3

I have a question about routing traffic within an API gateway using policies.

I wish to call different backend servers based on a claim (issuer) in the user's JWT (JSON Web Token) from the same API gateway endpoint.

Specifically, can I write a policy to do JWT claim based routing just like I can use HTTP Headers in the policy, or will I have to call a lambda or azure function and then call the backend services by inspecting the token in the lambda ?

We are trying to centralize the access to the APIs on our multiple server instances and our use case is given below. Can you please advice :-

  • 1.a - UserA gets Access Token from ServerA Auth Services
  • 2 - UserA calls the API Gateway
  • 3 - UserA is routed to ServerA WebAPI based on his Token's issuer claim (ServerA)
  • 1.b. - UserB gets Access Token from ServerB Auth Services
  • 2 - UserB calls the API Gateway
  • 3 - UserB is routed to ServerB WebAPI based on his Token's issuer claim (ServerB)

enter image description here

Please advice.

Tarunpreet Ubhi
  • 405
  • 1
  • 3
  • 18
  • In my opinion, I have two api: companyA.net/getUserInfo, companyB.net/getUserInfo. Then I need to create a application to play the role of gateway in your picture. This app need to analyze JWT token and decide to call which api(e.g. get keywords 'companyA' from token). I know a little about azure api management and I didn't find any configuration about api gateway. – Tiny Wang Dec 18 '20 at 07:53
  • so in other words, i'll need to pass the request through a lambda or azure function, right ? – Tarunpreet Ubhi Jan 05 '21 at 23:23
  • Yeah, I think that's ok, request through an app to handle it and redirect to the correct server. The app play the role of transfer station. – Tiny Wang Jan 06 '21 at 01:36
  • did you find a way? – Rince Jan 25 '22 at 14:16

0 Answers0