legacy backends and make them accessible from new cloud services and modern applications. APIs allow innovation without the risk, cost, and delays of migration.
API-centric app integration – APIs are easily consumable, standards-based, and self-describing mechanisms for exposing and accessing data, applications, and processes. They simplify and reduce the cost of app integration.
Multi-channel user experiences – APIs are frequently used to enable user experiences such as web, mobile, wearable, or Internet of Things applications. Reuse APIs to accelerate development and ROI.
B2B integration – APIs exposed to partners and customers lower the barrier to integrate business processes and exchange data between business entities. APIs eliminate the overhead inherent in point-to-point integration. Especially with self-service discovery and onboarding enabled, APIs are the primary tools for scaling B2B integration.
API Management documentation | Microsoft Learn
API Management components
Azure API Management is made up of an API gateway, a management plane, and a developer portal. These components are Azure-hosted and fully managed by default. API Management is available in various tiers differing in capacity and features.
API gateway
All requests from client applications first reach the API gateway, which then forwards them to respective backend services. The API gateway acts as a facade to the backend services, allowing API providers to abstract API implementations and evolve backend architecture without impacting API consumers. The gateway enables consistent configuration of routing, security, throttling, caching, and observability.
Specifically, the gateway:
- Acts as a facade to backend services by accepting API calls and routing them to appropriate backends
- Verifies API keys and other credentials such as JWT tokens and certificates presented with requests
- Enforces usage quotas and rate limits
- Optionally transforms requests and responses as specified in policy statements
- If configured, caches responses to improve response latency and minimize the load on backend services
- Emits logs, metrics, and traces for monitoring, reporting, and troubleshooting
Self-hosted gateway
With the self-hosted gateway, customers can deploy the API gateway to the same environments where they host their APIs, to optimize API traffic and ensure compliance with local regulations and guidelines. The self-hosted gateway enables customers with hybrid IT infrastructure to manage APIs hosted on-premises and across clouds from a single API Management service in Azure.
The self-hosted gateway is packaged as a Linux-based Docker container and is commonly deployed to Kubernetes, including to Azure Kubernetes Service and Azure Arc-enabled Kubernetes.
Management plane
API providers interact with the service through the management plane, which provides full access to the API Management service capabilities.
Customers interact with the management plane through Azure tools including the Azure portal, Azure PowerShell, Azure CLI, a Visual Studio Code extension, or client SDKs in several popular programming languages.
Use the management plane to:
- Provision and configure API Management service settings
- Define or import API schemas from a wide range of sources, including OpenAPI specifications, Azure compute services, or WebSocket or GraphQL backends
- Package APIs into products
- Set up policies like quotas or transformations on the APIs
- Get insights from analytics
- Manage users
Developer portal
The open-source developer portal is an automatically generated, fully customizable website with the documentation of your APIs.
API providers can customize the look and feel of the developer portal by adding custom content, customizing styles, and adding their branding. Extend the developer portal further by self-hosting.
App developers use the open-source developer portal to discover the APIs, onboard to use them, and learn how to consume them in applications. (APIs can also be exported to the Power Platform for discovery and use by citizen developers.)
Using the developer portal, developers can:
- Read API documentation
- Call an API via the interactive console
- Create an account and subscribe to get API keys
- Access analytics on their own usage
- Download API definitions
- Manage API keys
Integration with Azure services
API Management integrates with many complementary Azure services to create enterprise solutions, including:
- Azure Key Vault for secure safekeeping and management of client certificates and secrets
- Azure Monitor for logging, reporting, and alerting on management operations, systems events, and API requests
- Application Insights for live metrics, end-to-end tracing, and troubleshooting
- Virtual networks, private endpoints, and Application Gateway for network-level protection
- Azure Active Directory for developer authentication and request authorization
- Event Hubs for streaming events
- Several Azure compute offerings commonly used to build and host APIs on Azure, including Functions, Logic Apps, Web Apps, Service Fabric, and others.
Setting UP NEW Azure API Management service instance
Quickstart – Create an Azure API Management instance | Microsoft Learn
Tutorial – Import and publish your first API in Azure API Management | Microsoft Learn
Explore API Management – Training | Microsoft Learn
There are many ways to create an Azure API management service instance, using.
