I was asked by a customer recently on how to call a third-party API that required an MD5 hash to be included as a query string parameter from Azure API Management.
To use the Marvel API you have to include the following query parameters:
ts– Timestamp or other long string which can change on a request-by-request basis
apikey– Your Marvel API account public key
hash– MD5 hash of the timestamp, the Marvel API private key and the Marvel API public key
I decided to build out a POC to see I could do this.
In my Azure APIM resource I created a backend, called
MarvelAPI, pointing to
I created an Azure Key Vault resource to store my Marvel API Private and Public Key which were then mapped to Name Values in my Azure APIM resource called
I created a Marvel API with one operation called
Character List operation had a the
URL defined as a
GET with a path of
Since the query parameters for
hash would need to be required for all calls to the Marvel API, I modified the All operations policy.
I tested it from the Azure portal, and what do you know? It worked! Now in all honesty, it took me over a couple of hours to actually figure it out. 😀
Pretty cool! 😎
The challenging part was there was no syntax checking in the code and any library usage had to include the full name, including the namespace, e.g.,
System.DateTime as opposed to just
Super powerful, and super helpful!