Azure Authorizer reference configuration

Learn how you can configure your Azure Authorizer so that its settings are tailored to your specific needs.

About Azure Authorizer configuration

For the Azure Authorizer, its configuration is adjusted by adding environment variables to your ACP Azure Authorizer configuration in the Azure API Gateway portal. To know how to add environment variables for your authorizer, see the Setting environment variables section of the Protecting APIs on Azure API Gateway documentation.

Required settings

Setting Type Default Description
ACP_ISSUER_URL string Defaults to the issuer URL for the workspace in which the authorizer is created Your authorizer issuer URL
ACP_CLIENT_ID string Defaults to the client identifier of a client application that is created for your authorizer in the System workspace Client identifier of your authorizer’s client application that is used for the purpose of authenticating your requests
ACP_CLIENT_SECRET string Defaults to the client secret of a client application that is created for your authorizer in the System workspace Client secret of your authorizer’s client application that is used for the purpose of authenticating your requests
AZURE_SUBSCRIPTION_ID string - Your Azure subscription identifier
AZURE_TENANT_ID string - Your Azure tenant identifier
AZURE_CLIENT_ID string - Client identifier for the Azure AD application that can access your resources. To learn more, see Creating an Azure ADD applications in Azure documentation and Registering an application section of the Protecting APIs on Azure API Gateway article.
AZURE_CLIENT_SECRET string - Client secret for the Azure AD application that can access your resources. To learn more, see Creating an Azure ADD applications in Azure documentation and Registering an application section of the Protecting APIs on Azure API Gateway article.

Optional settings

Setting Type Default Description
LOGGING_LEVEL string info Possible values from the most strict levels to the ones that give the most detailed information: error, warn, info, debug, trace.
CONFIG_SYNC_INTERVAL time.Duration 60s Represents the frequency of fetching APIs from the Azure API Gateway and synchronizing it with ACP.
CONFIG_REFRESH_INTERVAL time.Duration 30s Represents the frequency of retrieving policies from ACP by the authorizer.
DISABLE_ANALYTICS bool false If true, turnes off the analytics for the Lambda Authorizer in ACP’s Admin Panel Analytics.
DO_NOT_FAIL_ON_MATCHING_REQUESTS bool false If set to false, the authorizer blocks every API request that does not match the provided criteria.
CLIENT_ROOTCA string - Path to the root certificate for your authorizer’s client application.
CLIENT_INSECURESKIPVERIFY bool false Disables certificate verification
AZURE_AUTHORIZER_TIMEOUT int 5s Timeout for the authorizer’s HTTP client application
AZURE_STATIC_AUTHORIZER_URL string By default, the authorizer URL used in policies is discovered automatically. Points to your authorizer domain if you use custom domains and non-standard deployment.
WEBSITE_RESOURCE_GROUP string - Specifies your Azure resource group.
WEBSITE_HOSTNAME string - Azure hostname for your website