Saturday, February 15, 2020

How to Debug and Trace request in Azure APIM - Portal, Postman, RequestBin


Introduction 



APIM is a great option to expose API's with out of box features for applying restrictions, preprocessing, postprocessing etc. You can leverage existing API's,  by importing it and it gets added as a new API with all the operations associated with it. And based on the requirements you apply policies at the stage/level (Inbound,Backend/Outbound) and you are ready to use the API.

Before it is shared, we do some testing to make sure everything is working as per the expectation and this is where Debugging and Tracing request becomes important.


APIM does provide a way to Trace a call with the help of Ocp-Apim-Trace http header. So whichever request/call is to be traced, it needs to include this in header with the value set to true and it has dependency on another header, so that also needs to be passed i.e. Ocp-Apim-Subscription-Key

Note: The api on which Tracing is to applied , it requires the subscription key to be enabled


Read about APIM bascis -- Getting Started with Azure API Management - Fundamentals

Let's see how we can Trace a request/call 


Tracing request/call Using the Portal


Go to APIM instance, select any API and it's one of the operation, click on Test Tab.
Testing API using APIM Portal

Under Headers add Ocp-Apim-Subscription-key with key in the value and Ocp-Apim-Trace with value set to true.

Provide the request message in Request Body section and click on send.

testing response of api using apim portal

In Http response note that along with Message (response), Trace is also available having info from each stages (Inbound,Backend and Outboud)

Tracing request/call Using Postman


When you test with Postman, here too you have to provide the headers alongwith the request message (Body)

Tracing headers in Postman request



And alongwith the response (Body) , you are provided with location on Trace file (blob storage location). 
APIM trace testing with Postman

To see it click on Headers tab of response, and check for Ocp-Apim-Trace-Location, copy the url and paste it in browser - you should see all the traces.


How Ocp-Apim-Trace works


When we send Ocp-Apim-Trace  header in the request the APIM engine procures a temporary blog storage to store the Trace logs and associates it with the subscription key which it gets from another header which it gets in request i.e. Ocp-Apim-Subscription-Key, thus passing it in header is mandatory if tracing is to be done.

Trace logs are JSON based, and when you test it using Portal it is fetched from the temporary file and rendered in the Trace  tab, whereas when testing with postman, the url of the trace file is returned - to which you can go and check the logs.

Is there any other way also to Inspect the request coming to APIM?  below is one of the way 

Tracing request/call Using RequestBin


Recently I had a situation where I had to check what JWT token am receiving with the request coming to APIM. To inspect this I used RequestBin upon suggestion of my Colleague - Manojkumar Sachdev.

RequestBin gives you a URL that will collect requests. made to it and let you inspect them in a human-friendly way


request bin

First go to request bin and create a bin, copy the url 

bin url


Go to APIM-->API-->Operation and click on policy in Inbound Processing section and add send-one-way-request policy



In set-body we fetch the value  of Authorization from the request header which is received to APIM and add it in string array named values and return the first value .

Now send a request and check the bin
request received in request bin

As can be seen in above image, RAW BODY has the content from Authorization header i.e. Bearer Token.

Bearer token are base64 encoded, it consists of three main parts: Header, Payload, and Signature and separated by a dot(.). So to convert or see the token,you can use any base64 decoder available to parse the token, I have used jwt.io(https://jwt.io/) and paste the encoded token  

JWT




Related Post




ServerLess360


No comments:

Post a Comment

If you have any suggestions or questions or want to share something then please drop a comment