Azure API Management – Security Deep Dive

ONLINE TRAINING
May 5 - 7 2021
Training Cost
ONLINE TRAINING
825 EUR (VAT ex.) per person
Practical informationClass from 8.45 AM to 5 PM
LanguageEnglish (unless all attendees speak Dutch)
Location

Most of our classroom training courses take place in Belgium (Edegem) or The Netherlands (Breda). Please click the button with the desired date to check the exact location of the training.

This training in-company?
Upon your request we can organize this training for you.
CONTACT US
Duration

1,5 days (3 training days from 8.45 AM until 12.30 PM)

Course overview

This training focusses on all topics related to Azure API Management security. At the end of the training, we apply the gained knowledge on real-life use cases. Based on several real case studies, you will learn how to determine the right security model for your APIs. We will design and implement state-of-the-art security, by covering both the front- and backdoor. You will learn how to deal with application & user identities and how these can be passed to the backend APIs.

Who should attend this training

This training is valuable for developers, architects and operators.

Course Objectives

After attending this training, you will know how to:

  • Determine the right security model for your APIs

  • Design and implement state-of-the-art security for your APIs

  • Deal with application & user identities

Prerequisites
  • Basic knowledge of Azure API Management (concepts and policies)

  • Basic understanding of API security concepts

Course Content
  • Azure API Management recap: fundamental API management security concepts…

  • Frontdoor network security: virtual networks, firewall, IP restrictions, rate limiting…

  • Frontdoor authentication: API keys, basic authentication, TLS mutual authentication, OIDC..

  • Frontdoor authorization: OAuth2 with Azure AD, Access Control List, claims, roles…

  • Pass user and app context: possibilities, on-behalf-of flow…

  • Backdoor network security: virtual networks, firewall, IP restrictions, rate limiting…

  • Backdoor authentication: API keys, basic authentication, TLS mutual authentication…

  • Backdoor authorization: OAuth2 with Azure AD, Access Control List, claims, roles…

  • Best practices: Azure Policy, global policy, error handling, key vault, managed identity…

These case studies will be discussed:

  • Natural language processing: managed identity, Azure Functions, dynamic throttling

  • Customs: user-assigned, managed identity, role-based access control, key vault

  • Weather Services: Azure relay, hybrid, products

  • Employee Info: user consent, extract claims, SOAP, TLS mutual authentication

Some general information about the training:

  • The online training takes place via Microsoft Teams

  • Access to an Azure subscription will be provided

  • The Azure consumption cost is included in the training price

  • All training material is handed over to the participants

  • The prerequisite software will be communicated before the start of the training





ENROLL NOW
This training in-company?
Upon your request we can organize this training for you.
CONTACT US