All Posts

Validate client certificates in API Management when it's behind an Application Gateway

In this second post, we expand on the solution from the previous post. We’ll deploy API Management inside a virtual network, positioning it behind an application gateway. We’ll configure the application gateway with an mTLS listener to validate client certificates and forward them to API Management for further processing. This approach can also be used with other types of backends, such as an ASP.NET Web API.

Validate client certificates in API Management

This blog post is the start of a series on how to work with client certificates in Azure API Management to setup a mutual TLS (mTLS) connection. While Azure’s official documentation provides excellent guidance on setting up client certificates via the Azure Portal, we’ll dive into utilizing Bicep and the Azure CLI, to automate the process. In this first post, we’ll cover the basics of how to validate client certificates in API Management.

Where to position SpecFlow in the Test Pyramid?

Automated testing is an essential part of software development, and determining the appropriate scope for your tests is crucial. This is also true when automating Gherkin scenarios with SpecFlow (or Cucumber). In this post I explore the different levels of the test pyramid and describe my preferred level for SpecFlow tests.

Deploy Azure Workbook and App Insights Function

In this post I explain how to deploy an Azure workbook using Bicep and set environment specific variables. I’ll also show how to deploy a shared kusto function in Application Insights with the Azure CLI.

Azure Workbook Tips & Tricks

If you use Azure, you most likely use Application Insights for logging. You can use a dashboard to visualize your logging and gain better insights, but dashboards come with some limitations. For more flexibility Azure has worbooks. In this blog post I’ll share some tips & tricks that I’ve gathered over the years. As a sample, we’ll create a workbook that shows information about requests sent to an API Management instance.

Transform SpecFlow Table Column

In a previous blog post I wrote about a trick on how to remove technical ids from Gherkin scenarios while still using technical ids in the step definitions. The proposed solution worked well for the given scenario, but not for other cases. In this post I look at several approaches on how to solve this issue.