- Azure Portal
- Azure CLI
- PowerShell
- Visual Studio Code
- Bicep
- ARM Template
- Terraform
1. Create a new Azure API Management service instance by using the Azure portal
It can take 30 to 40 minutes to create and activate an API Management service in this tier
The service name is used to generate a default domain name: <name>.azure-api.net.
If you would like to configure a custom domain name later, see Configure a custom domain.
When you create an Azure API Management service instance in the Azure cloud, Azure assigns it a azure-api.net subdomain (for example, apim-service-name.azure-api.net). You can also expose your API Management endpoints using your own custom domain name, such as contoso.com
Clean up:
2. Import and publish your first API
Once you have set up Azure APIM portal, now let’s develop and publish the API to Azure APIM portal or Import an existing API.
IN this section, we will see how to import an OpenAPI specification backend API in JSON format into Azure API Management. Microsoft provides the backend API used in this example, and hosts it on Azure at https://conferenceapi.azurewebsites.net
We will import this API in APIM and test the API in Azure Portal.
Open the APM instance.
On the API Management services page, select your API Management instance.
Import and publish a backend API
This section shows how to import and publish an OpenAPI specification backend API.
- In the left navigation of your API Management instance, select APIs.
- Select the OpenAPI tile.
- In the Create from OpenAPI specification window, select Full.
- Enter the values from the following table.
You can set API values during creation or later by going to the Settings tab.
Select Create to create your API.
3. Test API in Azure Portal
You can call API operations directly from the Azure portal, which provides a convenient way to view and test the operations. In the portal’s test console, by default, APIs are called by using a key from the built-in all-access subscription. You can also test API calls by using a subscription key scoped to a product.
Tutorial – Import and publish your first API in Azure API Management | Microsoft Learn
4. Create and publish a product
Tutorial – Create and publish a product in Azure API Management | Microsoft Learn
In Azure API Management, a product contains one or more APIs, a usage quota, and the terms of use. After a product is published, developers can subscribe to the product and begin to use the product’s APIs.
Lets explore, how to:
- Create and publish a product
- Add an API to the product
- Access product APIs
Create and publish a product
select Products > + Add.
Add product window
Add an API to the product
Products are associations of one or more APIs. You can include many APIs and offer them to developers through the developer portal. During the product creation, you can add one or more existing APIs.
You can also add APIs to the product later, either from the Products Settings page or while creating an API.
Access product APIs
After you publish a product, developers can access the APIs. Depending on how the product is configured, they may need to subscribe to the product for access.
Protected product – Developers must first subscribe to a protected product to get access to the product’s APIs. When they subscribe, they get a subscription key that can access any API in that product. If you created the API Management instance, you are an administrator already, so you are subscribed to every product by default.
When a client makes an API request with a valid product subscription key, API Management processes the request and permits access in the context of the product. Policies and access control rules configured for the product can be applied.
Open product – Developers can access an open product’s APIs without a subscription key. However, you can configure other mechanisms to secure client access to the APIs, including OAuth 2.0, client certificates, and restricting caller IP addresses.
When a client makes an API request without a subscription key:
- API Management checks whether the API is associated with an open product. An API can be associated with at most one open product.
- If the open product exists, it then processes the request in the context of that open product. Policies and access control rules configured for the open product can be applied.
5. Mock API Response
Tutorial – Mock API responses in API Management – Azure portal | Microsoft Learn
Backend APIs are imported into an API Management (APIM) API or created and managed manually.
Let’s see how to:
- Use API Management to create a blank HTTP API
- Manage an HTTP API manually
- Set a policy on an API so it returns a mocked response
6. Transform and protect your API
You might want to transform your API so it doesn’t reveal private backend info. Transforming an API can help you hide the technology stack info that’s running in the backend, or hide the original URLs that appear in the body of the API’s HTTP response.
Lets see how to add protection to your backend API by configuring a rate limit policy, so that the API isn’t overused by developers. For more policy options, see API Management policies.
Note: By default, API Management configures a global forward-request policy. The forward-request policy is needed for the gateway to complete a request to a backend service.
Let’s see how to:
1. Transform an API to strip response headers
2. Replace original URLs in the body of the API response with API
3. Management gateway URLs
4. Protect an API by adding a rate limit policy (throttling)
5. Test the transformations
7. Monitor published APIs
Tutorial – Monitor published APIs in Azure API Management | Microsoft Learn
With Azure Monitor, you can visualize, query, route, archive, and take actions on the metrics or logs coming from your Azure API Management service.
In this section, lets see how to:
i. View metrics of your API
ii. Set up an alert rule
iii. View activity logs
iv. Enable and view resource logs
8. Debug your APIs using request tracing
Tutorial – Debug APIs in Azure API Management using request tracing | Microsoft Learn
how to inspect (trace) request processing in Azure API Management. Tracing helps you debug and troubleshoot your API.
In this tutorial, you learn how to:
- Trace an example call
- Review request processing steps
9. Use revisions to make non-breaking API changes safely
When your API is ready to go and is used by developers, you eventually need to make changes to that API and at the same time not disrupt callers of your API. It’s also useful to let developers know about the changes you made.
In Azure API Management, use revisions to make non-breaking API changes so you can model and test changes safely. When ready, you can make a revision current and replace your current API.
Lets see how to:
1. Add a new revision
2. Make non-breaking changes to your revision
3. Make your revision current and add a change log entry
4. Browse the developer portal to see changes and change log
10. Publish multiple versions of your API
Tutorial – Publish versions of your API using Azure API Management | Microsoft Learn
There are times when it’s impractical to have all callers to your API use exactly the same version. When callers want to upgrade to a later version, they want an approach that’s easy to understand
Lets see, how to:
i. Add a new version to an existing API
ii. Choose a version scheme
iii. Add the version to a product
iv. Browse the developer portal to see the version
11. Access and customize the developer portal
Tutorial – Access and customize the developer portal – Azure API Management | Microsoft Learn
The developer portal is an automatically generated, fully customizable website with the documentation of your APIs. It is where API consumers can discover your APIs, learn how to use them, and request access.
Old Developer portal is deprecated:
Refer : Developer portal:-> Portal Overview:
<RKOrg> developer portal (azure-api.net)
New Developer portal:
Let’s see, how to:
i. Access the managed version of the developer portal
ii. Navigate its administrative interface
iii. Customize the content
iv. Publish the changes
v. View the published portal
Use the API Management Extension for Visual Studio Code to import and manage APIs
Tutorial – Import and manage APIs – Azure API Management and Visual Studio Code | Microsoft Learn
how to use the API Management Extension for Visual Studio Code for common operations in API Management. Use the familiar Visual Studio Code environment to import, update, test, and manage APIs.
Let us see, how to
i. Import an API into API Management
ii. Edit the API
iii. Apply API Management policies
iv. Test the API
Authentication and authorization to APIs in Azure API Management
API authentication and authorization – Overview – Azure API Management | Microsoft Learn
API authentication and authorization in API Management involve securing the end-to-end communication of client apps to the API Management gateway and through to backend APIs.
In many customer environments, OAuth 2.0 is the preferred API authorization protocol.
API Management supports OAuth 2.0 authorization between the client and the API Management gateway, between the gateway and the backend API, or both independently.
API Management supports other client-side and service-side authentication and authorization mechanisms that supplement OAuth 2.0 or that are useful when OAuth 2.0 authorization for APIs isn’t possible.
How you choose from among these options depends on the maturity of your organization’s API environment, your security and compliance requirements, and your organization’s approach to mitigating common API threats.
Authentication versus authorization
Here’s a brief explanation of authentication and authorization in the context of access to APIs:
- Authentication – The process of verifying the identity of a user or app that accesses the API. Authentication may be done through credentials such as username and password, a certificate, or through single sign-on (SSO) or other methods.
- Authorization – The process of determining whether a user or app has permission to access a particular API, often through a token-based protocol such as OAuth 2.0
OAuth 2.0 concepts
OAuth 2.0 is a standard authorization framework that is widely used to secure access to resources such as web APIs.
OAuth 2.0 restricts actions of what a client app can perform on resources on behalf of the user, without ever sharing the user’s credentials.
While OAuth 2.0 isn’t an authentication protocol, it’s often used with OpenID Connect (OIDC), which extends OAuth 2.0 by providing user authentication and SSO functionality.
