There are several ways to secure the back-end service of an API in Azure API Management like client certificates and VPN connections but there is also another relatively simple option. Implement IP address restrictions in the back-end API and only allow access to the IP address of the API Management gateway! You can do this by adding the ipSecurity element in the Web.config of the API App. Steps First go to the Dashboard page in API Management. Copy from this tab the Public Virtual IP Address...(read more)![]()
↧