How can Microsoft Graph API be used to read Outlook emails hosted on-premise Exchange servers? How is it different from exchangelib?
Behind the scenes, when Microsoft Graph identifies that a REST API call is attempting to access an on-premises mailbox in a hybrid deployment, it proxies the REST request to an on-premises REST endpoint which then processes the request. This discovery makes accessing the REST API possible. For more info, refer the document.
Related
I have a static web site hosted on blob storage in Azure. I create an Azure CDN profile using Verizon standard account. I need to forward http requests to https automatically. I see a bunch of articles showing how ot do this with the rules engine but I cant seem to access it on my endpoint.
We have enterprise connector that has been designed and developed to access SharePoint resources via standard REST API calls from our platform to SharePoint. The authentication mechanism utilized by the enterprise connector is a standard OAuth 2.0 authentication using Client ID, Client Secret and resource to obtain an access token from a known IDP (accounts.accesscontrol.windows.net). The access token obtained in the previous call is used, as an Authorization header, for authorization to the SharePoint instance in subsequent REST API calls. The REST API requests are sent to a direct SharePoint URL (i.e. ourcompany.sharepoint.com) and are serviced by that service instance.
In the case of trying to use the standard enterprise connector with the SharePoint Online instance for this customer, the SharePoint URL that we have been instructed to send API requests to is an internal URL and is using Auto-Acceleration. All requests to this URL are forwarded to a federated authentication system maintained by the customer. All API requests sent to this URL are answered with error code -2147024891 System.UnauthorizedAccessException - "Access denied. You do not have permission to perform this action or access this resource." This is the also the case when sending API requests from a tool such as Postman - as to eliminate the authentication used by the enterprise connector as root cause of the access denial.
The solution we're seeking is the proper avenue to access the REST API services on this SharePoint Online instance. Is there a different authentication mechanism required in this scenario? Are there different API endpoints required to access SharePoint resources in this situation? Additional configuration required to allow access?
Any suggestions and/or guidance are appreciated.
I am trying out 3Scale API Management. I would like to have the API gateway running on-premise in Docker container and test with 3Scale API Portals by Red Hat evaluation.
A few questions:
How are the communication done between API Gateway and API Portal?
Is it the API gateway that request the configuration at startup from API Portal or is it API Portal that pushes the configuration to the gateway?
Reason of thinking is that the API Gateway is behind firewall(s) and to communicate to internet (API Portal) it uses a proxy.
If API Gateway communicates with API Portal - how can I configure proxy server in with Docker?
I got the answer in another forum:
The communication between the API Gateway and the API Manager uses two
APIs :
- the Service Management API to ask for authorization and report usage
- the Account Management API (read-only) to get the list of available APIs and their configuration
The Service Management API is at su1.3scale.net (port 443) whereas the
Account Management API is at
The configuration is retrieved by polling the Account Management API.
For reference: https://groups.google.com/forum/#!topic/3scale-api-management-by-red-hat/EXhrVUfKOtY
I have an existing on-premise REST API from an external vendor. I'd like to expose this API unmodified to the outside world through an Azure website. So I have customers that run this API on-premise and I'm developing a PaaS/SaaS app that should access these on-premise API's.
I also have a client SDK from the external vendor that calls the API. Works without issues when running on-premise. However, now I want to use this SDK from my Azure website.
How do I route REST service calls generated by the SDK to the on-premise API? I thought about using Azure Service Bus WebHttpRelayBinding but this seems to require a WCF contract which I do not have.
In other words: is there a way to send unmodified HTTP traffic to an on-premise system from Azure (through Azure Service Bus or by any other means)?
If you want to access an On-Premise service from the Azure service/websites what you need is a Hybrid Connection.
For that you will need a BizTalk service to redirect the trafic to your on-prem service.
Here are the steps to how to setup a Hybrid connection:
https://azure.microsoft.com/en-us/documentation/articles/web-sites-hybrid-connection-get-started/
I am planning to use Azure REST API management.
Among other things to standardize the security when calling the restful services. However I can't seem to figure out how to prevent access to the actual REST API as in to (lock the actual service away behind the REST API management).
What's the best practice around this?
You have a few options:
Mutual Certificate Authentication between Azure API Managament and your private API.
Basic Authentication on your private API and setup these details in Azure API Management.
Via a VPN / private network connection (this is currently not available but is coming).