0

Below is our architecture

1, Frontend UI 2, Orchestrator Api ( .Net6 Api (App service) 3, Small Api's (.net 6 appservice )

Frontend will only communicate with the Orchestrator Api , Orchestrator APi will communicate with more than 3 or 4 small api for specific data.

We are looking for a solution with managed identity for orchestrator api to talk to small api's with out exchanging token or credentials / any code change in the Api?

since there more apis joining , is it possible at the resource group level instead of setting at each APi level?

is there a way to do this ? please give some pointers or web reference?

Thanks in Advance

ezycoder
  • 103
  • 2
  • 9
  • managed identities are managed service principals so they redeem tokens in order to get access to other resources. – Thomas Aug 28 '22 at 20:22
  • you would need to create an app registration to authenticate to the "small api" then grant permissions to the managed identity (Orchestrator Api) to call the samll api.. – Thomas Aug 28 '22 at 20:25
  • https://stackoverflow.com/questions/67169780/how-to-explicitly-grant-access-from-a-user-managed-identity-to-a-aad-application – Thomas Aug 28 '22 at 20:26
  • https://stackoverflow.com/questions/70259377/use-azure-managed-identity-to-authenticate-against-app-service – Thomas Aug 28 '22 at 20:26

0 Answers0