diff --git a/.devcontainer/README.md b/.devcontainer/README.md index a313c99..85a8c86 100644 --- a/.devcontainer/README.md +++ b/.devcontainer/README.md @@ -198,7 +198,7 @@ You can monitor prebuild status in several ways: - Click on "View all" to see prebuild status 2. **Codespaces Settings**: - - Visit [github.com/codespaces](https://github.com/codespaces) + - Visit [github.com/codespaces][github-codespaces] - Check the "Repository prebuilds" section - View build logs and status @@ -273,7 +273,7 @@ The `devcontainer.json` includes specific Jupyter settings to ensure proper kern ] ``` -For more details on kernel configuration in VS Code, see: [VS Code Issue #130946](https://github.com/microsoft/vscode/issues/130946#issuecomment-1899389049) +For more details on kernel configuration in VS Code, see: [VS Code Issue #130946][vscode-issue-130946] ## ๐Ÿ› ๏ธ Troubleshooting @@ -386,3 +386,8 @@ When modifying the dev container setup: --- *This dev container configuration is optimized for Azure API Management samples development with fast startup times and comprehensive tooling support.* + + + +[github-codespaces]: https://github.com/codespaces +[vscode-issue-130946]: https://github.com/microsoft/vscode/issues/130946#issuecomment-1899389049 diff --git a/.vscode/README.md b/.vscode/README.md index 5f7c890..5463444 100644 --- a/.vscode/README.md +++ b/.vscode/README.md @@ -1,3 +1,7 @@ ## Fixing Pylance unresolved import warnings -Follow [this documentation](https://github.com/microsoft/pylance-release/blob/main/TROUBLESHOOTING.md#unresolved-import-warnings). +Follow [this documentation][pylance-troubleshooting]. + + + +[pylance-troubleshooting]: https://github.com/microsoft/pylance-release/blob/main/TROUBLESHOOTING.md#unresolved-import-warnings diff --git a/README.md b/README.md index 04ea3c7..0529c08 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ # Azure API Management Samples -[![Python Tests](https://github.com/Azure-Samples/Apim-Samples/actions/workflows/python-tests.yml/badge.svg?branch=main)](https://github.com/Azure-Samples/Apim-Samples/actions/workflows/python-tests.yml) +[![Python Tests][badge-python-tests]][workflow-python-tests] This repository provides a playground to safely experiment with and learn Azure API Management (APIM) policies in various architectures. -_If you are interested in APIM & Azure OpenAI integrations, please check out the excellent [AI Gateway](https://github.com/Azure-Samples/AI-Gateway) GitHub repository._ +_If you are interested in APIM & Azure OpenAI integrations, please check out the excellent [AI Gateway][ai-gateway] GitHub repository._ ## ๐ŸŽฏ Objectives @@ -18,23 +18,23 @@ _Try it out, learn from it, apply it in your setups._ ## ๐Ÿ“ List of Infrastructures -| Infrastructure Name | Description | -|:----------------------------------------------------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| [Simple API Management](./infrastructure/simple-apim) | Just the basics with a publicly accessible API Management instance fronting your APIs. This is the innermost way to experience and experiment with the APIM policies. | -| [API Management & Container Apps](./infrastructure/apim-aca) | APIs are often implemented in containers running in Azure Container Apps. This architecture accesses the container apps publicly. It's beneficial to test both APIM and container app URLs here to contrast and compare experiences of API calls through and bypassing APIM. It is not intended to be a security baseline. | -| [Secure Front Door & API Management & Container Apps](./infrastructure/afd-apim-pe) | A higher-fidelity implementation of a secured setup in which Azure Front Door connects to APIM via the new private link integration. This traffic, once it traverses through Front Door, rides entirely on Microsoft-owned and operated networks. Similarly, the connection from APIM to Container Apps is secured but through a VNet configuration (it is also entirely possible to do this via private link). APIM Standard V2 is used here to accept a private link from Front Door. | +| Infrastructure Name | Description | +|:----------------------------------------------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| [Simple