Skip to content

Instantly share code, notes, and snippets.



Last active Nov 23, 2020
What would you like to do?
Azure API Management Policy for MTLS
<base />
<!-- TODO: limit by client_id, not token itself -->
<rate-limit-by-key calls="30" renewal-period="10" counter-key="@(context.Request.Headers.GetValueOrDefault("Authorization",""))" />
<when condition="@(context.Request.Certificate != null && context.Request.Certificate.NotAfter > DateTime.Now)">
<set-header name="Client-Certificate" exists-action="override">
<set-header name="Client-Certificate" exists-action="override">
<value />
<base />
<base />
<base />
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.