Azure notes

Azure API Management (APIM)
Forward a request to a Service Bus queue or topic using a managed identity
  1. Assign the role Service Bus Data Sender to the APIM managed identity, in the Service Bus
  2. In APIM, add the base URL of the service bus to the settings of the API
  3. In APIM, add a policy to the inbound element:
    <authentication-managed-identity resource = "https://servicebus.azure.net" />
  4. In APIM, add another policy to the inbound element:
    <rewrite-uri template="taskqueue/messages" />
Azure API Management (APIM)
Forward a request to an API using a managed identity
  1. In the App Service, add a Microsoft authentication provider
  2. Select the option to automatically create an app registration
  3. For the allowed client application, provide the APIM application id from Entra ID
  4. For the allowed identity, provide the APIM object ID from Entra ID
  5. In APIM, add the base URL of the API to the settings of the API
  6. In APIM, add a policy to the inbound element:
    <authentication-managed-identity resource = "2a38a484-f728-404a-a47a-539ca7e22fff" />
    where the resource guid is the application (client) ID of the backend API