API Management][infra-simple-apim] | Just the basics with a publicly accessible API Management instance fronting your APIs. This is the innermost way to experience and experiment with the APIM policies. | +| [API Management & Container Apps][infra-apim-aca] | APIs are often implemented in containers running in Azure Container Apps. This architecture accesses the container apps publicly. It's beneficial to test both APIM and container app URLs to contrast and compare experiences of API calls through and bypassing APIM. It is not intended to be a security baseline. | +| [Secure Front Door & API Management & Container Apps][infra-afd-apim-pe] | A higher-fidelity implementation of a secured setup in which Azure Front Door connects to APIM via the new private link integration. This traffic, once it traverses through Front Door, rides entirely on Microsoft-owned and operated networks. Similarly, the connection from APIM to Container Apps is secured but through a VNet configuration (it is also entirely possible to do this via private link). APIM Standard V2 is used here to accept a private link from Front Door. | ## ๐Ÿ“ List of Samples -| Sample Name | Description | Supported Infrastructure(s) | -|:-------------------------------------------------------------------------|:--------------------------------------------------------------------------------------------------------------------|:------------------------------| -| [AuthX](./samples/authX/README.md) | Authentication and role-based authorization in a mock HR API. | All infrastructures | -| [AuthX Pro](./samples/authX-pro/README.md) | Authentication and role-based authorization in a mock product with multiple APIs and policy fragments. | All infrastructures | -| [General](./samples/general/README.md) | Basic demo of APIM sample setup and policy usage. | All infrastructures | -| [Load Balancing](./samples/load-balancing/README.md) | Priority and weighted load balancing across backends. | apim-aca, afd-apim (with ACA) | -| [Secure Blob Access](./samples/secure-blob-access/README.md) | Secure blob access via the [valet key pattern](https://learn.microsoft.com/azure/architecture/patterns/valet-key). | All infrastructures | -| [Credential Manager (with Spotify)](./samples/oauth-3rd-party/README.md) | Authenticate with APIM which then uses its Credential Manager with Spotify's REST API. | All infrastructures | -| [Azure Maps](./samples/azure-maps/README.md) | Proxying calls to Azure Maps with APIM policies. | All infrastructures | +| Sample Name | Description | Supported Infrastructure(s) | +|:------------------------------------------------------------|:--------------------------------------------------------------------------------------------------------------------|:------------------------------| +| [AuthX][sample-authx] | Authentication and role-based authorization in a mock HR API. | All infrastructures | +| [AuthX Pro][sample-authx-pro] | Authentication and role-based authorization in a mock product with multiple APIs and policy fragments. | All infrastructures | +| [General][sample-general] | Basic demo of APIM sample setup and policy usage. | All infrastructures | +| [Load Balancing][sample-load-balancing] | Priority and weighted load balancing across backends. | apim-aca, afd-apim (with ACA) | +| [Secure Blob Access][sample-secure-blob-access] | Secure blob access via the [valet key pattern][valet-key-pattern]. | All infrastructures | +| [Credential Manager (with Spotify)][sample-oauth-3rd-party] | Authenticate with APIM which then uses its Credential Manager with Spotify's REST API. | All infrastructures | +| [Azure Maps][sample-azure-maps] | Proxying calls to Azure Maps with APIM policies. | All infrastructures | --- @@ -47,7 +47,7 @@ _Try it out, learn from it, apply it in your setups._ The fastest way to get started is using our pre-configured development environment: - **GitHub Codespaces**: Click the green "Code" button โ†’ "Codespaces" โ†’ "Create codespace on main" -- **VS Code Dev Containers**: Install the [Dev Containers extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers), then "Reopen in Container" +- **VS Code Dev