Secure Logic App with API Management using OAuth 2.0

Mohit Gupta
Nov 4 · 3 min read

Overview:

The article gives you an overview of how to secure HTTP based Logic app using Azure API management O-Auth 2.0.

Requirement :

1. Azure Subscription

2. POSTMan

Create HTTP Trigger Based Logic App

Create API Management Instance

Add New API in APIM

Add Operation to API

Set Backend of API operation as Azure Resource (Logic App)

You can verify that api is working without security.

Create New API for Login

Add Operation to get Token

Now Secure Logic App API using O Auth 2.0 Azure Active Directory.

Create Two application in Azure Active Directory for API client and API

Create Application for Logic APP API Client

Create Application for Logic APP API

Expose Scope from Logic App API

Give permission of this Scope into Logic App API Client

Add Client Secret to Logic App API Client Application

Add Policy at API operation to Validate JWT Token

<validate-jwt header-name="Authorization" failed-validation-httpcode="401" failed-validation-error-message="Unauthorized. Access token is missing or invalid."><openid-config url="https://login.microsoftonline.com/{Tenant ID}/.well-known/openid-configuration" /><required-claims><claim name="aud" match="any"><value>api://{ Application Id of Logic App API }</value><value>{Application Id of Logic App API}</value></claim></required-claims></validate-jwt>

Make Sure to remove authorization header while calling Azure Logic App

<set-header id=”apim-generated-policy” name=”Authorization” exists-action=”delete” />

Verify API from browser

Test using PostMan

AzureDiary

All about Azure

Mohit Gupta

Written by

Integration Developer works on Azure , DevOps , BizTalk. Contact : mohit.e.gupta@gmail.com

AzureDiary

All about Azure

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade