I am interested in a way to continue processing even if the validation using validate-jwt or validate-azure-ad-token fails. A similar issue has been discussed on Stack Overflow. However, with that approach, after the on-error processing, a response configured with failed-validation-httpcode is returned, making it impossible to continue inbound processing.
The use case for this scenario is to provide APIs categorized by a certain service level. While I use validate-azure-ad-token to protect the API, I aim to offer a freemium API product that allows free-tier users limited usage with policies like quota and rate-limiting, even if they fail authorization. However, I’m struggling to find a way to continue processing when validation fails and have been unable to implement this.
I would appreciate it if you could provide a sample implementation.
I am interested in a way to continue processing even if the validation using validate-jwt or validate-azure-ad-token fails. A similar issue has been discussed on Stack Overflow. However, with that approach, after the on-error processing, a response configured with failed-validation-httpcode is returned, making it impossible to continue inbound processing.
https://stackoverflow.com/questions/79085220/azure-apim-dont-return-error-if-token-validation-fails
The use case for this scenario is to provide APIs categorized by a certain service level. While I use validate-azure-ad-token to protect the API, I aim to offer a freemium API product that allows free-tier users limited usage with policies like quota and rate-limiting, even if they fail authorization. However, I’m struggling to find a way to continue processing when validation fails and have been unable to implement this.
I would appreciate it if you could provide a sample implementation.