Containers**: Install the [Dev Containers extension][vscode-devcontainers], then "Reopen in Container" All prerequisites are automatically installed and configured. @@ -59,16 +59,16 @@ All prerequisites are automatically installed and configured. These prerequisites apply broadly across all infrastructure and samples. If there are specific deviations, expect them to be noted there. -- [Python 3.12](https://www.python.org/) installed +- [Python 3.12][python] installed - Python 3.13 may not have all dependencies ready yet. There have been issues during installs. -- [VS Code](https://code.visualstudio.com/) installed with the [Jupyter notebook extension](https://marketplace.visualstudio.com/items?itemName=ms-toolsai.jupyter) enabled -- [Azure CLI](https://learn.microsoft.com/cli/azure/install-azure-cli) installed -- [An Azure Subscription](https://azure.microsoft.com/free/) with Owner or Contributor+UserAccessAdministrator permissions. Execute [shared/jupyter/verify-az-account.ipynb](shared/jupyter/verify-az-account.ipynb) to verify. +- [VS Code][vscode] installed with the [Jupyter notebook extension][vscode-jupyter] enabled +- [Azure CLI][azure-cli-install] installed +- [An Azure Subscription][azure-free] with Owner or Contributor+UserAccessAdministrator permissions. Execute [Verify Azure Account][verify-az-account-notebook] to verify. - **Azure Authentication**: Sign in to Azure with Azure CLI using the specific tenant and subscription you want to work with: - To log in to a specific tenant: `az login --tenant ` - To set a specific subscription: `az account set --subscription ` - To verify your current context: `az account show` - - See the [Azure CLI authentication guide](https://learn.microsoft.com/cli/azure/authenticate-azure-cli-interactively) for more options + - See the [Azure CLI authentication guide][azure-cli-auth] for more options ### ๐Ÿ› ๏ธ Initialization @@ -155,9 +155,9 @@ If you encounter import errors (e.g., `ModuleNotFoundError: No module named 'req 4. **Check Python interpreter**: Use `Ctrl+Shift+P` โ†’ "Python: Select Interpreter" and choose your `.venv` interpreter. -For detailed troubleshooting of setup issues, see [Import Troubleshooting Guide](.devcontainer/IMPORT-TROUBLESHOOTING.md). +For detailed troubleshooting of setup issues, see [Import Troubleshooting Guide][import-troubleshooting]. -๐Ÿ“˜ **For comprehensive troubleshooting including deployment errors, authentication issues, and more, see our main [Troubleshooting Guide](TROUBLESHOOTING.md).** +๐Ÿ“˜ **For comprehensive troubleshooting including deployment errors, authentication issues, and more, see our main [Troubleshooting Guide][troubleshooting].** ## ๐Ÿš€ Running a Sample @@ -181,7 +181,7 @@ Encountering issues? Check our comprehensive **[Troubleshooting Guide](TROUBLESH - **Azure CLI Issues** - Rate limiting and API version compatibility - **Resource Management Issues** - Resource group and APIM service problems -For immediate help with common errors, diagnostic commands, and step-by-step solutions, see **[TROUBLESHOOTING.md](TROUBLESHOOTING.md)**. +For immediate help with common errors, diagnostic commands, and step-by-step solutions, see **[TROUBLESHOOTING.md][troubleshooting]**. --- @@ -206,7 +206,7 @@ For immediate help with common errors, diagnostic commands, and step-by-step sol ### ๐Ÿ›๏ธ Infrastructure Architectures -We provide several common architectural approaches to integrating APIM into your Azure ecosystem. While these are high-fidelity setups, they are not production-ready. Please refer to the [Azure API Management landing zone accelerator](https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/app-platform/api-management/landing-zone-accelerator) for up-to-date production setups. +We provide several common architectural approaches to integrating APIM into your Azure ecosystem. While these are high-fidelity setups, they are not production-ready. Please refer to the [Azure API Management landing zone accelerator][apim-lza] for up-to-date production setups. --- @@ -214,7 +214,7 @@ We provide several common architectural approaches to integrating APIM into your As you work with this repo, you will likely want to make your own customizations. There's little you need to know to be successful. -The repo uses the bicep linter and has rules defined in `bicepconfig.json`. See the [bicep linter documentation](https://learn.microsoft.com/azure/azure-resource-manager/bicep/bicep-config-linter) for details. +The repo uses the bicep linter and has rules defined in `bicepconfig.json`. See the [bicep linter documentation][bicep-linter-docs] for details. **We welcome contributions!