It’s not uncommon for Azure API Management to be deployed in a Virtual Network, only allowing external access via an Azure Application Gateway. In this second post on working with client certificates in API Management, we’ll explore how to configure an Application Gateway for mTLS and forward the client certificate to API Management for further validation. We’ll also look at the difference between strict and passthrough modes.
