如何使用 Azure APIM 将主键发送给用户?
How can I send the primary key to a user using Azure APIM?
我正在使用 Azure APIM 来控制用户如何与我的 API 交互。假设我禁用了批准用户完全访问我的 API 的需要。如何将新用户的授权密钥(即主密钥)发送到他们的电子邮件?
我知道他们可以登录开发人员门户并从他们的个人资料中获取此信息。但我正在寻找一种以编程方式执行此操作的方法。
如果您想向新用户发送他们的授权密钥,您可以使用 Azure 管理 API 来执行此操作,只需尝试以下代码即可通过用户电子邮件获取用户的所有授权密钥:
from azure.identity import ClientSecretCredential
import requests
resource_group = ''
APIM_name = ''
sub_id = ''
client_id = ''
client_secret = ''
tenant_id = ''
user_email = ''
mgmt_Base_URL = "https://management.azure.com/subscriptions/"+sub_id+"/resourceGroups/"+resource_group+"/providers/Microsoft.ApiManagement/service/"+APIM_name
credentials = ClientSecretCredential(
client_id = client_id,
client_secret = client_secret,
tenant_id = tenant_id
)
accessToken = credentials.get_token('https://management.azure.com/.default')
def __main__():
user = findUserByEmail(user_email)
if user:
subs = listSubOfUser(user['name'])['value']
print("user subscriptions:")
for sub in subs:
print("name:"+ sub['properties']['displayName'] + " keys:")
subKeys = getKeysBySubID(sub['id'])
print(subKeys['primaryKey'])
print(subKeys['secondaryKey'])
else:
print("no such user")
def findUserByEmail(email):
reqURL =mgmt_Base_URL+ "/users?api-version=2019-12-01&$filter=email eq '" + email + "'"
r= requests.get(reqURL,headers={"Authorization":"Bearer " + accessToken.token})
result = r.json()
if(len(result['value'])>0):
return result['value'][0]
else:
return None
def listSubOfUser(userID):
reqURL = mgmt_Base_URL + "/subscriptions?api-version=2019-12-01&$filter=ownerId eq '"+userID+"'"
r= requests.get(reqURL,headers={"Authorization":"Bearer " + accessToken.token})
return r.json()
def getKeysBySubID(SubID):
reqURL = "https://management.azure.com" +SubID+"/listSecrets?api-version=2019-12-01"
r= requests.post(reqURL,headers={"Authorization":"Bearer " + accessToken.token})
return r.json()
__main__()
我已经在我这边进行了测试,它对我有用:
关于APIM management API的更多操作。
我正在使用 Azure APIM 来控制用户如何与我的 API 交互。假设我禁用了批准用户完全访问我的 API 的需要。如何将新用户的授权密钥(即主密钥)发送到他们的电子邮件?
我知道他们可以登录开发人员门户并从他们的个人资料中获取此信息。但我正在寻找一种以编程方式执行此操作的方法。
如果您想向新用户发送他们的授权密钥,您可以使用 Azure 管理 API 来执行此操作,只需尝试以下代码即可通过用户电子邮件获取用户的所有授权密钥:
from azure.identity import ClientSecretCredential
import requests
resource_group = ''
APIM_name = ''
sub_id = ''
client_id = ''
client_secret = ''
tenant_id = ''
user_email = ''
mgmt_Base_URL = "https://management.azure.com/subscriptions/"+sub_id+"/resourceGroups/"+resource_group+"/providers/Microsoft.ApiManagement/service/"+APIM_name
credentials = ClientSecretCredential(
client_id = client_id,
client_secret = client_secret,
tenant_id = tenant_id
)
accessToken = credentials.get_token('https://management.azure.com/.default')
def __main__():
user = findUserByEmail(user_email)
if user:
subs = listSubOfUser(user['name'])['value']
print("user subscriptions:")
for sub in subs:
print("name:"+ sub['properties']['displayName'] + " keys:")
subKeys = getKeysBySubID(sub['id'])
print(subKeys['primaryKey'])
print(subKeys['secondaryKey'])
else:
print("no such user")
def findUserByEmail(email):
reqURL =mgmt_Base_URL+ "/users?api-version=2019-12-01&$filter=email eq '" + email + "'"
r= requests.get(reqURL,headers={"Authorization":"Bearer " + accessToken.token})
result = r.json()
if(len(result['value'])>0):
return result['value'][0]
else:
return None
def listSubOfUser(userID):
reqURL = mgmt_Base_URL + "/subscriptions?api-version=2019-12-01&$filter=ownerId eq '"+userID+"'"
r= requests.get(reqURL,headers={"Authorization":"Bearer " + accessToken.token})
return r.json()
def getKeysBySubID(SubID):
reqURL = "https://management.azure.com" +SubID+"/listSecrets?api-version=2019-12-01"
r= requests.post(reqURL,headers={"Authorization":"Bearer " + accessToken.token})
return r.json()
__main__()
我已经在我这边进行了测试,它对我有用:
关于APIM management API的更多操作。