OAuth flow
What happens when a client app calls an API with a request that is secured using TLS and OAuth 2.0?
The following is an abbreviated example flow:
- The client (the calling app, or bearer) authenticates using credentials to an identity provider.
- The client obtains a time-limited access token (a JSON web token, or JWT) from the identity provider’s authorization server.
The identity provider (for example, Azure AD) is the issuer of the token, and the token includes an audience claim that authorizes access to a resource server (for example, to a backend API, or to the API Management gateway itself).
- The client calls the API and presents the access token – for example, in an Authorization header.
- The resource server validates the access token. Validation is a complex process that includes a check that the issuer and audience claims contain expected values.
- Based on token validation criteria, access to resources of the backend API is then granted.
Depending on the type of client app and scenarios, different authorization flows are needed to request and manage tokens. For example, the authorization code flow and grant type are commonly used in apps that call web APIs
OAuth 2.0 authorization scenarios in API Management
Scenario 1 – Client app authorizes directly to backend
Scenario 2 – Client app authorizes to API Management
Scenario 3: API management authorizes to backend
Service side options
| Mechanism | Description | Considerations |
| Managed identity authentication | Authenticate to backend API with a system-assigned or user-assigned managed identity. | Recommended for scoped access to a protected backend resource by obtaining a token from Azure AD. |
| Certificate authentication | Authenticate to backend API using a client certificate. | The certificate may be stored in a key vault. |
| Basic authentication | Authenticate to backend API with username and password that are passed through an Authorization header. | Discouraged if better options are available. |
Protect an API in Azure API Management using OAuth 2.0 authorization with Azure Active Directory
steps to configure your Azure API Management instance to protect an API, by using the OAuth 2.0 protocol with Azure Active Directory (Azure AD).
Follow these steps to protect an API in API Management, using OAuth 2.0 authorization with Azure AD.
- Register an application (called backend-app in this article) in Azure AD to protect access to the API.
To access the API, users or applications will acquire and present a valid OAuth token granting access to this app with each API request.
- Configure the validate-jwt policy in API Management to validate the OAuth token presented in each incoming API request. Valid requests can be passed to the API.
Register an application in Azure AD to represent the API
Configure a JWT validation policy to pre-authorize requests
Authorization workflow
- A user or application acquires a token from Azure AD with permissions that grant access to the backend app.
- The token is added in the Authorization header of API requests to API Management.
- API Management validates the token by using the
validate-jwtpolicy.- If a request doesn’t have a valid token, API Management blocks it.
- If a request is accompanied by a valid token, the gateway can forward the request to the API.
Setting up DevOps pipeline for API
Use DevOps and CI/CD to publish APIs | Microsoft Learn
With the strategic value of APIs in the enterprise, adopting DevOps continuous integration (CI) and deployment (CD) techniques has become an important aspect of API development.
We will discuss the decisions you’ll need to make to adopt DevOps principles for the management of APIs.
API DevOps consists of three parts:
API definition
An API developer writes an API definition by providing a specification, settings (such as logging, diagnostics, and backend settings), and policies to be applied to the API.
The API definition provides the information required to provision the API on an Azure API Management service. The specification may be based on a standards-based API specification (such as WSDL, OpenAPI, or GraphQL), or it may be defined using the Azure Resource Manager (ARM) APIs (for example, an ARM template describing the API and operations).
The API definition will change over time and should be considered “source code“. Ensure that the API definition is stored under source code control and has appropriate review before adoption.
There are several tools to assist in producing the API definition:
- The Azure APIOps Toolkit provides a workflow built on top of a git source code control system (such as GitHub or Azure Repos). It uses an extractor to produce an API definition that is then applied to a target API Management service by a publisher. APIOps supports REST and GraphQL APIs at this time.
- The dotnet-apim tool converts a well-formed YAML definition into an ARM template for later deployment. The tool is focused on REST APIs.
- Terraform is an alternative to Azure Resource Manager to configure resources in Azure. You can create a Terraform configuration (together with policies) to implement the API in the same way that an ARM template is created.
You can also use IDE-based tools for editors such as Visual Studio Code to produce the artifacts necessary to define the API.
