Dynamic 365, Power Platform and Azure

  On one of my recent projects, a client application was required to place a message onto an Azure Service Bus by using a HTTP endpoint rather than using the Service Bus SDK and with the following constraints . ·        The client is unable to generate the Service Bus SAS token. ·        Service Bus Session Id needs to be set to the customer number found in the message to ensure ordered delivery by the consumer. ·        Custom HTTP Request Headers may be used. I decided upon a solution that uses Azure APIM to expose the Service Bus endpoint. 1.      The first step of this solution  is to create an Azure Service Bus with a queue called ‘ apimqueue ’ . Please refer below screen shot. 2.     Next click on created queue and navigate Shared access policy and added ‘ apimqueuesend ’ which has only Send claims. 3.     Click on created ...

  This post will provide an example of how to integrate Azure  API Management ,  Key Vault  and  Managed Identities  to securely retrieve and use a secret within an API . Enable Managed Identity Before we jump into the policy itself, we first need to do some groundwork. As we are going to retrieve the secret from Key Vault, we will assign a managed identity to API Management, which we then give permission to get the secrets. First, enable managed identity on your API Management. Assign permissions Once enabled, the next step is to assign the required permissions to this new identity in Key Vault, which has the name of our resource. We do this in the  Access policies  blade, where we provide  Get  permissions for the secrets. Important to note, this does give the identity access to all the secrets in this Key Vault. As such, it is important to have a good Key Vault policy around separation of secrets. Next Add access policy with the b...