Skip to main content

How To Onboard An Application Using Azure API Gateway

Prerequisites

Create an App Registration in Azure Active Directory (AAD)

  • Log in to Azure Portal.

  • Follow the steps below to obtain the Client ID and Tenant ID.

  • Click on New registration in App registrations

    Choose the Azure API Gateway

  • Enter the name of the application, choose supported account types, and (optionally) set a Redirect URI and Click Register

    Choose the Azure API Gateway

  • Copy the Application (client) ID and Directory (tenant) ID.

    Choose the Azure API Gateway

  • Follow the steps below to obtain Client secret i.e Key,

  • Visit Certificates & secrets and click on New client secret and then copy the generated values

    Choose the Azure API Gateway

    Choose the Azure API Gateway

  • To get Subscription Id, navigate to Subscriptions and copy Subscription ID

    Choose the Azure API Gateway

  • Assign the API Management Service Reader role to the App Registration on the APIM resource to allow read-only access for fetching OpenAPI specifications.

    • Select Add role assignment in Select Access control (IAM)

    Choose the Azure API Gateway

    • Select the role 'API Management Service Reader'

    Choose the Azure API Gateway

    • Assign the role to the created App Registration (Service Principal) and Click on Next

    Choose the Azure API Gateway

    • Click Review&Assign Choose the Azure API Gateway

Azure Integration with APIsec Product

Open your browser and visit: https://<your-tenant>.apisecapps.com

Start Adding a New Application

Click on the "Add Application" button.

Add Application

Select Azure API Gateway

  • Choose the "Azure API Gateway" option. Choose the Azure API Gateway

  • Click "Next" to proceed. Click Next

  • Click "New Connection" alt text

Enter Application Details

  • Fill the Form, Name, Key, Subscription Id, Tenant Id alt text

  • Click "Test Connection" alt text

  • Click "Create Connection" alt text

  • Select the Resource Group and API Management Service then Select require API alt text

  • Click "Continue" alt text

  • Click "Onboard" alt text

Auto-Onboard

The Auto-Onboard feature streamlines API onboarding by automatically detecting and registering unregistered APIs from Azure Gateway. This ensures that all APIs, including newly published ones, are consistently onboarded and tested for vulnerabilities with minimal manual effort.

Enable Auto-onboard

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click Integrations tab

    alt text

  • Click Onboard Applications adjacent to the Azure

    alt text

  • Enable Auto-Onboard of any existing Azure Gateway connection.

    alt text

  • Fill the Azure AutoOnboard Details and click on Save Schedule

    • Frequency – How often the onboarding should occur. By default it is weekly.
    • Day of the Week – Select the specific day for onboarding.
    • Hour – The exact time (in hours and minutes) when the onboarding should start.
    • Timezone – The timezone in which the schedule should be applied
    • Resource Groups - Select Resource Group
    • Services - Select Service

    alt text

    • Successfully saved auto-onboard details

    alt text

Update Schedule

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click Integrations tab

    alt text

  • Click Onboard Applications adjacent to the Azure

    alt text

  • Click Auto-Onboard

    alt text

  • Update the details and Click on Update Schedule alt text

Disable Auto-Onboard

  • Open your browser and visit: https://<your-tenant>.apisecapps.com

  • Click Integrations tab

    alt text

  • Click Onboard Applications adjacent to the Azure

    alt text

  • Click Auto-Onboard

    alt text

  • In Edit Azure AutoOnboard Details, disable the Enable Automatic API Onboarding.

    alt text

  • Click Yes alt text

  • Auto-Onboard details deleted successfully!

    alt text