** Please consider forking the repo and creating issues and pull requests to share your samples. Please see [CONTRIBUTING.md](CONTRIBUTING.md) for details. Thank you! @@ -232,7 +232,7 @@ Adding a new sample is relatively straight-forward. ### ๐Ÿงช Testing & Code Coverage -Python modules in `shared/python` are covered by comprehensive unit tests located in `tests/python`. All tests use [pytest](https://docs.pytest.org/) and leverage modern pytest features, including custom markers for unit and HTTP tests. +Python modules in `shared/python` are covered by comprehensive unit tests located in `tests/python`. All tests use [pytest][pytest-docs] and leverage modern pytest features, including custom markers for unit and HTTP tests. #### ๐Ÿš€ Running Tests Locally @@ -275,22 +275,59 @@ On every push or pull request, GitHub Actions will: - The `.gitignore` is configured to exclude coverage output and artifacts. - All test and coverage features work both locally and in CI. -For more details on pytest usage, see the [pytest documentation](https://docs.pytest.org/en/8.2.x/). +For more details on pytest usage, see the [pytest documentation][pytest-docs-versioned]. --- ## ๐Ÿ“š Supporting Resources -The APIM team maintains an [APIM policy snippets repo](https://github.com/Azure/api-management-policy-snippets) with use cases we have seen. They are not immediately executable samples and require integrations such as in this repo. +The APIM team maintains an [APIM policy snippets repo][apim-snippets-repo] with use cases we have seen. They are not immediately executable samples and require integrations such as in this repo. --- ## ๐Ÿ™ Acknowledgements -This project has its roots in work done by [Alex Vieira](https://github.com/vieiraae) on the excellent Azure API Management [AI Gateway](https://github.com/Azure-Samples/AI-Gateway) GitHub repository. Much of the structure is similar and its reuse resulted in significant time savings. Thank you, Alex! - -Furthermore, [Houssem Dellai](https://github.com/HoussemDellai) was instrumental in setting up a working Front Door to API Management [private connectivity lab](https://github.com/Azure-Samples/AI-Gateway/tree/main/labs/private-connectivity). This created a working baseline for one of this repository's infrastructures. Thank you, Houssem! - -[Andrew Redman](https://github.com/anotherRedbeard) for contributing the _Azure Maps_ sample. - -The original author of this project is [Simon Kurtz](https://github.com/simonkurtz-msft). +This project has its roots in work done by [Alex Vieira][alex-vieira] on the excellent Azure API Management [AI Gateway][ai-gateway] GitHub repository. Much of the structure is similar and its reuse resulted in significant time savings. Thank you, Alex! + +Furthermore, [Houssem Dellai][houssem-dellai] was instrumental in setting up a working Front Door to API Management [private connectivity lab][ai-gateway-private-connectivity]. This created a working baseline for one of this repository's infrastructures. Thank you, Houssem! + +[Andrew Redman][andrew-redman] for contributing the _Azure Maps_ sample. + +The original author of this project is [Simon Kurtz][simon-kurtz]. + + + +[ai-gateway]: https://github.com/Azure-Samples/AI-Gateway +[ai-gateway-private-connectivity]: https://github.com/Azure-Samples/AI-Gateway/tree/main/labs/private-connectivity +[alex-vieira]: https://github.com/vieiraae +[andrew-redman]: https://github.com/anotherRedbeard +[apim-lza]: https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/app-platform/api-management/landing-zone-accelerator +[apim-snippets-repo]: https://github.com/Azure/api-management-policy-snippets +[azure-cli-auth]: https://learn.microsoft.com/cli/azure/authenticate-azure-cli-interactively +[azure-cli-install]: https://learn.microsoft.com/cli/azure/install-azure-cli +[azure-free]: https://azure.microsoft.com/free/ +[badge-python-tests]: https://github.com/Azure-Samples/Apim-Samples/actions/workflows/python-tests.yml/badge.svg?branch=main +[bicep-linter-docs]: https://learn.microsoft.com/azure/azure-resource-manager/bicep/bicep-config-linter +[houssem-dellai]: https://github.com/HoussemDellai +[import-troubleshooting]: .devcontainer/IMPORT-TROUBLESHOOTING.md +[infra-afd-apim-pe]: ./infrastructure/afd-apim-pe +[infra-apim-aca]: ./infrastructure/apim-aca +[infra-simple-apim]: ./infrastructure/simple-apim +[pytest-docs]: https://docs.pytest.org/ +[pytest-docs-versioned]: https://docs.pytest.org/en/8.2.x/ +[python]: https://www.python.org/ +[sample-authx]: ./samples/authX/README.md +[sample-authx-pro]: ./samples/authX-pro/README.md +[sample-azure-maps]: ./samples/azure-maps/README.md +[sample-general]: ./samples/general/README.md +[sample-load-balancing]: ./samples/load-balancing/README.md +[sample-oauth-3rd-party]: ./samples/oauth-3rd-party/README.md +[sample-secure-blob-access]: ./samples/secure-blob-access/README.md +[simon-kurtz]: https://github.com/simonkurtz-msft +[troubleshooting]: TROUBLESHOOTING.md +[valet-key-pattern]: https://learn.microsoft.com/azure/architecture/patterns/valet-key +[verify-az-account-notebook]: shared/jupyter/verify-az-account.ipynb +[vscode]: https://code.visualstudio.com/ +[vscode-devcontainers]: https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers +[vscode-jupyter]: https://marketplace.visualstudio.com/items?itemName=ms-toolsai.jupyter +[workflow-python-tests]: https://github.com/Azure-Samples/Apim-Samples/actions/workflows/python-tests.yml diff --git a/assets/diagrams/README.md b/assets/diagrams/README.md index 647d343..010336d 100644 --- a/assets/diagrams/README.md +++ b/assets/diagrams/README.md @@ -1,7 +1,7 @@ # PlantUML Diagrams This directory contains PlantUML diagrams for the Azure API Management architecture. -Azure Symbols are on [GitHub](https://github.com/plantuml-stdlib/Azure-PlantUML/blob/master/AzureSymbols.md) +Azure Symbols are on [GitHub][azure-symbols]. ## Using PlantUML in VS Code @@ -46,3 +46,7 @@ If you encounter issues with PlantUML: 3. **Alternative Rendering**: - If local rendering fails, try using the PlantUML server: - Change "plantuml.render" setting to "PlantUMLServer" + + + +[azure-symbols]: https://github.com/plantuml-stdlib/Azure-PlantUML/blob/master/AzureSymbols.md diff --git a/infrastructure/afd-apim-pe/README.md b/infrastructure/afd-apim-pe/README.md index f1f7059..88ee335 100644 --- a/infrastructure/afd-apim-pe/README.md +++ b/infrastructure/afd-apim-pe/README.md @@ -13,10 +13,15 @@ Secure architecture that takes all traffic off the public Internet once Azure Fr ## โš™๏ธ Configuration -Adjust the `user-defined parameters` in this lab's Jupyter Notebook's [Initialize notebook variables](./create.ipynb#initialize-notebook-variables) section. +Adjust the `user-defined parameters` in this lab's Jupyter Notebook's [Initialize notebook variables][init-notebook-variables] section. ## โ–ถ๏ธ Execution ๐Ÿ‘Ÿ **Expected *Run All* runtime: ~13 minutes** -1. Execute this lab's [Jupyter Notebook](./create.ipynb) step-by-step or via _Run All_. +1. Execute this lab's [Jupyter Notebook][infra-notebook] step-by-step or via _Run All_. + + + +[init-notebook-variables]: ./create.ipynb#initialize-notebook-variables +[infra-notebook]: ./create.ipynb diff --git a/infrastructure/apim-aca/README.md b/infrastructure/apim-aca/README.md index 6f0e54d..2bdc876 100644 --- a/infrastructure/apim-aca/README.md +++ b/infrastructure/apim-aca/README.md @@ -12,10 +12,15 @@ This architecture secures API traffic by routing requests through Azure API Mana ## โš™๏ธ Configuration -Adjust the `user-defined parameters` in this lab's Jupyter Notebook's [Initialize notebook variables](./create.ipynb#initialize-notebook-variables) section. +Adjust the `user-defined parameters` in this lab's Jupyter Notebook's [Initialize notebook variables][init-notebook-variables] section. ## โ–ถ๏ธ Execution ๐Ÿ‘Ÿ **Expected *Run All* runtime: ~5 minutes** -1. Execute