{tocify} $title={Table of Contents}
APIM is a great option to expose API's with out of box features for applying restrictions, preprocessing, postprocessing etc.
Go to APIM instance, select any API and it's one of the operation, click on Test Tab.
To see it click on Headers tab of response, and check for Ocp-Apim-Trace-Location, copy the url and paste it in browser - you should see all the traces.
Trace logs are JSON based, and when you test it using Portal it is fetched from the temporary file and rendered in the Trace tab, whereas when testing with postman, the url of the trace file is returned - to which you can go and check the logs.
Recently I had a situation where I had to check what JWT token am receiving with the request coming to APIM. To inspect this I used RequestBin upon suggestion of my Colleague - Manojkumar Sachdev.
RequestBin gives you a URL that will collect requests. made to it and let you inspect them in a human-friendly way
First go to request bin and create a bin, copy the url
Go to APIM-->API-->Operation and click on policy in Inbound Processing section and add send-one-way-request policy
In set-body we fetch the value of Authorization from the request header which is received to APIM and add it in string array named values and return the first value .
Now send a request and check the bin
As can be seen in above image, RAW BODY has the content from Authorization header i.e. Bearer Token.
Bearer token are base64 encoded, it consists of three main parts: Header, Payload, and Signature and separated by a dot(.). So to convert or see the token,you can use any base64 decoder available to parse the token, I have used jwt.io(https://jwt.io/) and paste the encoded token
Introduction
APIM is a great option to expose API's with out of box features for applying restrictions, preprocessing, postprocessing etc.
You can leverage existing API's, by importing it and it gets added as a new API with all the operations associated with it.
And based on the requirements you apply policies at the stage/level (Inbound,Backend/Outbound) and you are ready to use the API.
Before it is shared, we do some testing to make sure everything is working as per the expectation and this is where Debugging and Tracing request becomes important.
Read about APIM bascis -- Getting Started with Azure API Management - Fundamentals
Let's see how we can Trace a request/call
Before it is shared, we do some testing to make sure everything is working as per the expectation and this is where Debugging and Tracing request becomes important.
APIM does provide a way to Trace a call with the help of Ocp-Apim-Trace http header.
So whichever request/call is to be traced, it needs to include this in header with the value set to true and it has dependency on another header, so that also needs to be passed i.e. Ocp-Apim-Subscription-Key
Note: The api on which Tracing is to applied , it requires the subscription key to be enabled
Read about APIM bascis -- Getting Started with Azure API Management - Fundamentals
Let's see how we can Trace a request/call
Tracing request/call Using the Portal
Go to APIM instance, select any API and it's one of the operation, click on Test Tab.
Under Headers add Ocp-Apim-Subscription-key with key in the value and Ocp-Apim-Trace with value set to true.
Provide the request message in Request Body section and click on send.
In Http response note that along with Message (response), Trace is also available having info from each stages (Inbound,Backend and Outboud)
Tracing request/call Using Postman
When you test with Postman, here too you have to provide the headers alongwith the request message (Body)
And alongwith the response (Body) , you are provided with location on Trace file (blob storage location).
How Ocp-Apim-Trace works
When we send Ocp-Apim-Trace header in the request the APIM engine procures a temporary blog storage to store the Trace logs and associates it with the subscription key which it gets from another header which it gets in request i.e. Ocp-Apim-Subscription-Key, thus passing it in header is mandatory if tracing is to be done.
Trace logs are JSON based, and when you test it using Portal it is fetched from the temporary file and rendered in the Trace tab, whereas when testing with postman, the url of the trace file is returned - to which you can go and check the logs.
Is there any other way also to Inspect the request coming to APIM? below is one of the way
Tracing request/call Using RequestBin
Recently I had a situation where I had to check what JWT token am receiving with the request coming to APIM. To inspect this I used RequestBin upon suggestion of my Colleague - Manojkumar Sachdev.
RequestBin gives you a URL that will collect requests. made to it and let you inspect them in a human-friendly way
First go to request bin and create a bin, copy the url
Go to APIM-->API-->Operation and click on policy in Inbound Processing section and add send-one-way-request policy
In set-body we fetch the value of Authorization from the request header which is received to APIM and add it in string array named values and return the first value .
Now send a request and check the bin
As can be seen in above image, RAW BODY has the content from Authorization header i.e. Bearer Token.
Bearer token are base64 encoded, it consists of three main parts: Header, Payload, and Signature and separated by a dot(.). So to convert or see the token,you can use any base64 decoder available to parse the token, I have used jwt.io(https://jwt.io/) and paste the encoded token
If you have questions or suggestions, feel free to do in comments section below !!!
Do share if you find this helpful .......
Knowledge Sharing is Caring !!!!!!
Related Post
Tags:
Azure API Management
Hi, nice article. In my case I cannot pass to RequestBin the Ocp-Apim-Trace-Location header, although it is correctly returned to Postman when the call contains header Ocp-Apim-Trace. Do you have a suggestion?
ReplyDeleteENable the subscription key 'Allow Tracing' flag
Delete