Blogging about my adventures, straight from the Azure trenches. Sharing is caring!

Use GitHub Actions with User-Assigned Managed Identity

Use GitHub Actions with User-Assigned Managed Identity

Before we can automate our infrastructure as code, there is always to need to grant the required permissions to our release pipelines.  For GitHub Actions, this typically involved creating a Service Principal with a client secret.  By storing those credentials as...

Subscribe to the blog

Latest Posts

Azure API Management Survey!

Azure API Management Survey!

Last week, I spoke at the INTEGRATE conference.  During my talk, I've conducted a survey about Azure API Management.  200 attendees participated in this survey, which leads to interesting insights!  You can discover them here.

My 10 favorite Azure API Management Tips and Tricks!

My 10 favorite Azure API Management Tips and Tricks!

Last week, I've presented at INTEGRATE my 10 favorite tips and tricks for Azure API Management.  I want to share them here with you! Automate your backups Dynamically expose your Open API definitions  Send API Inspector Traces to Application Insights Hide stack traces...

Hide stack traces in a smart way in Azure API Management

Hide stack traces in a smart way in Azure API Management

Stack traces are a nice gift for hackers, because they reveal details about the underlying technology that you are using.  From a security perspective, it is good to remove stack traces when exceptions occur and just return a generic error message, like I described in...

Enforce the global policy in Azure API Management

Enforce the global policy in Azure API Management

Azure API Management has a very powerful concept of policies: logic that you can inject in the request or response pipeline of your APIs.  These policies can be defined on four levels: All APIs: a global policy that is applicable for all your API calls Product: a...

How to read form-urlencoded data in Azure API Management?

How to read form-urlencoded data in Azure API Management?

Lately, I had the requirement to access data from the incoming HTTP body, which was form-urlencoded (Content-Type: application/x-www-form-urlencoded).  I assumed this was something simple to do, however it turned out more complex than expected. HttpUtility? My first...