Skip to content

Instantly share code, notes, and snippets.

@nov nov/mtls-policy.xml
Last active Oct 22, 2018

Embed
What would you like to do?
Azure API Management Policy for MTLS
<policies>
<inbound>
<base />
<!-- TODO: limit by client_id, not token itself -->
<rate-limit-by-key calls="30" renewal-period="10" counter-key="@(context.Request.Headers.GetValueOrDefault("Authorization",""))" />
<choose>
<when condition="@(context.Request.Certificate != null && context.Request.Certificate.NotAfter > DateTime.Now)">
<set-header name="Client-Certificate" exists-action="override">
<value>@(context.Request.Certificate.GetRawCertDataString())</value>
</set-header>
</when>
<otherwise>
<set-header name="Client-Certificate" exists-action="override">
<value />
</set-header>
</otherwise>
</choose>
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.