-
-
Notifications
You must be signed in to change notification settings - Fork 764
[Offtopic, Question] Azure Api Management and Identity Server #173
Comments
I haven't looked into it so far. Interested in what you find out! |
@s093294 I am currently looking into this at the moment with AD but we also wanted to see if IdentityServer could be used as an oAuth provider. Did you end up going any further with this? |
@s093294 The only "off" thing about Azure API management, is that your system is getting highly reliant on Azure. I try to stay out of getting to bed with Azure too much. If I want to host my entire stack on appharbour or Amazon, I want to do that easily. |
I found that the following two articles had the information needed to implement user delegation and signup stuff to work nicely with idsrv. http://azure.microsoft.com/da-dk/documentation/articles/api-management-howto-setup-delegation/ Though, as @johnkors also points out, I have postponed this for as far as possible for the same reason to not be reliant on api management. The main benefit that I see of using API management is that it offers options to create "packages" solutions for different enduser/partners. This will save a great amount of internal development - where the other features on api management has alternatives that could be as easy as dropping in a nuget package. |
I have a current API development project (not hosted in Azure) which will use Azure Api Management to control & track access to (and throttle) use of the API. There are several companies that provide this type of proxied management service (3scale, Apigee, Mashery, etc.), and ultimately you can choose anyone you want since it has nothing to do with Azure, but in this case Azure is the company that was selected for this project, and they support OAuth 2.0 for authorization. With that in mind, I need to build the OAuth 2.0 provider piece, but during that process I discovered OpenID Connect (which appears to be OAuth 2.0+) and I would much prefer to start with it rather than build an OAuth 2.0 server which I will eventually have to upgrade to OpenID Connect. That said, I am not sure how much extra overheard there is in OpenID Connect, and if it is somewhat backwards compatible with OAuth 2.0 for basic authorization, so that I can use it with Azure Api Management? I you look at the OAuth 2.0 link that @s093294 provided in the previous post you can see the form that needs to be filled in with the OAuth 2.0 server settings. Is it possible for someone who has had experience with OpenID Connect to look at that form and tell me if they think it has enough parameters to support OpenID Connect? If the documentation is not enough, I am happy to work with someone who has a functioning OpenID Connect server to test it out and try to configure it in Azure. I wish that this was a future project that I could put on ice for a while, but it is not...Azure Api Management is a real solution that I need to use today, and I need to know if it supports OpenID Connect due to it being based on OAuth 2.0, or if I have to skip OpenID Connect for now and stick with a standard OAuth 2.0 server implementation. |
This might be abit offtopic, but given there is a chance that thinktecture guys already looked at it or someone else here, i take my changes asking the question..
I am getting some pressure to investigate wether or not the new ApiManagement service on azure can help us and save us time not developing something our self that it provides. TBH i have not taken the time to look into it just yet, but maybe someone here using IdentityServer and designing Apis, have already started looking into it.
What I am mostly interested in is if there are issues using the service together with identityserver. (thinking about how the service handles tokens and users).
If none here knows anything about it, then we can just close this again and open it when I get that investigated.
I need to figure out what exactly the services offers, but I am getting told its the new hot thing that will change the way people do API. ( i am not convinced yet).
The text was updated successfully, but these errors were encountered: