You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
API Management now supports built-in OAuth 2.0 application-based access to product APIs using the client credentials flow. This feature allows API managers to register applications, streamlining secure API access for developers through OAuth 2.0 authorization.
17
+
# Secure product API access with Microsoft Entra applications
18
+
19
+
API Management now supports built-in OAuth 2.0 application-based access to product APIs using the client credentials flow. This feature allows API managers to register Microsoft Entra ID applications, streamlining secure API access for developers through OAuth 2.0 authorization.
20
20
21
21
> [!NOTE]
22
22
> Applications are currently in limited preview. To sign up, fill [this form](https://aka.ms/apimappspreview).
@@ -25,7 +25,8 @@ With this feature:
25
25
26
26
* API managers set a product property to enable application-based access.
27
27
* API managers register client applications in Microsoft Entra ID to limit access to specific products.
28
-
* Using the OAuth 2.0 client credentials flow, developers or apps obtain tokens that they can include in API requests. These tokens are validated by the API Management gateway to authorize access to the product's APIs.
28
+
* Using the OAuth 2.0 client credentials flow, developers or apps obtain tokens that they can include in API requests
29
+
* Tokens presented in API requests are validated by the API Management gateway to authorize access to the product's APIs.
29
30
30
31
## Prerequisites
31
32
@@ -65,7 +66,7 @@ The following example uses the **Starter** product, but choose any published pro
65
66
1. Choose the product that you want to configure, such as the **Starter** product.
66
67
1. In the left menu, under **Product**, select **Properties**.
67
68
1. Enable the **Application based access** setting.
68
-
1. Optionally, enable the **Requires subscription** setting. If you enable both settings, the API Management gateway can accept either OAuth 2.0 authorization or a subscription key for access to the product's APIs.
69
+
1. Optionally, enable the **Requires subscription** setting. If you enable both application based access and a subscription requirement, the API Management gateway can accept either OAuth 2.0 authorization or a subscription key for access to the product's APIs.
69
70
1. Select **Save**.
70
71
71
72
:::image type="content" source="media/applications/enable-application-based-access.png" alt-text="Screenshot of enabling application based access in the portal.":::
@@ -119,7 +120,7 @@ Now register a client application that limits access to one or more products.
119
120
The application is added to the list of applications on the **Applications** page. Select the application to view details such as the **Client ID**. You need this ID to generate a token to call the product API.
120
121
121
122
> [!TIP]
122
-
> * After creating an application, optionally associate it with other products. Select the application on the **Applications** page, and then select **Details** > **Products****+ Add product**.
123
+
> * After creating an application, optionally associate it with other products. Select the application on the **Applications** page, and then select **Details** > **Products**> **+ Add product**.
123
124
> * You can also create or associate an application by editing a product from the **Products** page.
0 commit comments