API approval
Once the API definition has been produced, the developer will submit the API definition for review and approval. If using a git-based source code control system (such as GitHub or Azure Repos), the submission can be done via Pull Request.
A pull request informs others of changes that have been proposed to the API definition. Once the approval gates have been confirmed, an approver will merge the pull request into the main repository to signify that the API definition can be deployed to production.
The pull request process empowers the developer to remediate any issues found during the approval process.
Both GitHub and Azure Repos allow approval pipelines to be configured that run when a pull request is submitted. You can configure the approval pipelines to run tools such as:
- API specification linters such as Spectral to ensure that the definition meets API standards required by the organization.
- Breaking change detection using tools such as openapi-diff.
- Security audit and assessment tools. OWASP maintains a list of tools for security scanning.
- Automated API test frameworks such as Newman, a test runner for Postman collections
API publication
The API definition will be published to an API Management service through a release pipeline. The tools used to publish the API definition depend on the tool used to produce the API definition:
- If using the Azure APIOps Toolkit, the toolkit includes a publisher that writes the API definition to the target service.
- If using dotnet-apim, the API definition is represented as an ARM template. Tasks are available for Azure Pipelines and GitHub Actions to deploy an ARM template.
- If using Terraform, CLI tools will deploy the API definition on your service. There are tasks available for Azure Pipelines and GitHub Actions.
Best practices – DevOps pipeline for publishing APIs
There’s no industry standard for setting up a DevOps pipeline for publishing APIs, and none of the tools mentioned will work in all situations.
However, we see that most situations are covered by using a combination of the following tools and services:
- Azure Repos stores the API definitions in a git repository.
- Azure Pipelines runs the automated API approval and API publication processes.
- Azure APIOps Toolkit provides tools and workflows for publishing APIs.
We’ve seen the greatest success in customer deployments, and recommend the following practices:
- Set up either GitHub or Azure Repos for your source code control system. This choice will determine your choice of pipeline runner as well. GitHub can use Azure Pipelines or GitHub Actions, whereas Azure Repos must use Azure Pipelines.
- Set up an Azure API Management service for each API developer so that they can develop API definitions along with the API service. Use the consumption or developer SKU when creating the service.
- Use policy fragments to reduce the new policy that developers need to write for each API.
- Use named values and backends to ensure that policies are generic and can apply to any API Management instance.
- Use the Azure APIOps Toolkit to extract a working API definition from the developer service.
- Set up an API approval process that runs on each pull request. The API approval process should include breaking change detection, linting, and automated API testing.
- Use the Azure APIOps Toolkit publisher to publish the API to your production API Management service.
Review Automated API deployments with APIOps in the Azure Architecture Center for more details on how to configure and run a CI/CD deployment pipeline with APIOps.
Azure APIOps Toolkit
Code Of Conduct
Before we dive into learning about the APIOPs tool we would like to share some guidance on how to navigate the associated Github repo as you learn your way around the tool:
- Always refer to the wiki for detailed configuration setup
- Always use the latest release which includes the latest features and bug fixes
- Please use the issues section to report any issues that you encounter as well as any requested features that you would like to raise to the development team. Always remember to close your issues when its gets resolved
- Remember to subscribe to this repo (at least subscribe to be notified about new releases) to stay in the loop as we are always adding new features and squashing these pesky bugs
- Please read this guide before opening any issues
- This is an open source project and hence we are always accepting contributions from the community so make sure you fork and submit your PRs. We take them seriously and they help us make the tool better
About this Tool
APIOps applies the concepts of DevOps to Azure API Management. This enables everyone involved in the lifecycle of API design, development, and deployment with self-service and automated tools to ensure the quality of the specifications and APIs that they’re building. APIOps places the Azure API Management infrastructure under version control to achieve these goals. Rather than making changes directly in API Management portal, most operations happen through code changes that can be reviewed and audited. In this section, we include links to both a complementary Guide and Wiki to get you started with the tool.
Automate API deployments with APIOps
Automated API deployments using APIOps – Azure Architecture Center | Microsoft Learn
APIOps is a methodology that applies the concepts of GitOps and DevOps to API deployment. Like DevOps, APIOps helps team members easily make changes and deploy them in an iterative and automated way. This architecture demonstrates how you can improve the entire API lifecycle and API quality by using APIOps.
