Skip to content

Instantly share code, notes, and snippets.

@nov
Last active November 23, 2020 10:42
Show Gist options
  • Save nov/713648e26ab256310cc4ff9e52a8ba79 to your computer and use it in GitHub Desktop.
Save nov/713648e26ab256310cc4ff9e52a8ba79 to your computer and use it in GitHub Desktop.
Azure API Management Policy for MTLS
<policies>
<inbound>
<base />
<!-- TODO: limit by client_id, not token itself -->
<rate-limit-by-key calls="30" renewal-period="10" counter-key="@(context.Request.Headers.GetValueOrDefault("Authorization",""))" />
<choose>
<when condition="@(context.Request.Certificate != null && context.Request.Certificate.NotAfter > DateTime.Now)">
<set-header name="Client-Certificate" exists-action="override">
<value>@(context.Request.Certificate.GetRawCertDataString())</value>
</set-header>
</when>
<otherwise>
<set-header name="Client-Certificate" exists-action="override">
<value />
</set-header>
</otherwise>
</choose>
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment