Azure API Gateway

This document outlines steps to enabled Exto through an API Management framework. For more information on using centralised API Management, its benefits, architecture, and uses

PreviousID/Access Token NextFilter Master Record/Custom Module Records

Last updated 8 months ago

Was this helpful?

Azure API Gateway

This document outlines steps to enabled Exto through an API Management framework. For more information on using centralised API Management, its benefits, architecture, and uses

Azure API Management -

Integrating Azure API Gateway with Exto allows you to securely manage and route API requests. Follow these steps to establish the connection effectively.

Step 1: Generate PAT Token

Log in to Exto: Access your Exto account through the platform's user interface.
Generate the Token:
- Go to the Customers page of the Exto platform.
- Locate the option for generating API Token.
- Click the “Generate” button to create your Token.
Copy the Token: Ensure to copy the generated token as you will need it in subsequent steps.

Step 2: Store the Token in Azure Key Vault

Access Azure Portal: Log in to your Azure account and navigate to the Azure portal.
Create a Key Vault (if needed):
- In the portal, search for “Key Vault” and select the option to create a new Key Vault.
- Fill in the required information such as subscription, resource group, and key vault name.
- Choose the appropriate pricing tier and access policies.
Store the PAT Token:
- Once your Key Vault is created, navigate to it.
- Select the “Secrets” section.
- Click on “Generate/Import” to add a new secret.
- Paste the PAT token as the value and provide a name for the secret (e.g., ExtoPATToken).
- Save the secret.

Step 3: Create or Edit Existing Endpoint

Navigate to API Management: In the Azure portal, go to the API Management service where your API Gateway is set up.
Select the API:
- Choose the API you want to connect with Exto or create a new API by clicking on “Add API.”
Define the Endpoint:
- If creating a new API, define the necessary details such as name, URL, and protocols.
- For an existing API, select the API and navigate to the "Design" section.
- Click on “Add operation” or select an existing operation to modify.

Step 4: Add Inbound Policy

Access Inbound Processing:
- Within your API operation, locate the “Inbound processing” section.
Add a Policy:
- Click on the “Add policy” option and select “Send request.”
- Configure the policy to forward the request to the Exto API endpoint.
- Set up any additional transformations or validations as necessary.

Step 5: Add Named Value to Read Value from Key Vault

Create a Named Value:
- In the API Management service, navigate to the “Named values” section.
- Click on “+ Add” to create a new named value.
- Name it appropriately (e.g., ExtoToken).
- Set the value to pull from the Azure Key Vault. Select the appropriate Key Vault and the secret (e.g., ExtoPATToken) that contains your PAT.
Save the Named Value: Ensure you save the changes to the named value configuration.

Step 6: Set Header Inside the `<send-request>` Tag

Modify the Inbound Policy:
- Go back to the inbound policy of your API operation.
- Inside the <send-request> tag, add a header to include the PAT token in the request.
- Example:

<send-request mode="new" timeout="60" ignore-error="true">
    <set-url>@("pass_the_url")</set-url>
    <set-method>GET</set-method>
    <set-header name="Authorization" exists-action="override">
        <value>Bearer {{ExtoPATToken}}</value>
    </set-header>
</send-request>

Test the Configuration: After setting up the header, test your API endpoint to ensure that the request is successfully authenticated with the Exto API using the PAT token stored in the Azure Key Vault.

Reference

PreviousID/Access Token NextFilter Master Record/Custom Module Records

Last updated 8 months ago

Was this helpful?

Azure API Management -

Integrating Azure API Gateway with Exto allows you to securely manage and route API requests. Follow these steps to establish the connection effectively.

Step 1: Generate PAT Token

Log in to Exto: Access your Exto account through the platform's user interface.
Generate the Token:
- Go to the Customers page of the Exto platform.
- Locate the option for generating API Token.
- Click the “Generate” button to create your Token.
Copy the Token: Ensure to copy the generated token as you will need it in subsequent steps.

Step 2: Store the Token in Azure Key Vault

Access Azure Portal: Log in to your Azure account and navigate to the Azure portal.
Create a Key Vault (if needed):
- In the portal, search for “Key Vault” and select the option to create a new Key Vault.
- Fill in the required information such as subscription, resource group, and key vault name.
- Choose the appropriate pricing tier and access policies.
Store the PAT Token:
- Once your Key Vault is created, navigate to it.
- Select the “Secrets” section.
- Click on “Generate/Import” to add a new secret.
- Paste the PAT token as the value and provide a name for the secret (e.g., ExtoPATToken).
- Save the secret.

Step 3: Create or Edit Existing Endpoint

Navigate to API Management: In the Azure portal, go to the API Management service where your API Gateway is set up.
Select the API:
- Choose the API you want to connect with Exto or create a new API by clicking on “Add API.”
Define the Endpoint:
- If creating a new API, define the necessary details such as name, URL, and protocols.
- For an existing API, select the API and navigate to the "Design" section.
- Click on “Add operation” or select an existing operation to modify.

Step 4: Add Inbound Policy

Access Inbound Processing:
- Within your API operation, locate the “Inbound processing” section.
Add a Policy:
- Click on the “Add policy” option and select “Send request.”
- Configure the policy to forward the request to the Exto API endpoint.
- Set up any additional transformations or validations as necessary.

Step 5: Add Named Value to Read Value from Key Vault

Create a Named Value:
- In the API Management service, navigate to the “Named values” section.
- Click on “+ Add” to create a new named value.
- Name it appropriately (e.g., ExtoToken).
- Set the value to pull from the Azure Key Vault. Select the appropriate Key Vault and the secret (e.g., ExtoPATToken) that contains your PAT.
Save the Named Value: Ensure you save the changes to the named value configuration.

Step 6: Set Header Inside the `<send-request>` Tag

Modify the Inbound Policy:
- Go back to the inbound policy of your API operation.
- Inside the <send-request> tag, add a header to include the PAT token in the request.
- Example:

<send-request mode="new" timeout="60" ignore-error="true">
    <set-url>@("pass_the_url")</set-url>
    <set-method>GET</set-method>
    <set-header name="Authorization" exists-action="override">
        <value>Bearer {{ExtoPATToken}}</value>
    </set-header>
</send-request>

Step 1: Generate PAT Token

Step 2: Store the Token in Azure Key Vault

Step 3: Create or Edit Existing Endpoint

Step 4: Add Inbound Policy

Step 5: Add Named Value to Read Value from Key Vault

Step 6: Set Header Inside the <send-request> Tag

Reference

Step 1: Generate PAT Token

Step 2: Store the Token in Azure Key Vault

Step 3: Create or Edit Existing Endpoint

Step 4: Add Inbound Policy

Step 5: Add Named Value to Read Value from Key Vault

Step 6: Set Header Inside the <send-request> Tag

Reference

Step 6: Set Header Inside the `<send-request>` Tag

Step 6: Set Header Inside the `<send-request>` Tag