Workflow
- API operators run the extractor pipeline to synchronize the Git repository with the API Management instance and populate the Git repository with API Management objects in the required format.
- If an API change is detected in the API Management instance, a pull request (PR) is created for operators to review. Operators merge the changes into the Git repository.
- API developers clone the Git repository, create a branch, and create API definitions by using the OpenAPI specification or tools of their choice.
- If a developer pushes changes to the repository, a PR is created for review.
- The PR can be automatically approved or reviewed, depending on the level of control that’s required.
- After changes are approved and merged, the publishing pipeline deploys the latest changes to the API Management instance.
- API operators create and modify API Management policies, diagnostics, products, and other relevant objects, and then commit the changes.
- The changes are reviewed, and they’re merged after approval.
- After merging the changes, the publishing pipeline deploys the changes by using the API-definitions process.
Scenario details
APIOps uses version control to manage APIs and create an audit trail of changes to APIs, policies, and operations.
API developers who use an APIOps methodology review and audit APIs earlier and more frequently, catching and resolving deviations from API standards faster to improve specifications and API quality. The more APIs that you build and deploy with an APIOps approach, the greater the consistency between APIs.
This APIOps architecture uses Azure API Management as the API management platform. Azure DevOps organizes API management. Azure Repos provides Git functionality, and Azure Pipelines creates the CI/CD pipeline.
Potential use cases
- Any organization developing and managing APIs
- Highly regulated industries: insurance, banking, finance, government
Conclusion
In an upcoming post, we will embark on a comprehensive exploration of labs and delve into the implementation of all the topics discussed.
To provide you with a comprehensive understanding of Azure API Management (APIM) and its various features, this post tries to cover a wide range of topics.
Firstly, it provides an overview of the API First Approach, which emphasizes the importance of APIs in today’s digital landscape. Secondly, we delve into the steps involved in getting started with the Azure API Management service, from setting up your account to importing and deploying your APIs.
Furthermore, we explore the intricacies of setting up Azure APIM, including steps to test APIs, transform and protect them, monitor and manage versions, and more. Additionally, we touch upon two crucial aspects of APIM security and DevOps, discussing the importance of security measures and the integration between APIM and DevOps practices.
The purpose of this post is to provide you with an overview of all the aspects discussed, helping you plan, design, and execute your APIM implementation effectively. The upcoming deep dive into labs will further enhance your knowledge by providing hands-on experience and implementation details. Stay tuned for the upcoming post to gain a comprehensive understanding of API management with Azure APIM!
References
Quickstart – Create an Azure API Management instance | Microsoft Learn
Tutorial – Import and publish your first API in Azure API Management | Microsoft LearnRestrictions and details of API formats support – Azure API Management | Microsoft Learn
SAMPLES:
Getting started with hands-on, refer below scenarios. We will cover these in details in another post.
ms-identity-javascript-angular-tutorial/1-Authentication/1-sign-in/README.md at main · Azure-Samples/ms-identity-javascript-angular-tutorial · GitHub
This sample demonstrates an Angular single-page application (SPA) that lets users sign-in with Azure Active Directory (Azure AD) using the Microsoft Authentication Library for Angular (MSAL Angular).
ms-identity-javascript-angular-tutorial/2-Authorization-I/1-call-graph/README.md at main · Azure-Samples/ms-identity-javascript-angular-tutorial · GitHub
This sample demonstrates an Angular single-page application (SPA) that lets users sign-in with Azure Active Directory (Azure AD) using the Microsoft Authentication Library for Angular (MSAL Angular). In addition, this sample also demonstrates how to use Microsoft Graph JavaScript SDK client with MSAL as a custom authentication provider to call the Graph API on behalf of a user.
ms-identity-javascript-angular-tutorial/3-Authorization-II/1-call-api at main · Azure-Samples/ms-identity-javascript-angular-tutorial · GitHub
This sample demonstrates an Angular single-page application (SPA) to sign-in users and call a ASP.NET Core web API secured with Azure Active Directory (Azure AD) using the Microsoft Authentication Library for Angular (MSAL Angular) for the SPA and the Microsoft.Identity.Web (MIW) for the web API.