this lab's [Jupyter Notebook](./create.ipynb) step-by-step or via _Run All_. +1. Execute this lab's [Jupyter Notebook][infra-notebook] step-by-step or via _Run All_. + + + +[init-notebook-variables]: ./create.ipynb#initialize-notebook-variables +[infra-notebook]: ./create.ipynb diff --git a/infrastructure/simple-apim/README.md b/infrastructure/simple-apim/README.md index f82f5ff..3aa0f86 100644 --- a/infrastructure/simple-apim/README.md +++ b/infrastructure/simple-apim/README.md @@ -11,10 +11,15 @@ This architecture provides a basic API gateway using Azure API Management, suita ## โš™๏ธ Configuration -Adjust the `user-defined parameters` in this lab's Jupyter Notebook's [Initialize notebook variables](./create.ipynb#initialize-notebook-variables) section. +Adjust the `user-defined parameters` in this lab's Jupyter Notebook's [Initialize notebook variables][init-notebook-variables] section. ## โ–ถ๏ธ Execution ๐Ÿ‘Ÿ **Expected *Run All* runtime: ~3 minutes** -1. Execute this lab's [Jupyter Notebook](./create.ipynb) step-by-step or via _Run All_. +1. Execute this lab's [Jupyter Notebook][infra-notebook] step-by-step or via _Run All_. + + + +[infra-notebook]: ./create.ipynb +[init-notebook-variables]: ./create.ipynb#initialize-notebook-variables diff --git a/samples/azure-maps/README.md b/samples/azure-maps/README.md index 7b53349..48b6581 100644 --- a/samples/azure-maps/README.md +++ b/samples/azure-maps/README.md @@ -50,6 +50,11 @@ This lab sets up: ## โš™๏ธ Configuration -1. Decide which of the [Infrastructure Architectures](../../README.md#infrastructure-architectures) you wish to use. - 1. If the infrastructure _does not_ yet exist, navigate to the desired [infrastructure](../../infrastructure/) folder and follow its README.md. - 1. If the infrastructure _does_ exist, adjust the `user-defined parameters` in the _Initialize notebook variables_ below. Please ensure that all parameters match your infrastructure. +1. Decide which of the [Infrastructure Architectures][infrastructure-architectures] you wish to use. + 1. If the infrastructure _does not_ yet exist, navigate to the desired [infrastructure][infrastructure-folder] folder and follow its README.md. + 1. If the infrastructure _does_ exist, adjust the `user-defined parameters` in the _Initialize notebook variables_ below. Please ensure that all parameters match your infrastructure. + + + +[infrastructure-architectures]: ../../README.md#infrastructure-architectures +[infrastructure-folder]: ../../infrastructure/ diff --git a/samples/general/README.md b/samples/general/README.md index a2ba8e2..7668139 100644 --- a/samples/general/README.md +++ b/samples/general/README.md @@ -8,7 +8,7 @@ Sets up a simple APIM instance with a variety of policies to experiment. ## ๐ŸŽฏ Objectives -1. Experience a variety of policies in any of the infrastructure architectures. You may see several examples from our [APIM policy snippets repo](https://github.com/Azure/api-management-policy-snippets). +1. Experience a variety of policies in any of the infrastructure architectures. You may see several examples from our [APIM policy snippets repo][apim-policy-snippets]. 1. Become proficient with how policies operate. 1. Gain confidence in setting up and configuring policies appropriately. @@ -22,4 +22,8 @@ Sets up a simple APIM instance with a variety of policies to experiment. ## โš™๏ธ Configuration 1. Decide which of the [Infrastructure Architectures](../../README.md#infrastructure-architectures) you wish to use. -1. Press `Run All` in this sample's `create.ipynb` notebook. \ No newline at end of file +1. Press `Run All` in this sample's `create.ipynb` notebook. + + + +[apim-policy-snippets]: https://github.com/Azure/api-management-policy-snippets diff --git a/samples/oauth-3rd-party/README.md b/samples/oauth-3rd-party/README.md index 275005b..40f7d14 100644 --- a/samples/oauth-3rd-party/README.md +++ b/samples/oauth-3rd-party/README.md @@ -1,6 +1,6 @@ # Samples: OAuth 2.0 with 3rd Party -Sets up a 3rd party integration via [Azure API Management Credential Manager](https://learn.microsoft.com/azure/api-management/credentials-overview). +Sets up a 3rd party integration via [Azure API Management Credential Manager][apim-credential-manager]. ***This sample has prerequisites! Please follow the instructions below.