search

Azure / api-management-developer-portal

Developer portal provided by the Azure API Management service.
MIT License
478 stars 306 forks source link

Allow custom ports for configuring Application Gateway listeners #1504

Open nileshsawant80 opened 2 years ago

nileshsawant80 commented 2 years ago

Bug description

I have single application gateway service used for Dev and UAT and separate Dev API Management and UAT API Management service deployed internal mode inside VNET. We have Azure AD B2C as Identity Management for users trying to use APIs. Due to organisation standards Dev should be internal (private IP) and UAT is like preprod exposed externally using public IP. I have configured UAT with public IP with port 443 and Dev with port 8443 at application gateway. UAT is working fine. The problem is Dev env is not working with Developer portal, when user trying to signin to developer portal using B2C it fails with error (screenshot attached). The issue is developer portal trying to reach MAPI endpoint apimanagement.dev..... and fails with connection timeout error. The App GW is listening to port 8443 and dev portal send request to 443 by default it does not reach the application gateway and fails.

Issue looks to be on dev portal where port cannot be changed to application gateway custom listener endpoint and port.

Reproduction steps

  1. Go to 'portal.dev.xyz.com.au'
  2. Click on 'Sign in with Azure AD B2C'
  3. Scroll down to 'enter B2C credentials' and complete profile page appears
  4. Click submit and See error

Expected behavior

No error, User must be registered in API Management service - user section

Is your portal managed or self-hosted?

Managed / Self-hosted Deployed inside VNET and custom hostname configured with APIM

Gateway name : dc3devappgateway01

API Management service name

dc3devapim02

Environment

Azure DevPortal_8443_Error.docx

Additional context

Add any other context about the problem here, including screenshots.

ghost commented 2 years ago

@nileshsawant80, thank you for opening this issue. We will triage it within the next few business days.

mikebudzynski commented 2 years ago

@nileshsawant80, could you please reach out to Azure support to troubleshoot the problem? In general, we recommend having full separation between the environments, including having separate Application Gateways.

ghost commented 2 years ago

@nileshsawant80, thank you for requesting this feature.

nileshsawant80 commented 2 years ago

@nileshsawant80, could you please reach out to Azure support to troubleshoot the problem? In general, we recommend having full separation between the environments, including having separate Application Gateways.

@mikebudzynski We have separated Application Gateway for Dev and UAT since the setup did not work. Application Gateway is costly resource and using it as common resource for non-prod environment would help to reduce cost. Even if we use one application gateway, azure apim developer portal will not work if we choose different port in the application gateway.

Another issue is Application gateway does not allow to have same port (eg. 443) for public and private IP, this is App gateway product limitation. Can this feature be added to application gateway?

mikebudzynski commented 2 years ago

Another issue is Application gateway does not allow to have same port (eg. 443) for public and private IP, this is App gateway product limitation. Can this feature be added to application gateway?

This repository is specific to the developer portal in API Management. I don't know what the feedback channels for the Application Gateway product are.