You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/api-management/api-management-subscriptions.md
+10-6Lines changed: 10 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,7 +7,7 @@ author: dlepow
7
7
8
8
ms.service: api-management
9
9
ms.topic: conceptual
10
-
ms.date: 01/05/2022
10
+
ms.date: 09/27/2022
11
11
ms.author: danlep
12
12
---
13
13
# Subscriptions in Azure API Management
@@ -20,14 +20,11 @@ By publishing APIs through API Management, you can easily secure API access usin
20
20
* Rejected immediately by the API Management gateway.
21
21
* Not forwarded to the back-end services.
22
22
23
-
To access APIs, you'll need a subscription and a subscription key. A *subscription* is a named container for a pair of subscription keys.
24
-
25
-
> [!NOTE]
26
-
> Regularly regenerating keys is a common security precaution. Like most Azure services requiring a subscription key, API Management generates keys in pairs. Each application using the service can switch from *key A* to *key B* and regenerate key A with minimal disruption, and vice versa.
23
+
To access APIs, developers need a subscription and a subscription key. A *subscription* is a named container for a pair of subscription keys.
27
24
28
25
In addition,
29
26
30
-
* Developers can get subscriptions without approval from API publishers.
27
+
* Developers can get subscriptions without needing approval from API publishers.
31
28
* API publishers can create subscriptions directly for API consumers.
Regularly regenerating keys is a common security precaution. Like most Azure services requiring a subscription key, API Management generates keys in pairs. Each application using the service can switch from *key A* to *key B* and regenerate key A with minimal disruption, and vice versa.
39
+
> [!NOTE]
40
+
> * API Management doesn't provide built-in features to manage the lifecycle of subscription keys, such as setting expiration dates or automatically rotating keys. You can develop workflows to automate these processes using tools such as Azure PowerShell or the Azure SDKs.
41
+
> * To enforce time-limited access to APIs, you may be able to use policies with subscription keys, or use a mechanism that provides built-in expiration such as token-based authentication.
42
+
39
43
## Scope of subscriptions
40
44
41
45
Subscriptions can be associated with various scopes: [product](api-management-howto-add-products.md), all APIs, or an individual API.
0 commit comments