*** @@ -19,7 +19,7 @@ Sets up a 3rd party integration via [Azure API Management Credential Manager](ht ## ๐Ÿ“ Scenario -We chose Spotify as it provides an extensive [REST API](https://developer.spotify.com/documentation/web-api) and has relatively generous limits on free API access. This makes for a relatively straight-forward experience for this sample. +We chose Spotify as it provides an extensive [REST API][spotify-rest-api] and has relatively generous limits on free API access. This makes for a relatively straight-forward experience for this sample. Specifically, this sample uses Spotify's REST API to obtain information about its deep music and artist catalog. API Management is registered as an application in Spotify's applications with its own client ID and client secret for a given scope. This application is then set up as a generic OAuth 2.0 integration in Credential Manager. Furthermore, we build on the knowledge gained from the _AuthX_ and _AuthX-Pro_ samples to authentication callers and authorize their use of the Spotify integration. @@ -42,17 +42,17 @@ This sample requires a little bit of manual pre-work in order to create a high-f ### A Spotify Account -1. You can use your existing Spotify account or sign up for a new one [here](https://www.spotify.com/us/signup). Please ensure you adhere to Spotify's terms & conditions of use. +1. You can use your existing Spotify account or sign up for a new one [here][spotify-signup]. Please ensure you adhere to Spotify's terms & conditions of use. ### A Spotify Application In order for API Management to gain access to Spotify's API, we need to create an application that represents API Management. -1. Open or log into the [Spotify Developer Dashboard](https://developer.spotify.com/dashboard). +1. Open or log into the [Spotify Developer Dashboard][spotify-dashboard]. 1. Review and accept the _Spotify Developer Terms of Service_, if required. 1. Proceed with verifying your email address, if required. 1. If the Dashboard does not open immediately, select it from the menu after clicking on your profile name (top-right corner). -1. [Create the app](https://developer.spotify.com/dashboard/create): +1. [Create the app][spotify-create-app]: - **App Name**: _APIM_ - **App Description**: _API Management_ - **Redirect URIs**: https://localhost:8080/callback @@ -64,4 +64,13 @@ In order for API Management to gain access to Spotify's API, we need to create a ## Acknowledgement -We thank [Spotify](https://www.spotify.com) for access to their API. Keep building great products! +We thank [Spotify][spotify] for access to their API. Keep building great products! + + + +[apim-credential-manager]: https://learn.microsoft.com/azure/api-management/credentials-overview +[spotify]: https://www.spotify.com +[spotify-create-app]: https://developer.spotify.com/dashboard/create +[spotify-dashboard]: https://developer.spotify.com/dashboard +[spotify-rest-api]: https://developer.spotify.com/documentation/web-api +[spotify-signup]: https://www.spotify.com/signup diff --git a/samples/secure-blob-access/README.md b/samples/secure-blob-access/README.md index 3d7cc87..cc707f6 100644 --- a/samples/secure-blob-access/README.md +++ b/samples/secure-blob-access/README.md @@ -8,7 +8,7 @@ This sample demonstrates implementing the **valet key pattern** with Azure API M ## ๐ŸŽฏ Objectives -1. Learn how the [valet key pattern](https://learn.microsoft.com/azure/architecture/patterns/valet-key) works. +1. Learn how the [valet key pattern][valet-key-pattern] works. 1. Understand how APIM provides the SAS token for direct download from storage. 1. Experience how you can secure the caller from APIM with your own mechanisms and use APIM's managed identity to interact with Azure Storage. @@ -28,3 +28,7 @@ This lab sets up: - APIM managed identity with Storage Blob Data Reader permissions - An API that generates secure blob access URLs using the valet key pattern - Sample files: a text file for testing + + + +[valet-key-pattern]: https://learn.microsoft.com/azure/architecture/patterns/valet-key