Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,319 questions
Understanding APIM's Mechanism for Importing Open API Specification Files via URL
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 20%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDC%3C/text%3E%3C/svg%3E)
Divyam CHADHA
0
Reputation points
When you import an API to APIM via azure cli you can either provide the path to your Open API Specification (OAS) file (--specification-path) or you can provide the URL to the OAS (--specification-url).
Question 1: Why is importing OAS via URL able to import larger specification files?
When you pass the OAS file inline (via specification path), you are limited to file sizes upto 4mb. However, when you pass the specification url you are able to import larger OAS files to APIM. My first question is why is that? I suspect the azure cli behind the scenes is parsing my specification file and using the Resource Management API to build the API in segments on APIM. But I am unable to find any concrete documentation behind this.
Question 2: Who (APIM or Compute Service where az cli is used) is making the call to fetch the OAS?
My next question is who is making the call to fetch the API Specification? Let's consider this scenario -
My specification file is present on a blob in a storage account on azure and I am executing the az apim api import command on a GitHub Runner. I fetch a SAS token and use that along with the URL to my blob.
Then is it the APIM that makes the network call to the storage account directly to fetch the file?
Is it the GitHub Runner that makes the call to the storage account, and then pass on the specification to APIM?
I am trying to understand networking constraints for my use case. If my storage account is behind a private network, will my APIM be able to use the URL for specification then?
Any links to documentation that highlights relevant behavior will be highly appreciated.
Question 3: Is header-based auth possible for specification-url?
And my third and last question is it possible to have some kind of header-based authentication tied with the specification-url. Can my specification be provided by an API that uses a beaker token for auth? The documentation to import the API does not highlight any details regarding this.
Any links to documentation, white papers or answers to previous questions will be appreciated! Thanks a lot
Sign in to answer