Cosmos DB Server-Side Primer – Episode 1

Stored procedures in Cosmos DB are JavaScript functions that run close to the data to ensure high performance. In addition to great performance, stored procedures provide multi-operation transaction support with automatic rollback when things don’t go as planned. In this episode, we’ll look at the server-side¬†Collection¬†and Response classes to learn how to create and update… Continue reading Cosmos DB Server-Side Primer – Episode 1

Shape CosmosDB Output with JMESPath

According to James Saryerwinie, his truly awesome query language for JSON is pronounced James Path. I trust him on the pronunciation of JMESPath. Besides, when I used to say “Jay-mezz Path,” it just sounded wrong to me. I fell in love with JMESPath using the Azure CLI. Many of the Azure CLI commands support a… Continue reading Shape CosmosDB Output with JMESPath

Generating Cosmos DB Auth Tokens in Postman

If you read the official¬†article that describes how access control works in Cosmos DB, you’ll see this handy Node.js function for generating authentication tokens using a master key: var crypto = require(“crypto”); function getAuthorizationTokenUsingMasterKey(verb, resourceType, resourceId, date, masterKey) { var key = new Buffer(masterKey, “base64”); var text = (verb || “”).toLowerCase() + “\n” + (resourceType… Continue reading Generating Cosmos DB Auth Tokens in Postman

HTTP 404 for Missing API Resources

Should an API return HTTP 404 status when the specified resource cannot be found? Of course, that’s exactly what (Not Found) means. As RFC2616 states pretty clearly, 404 Not Found means: The server has not found anything matching the Request-URI. However, if you think APIs are like web pages, you might be perplexed by such… Continue reading HTTP 404 for Missing API Resources

Create SAS Tokens for Azure API Management with an Azure Function

Shared Access Signature (SAS) tokens are required to call Azure API Management’s original REST API. We can generate these manually on the Azure portal for testing. However, in production, if you want to invoke the APIM REST APIs programmatically, you’ll need to generate these tokens with a bit of code. There’s a snippet available in… Continue reading Create SAS Tokens for Azure API Management with an Azure Function

Extract JWT Claims in Azure API Management Policy

JSON Web Tokens (JWT) are easy to validate in Azure API Management (APIM) using policy statements. This makes integration with Azure Active Directory and other OpenID providers nearly foolproof. For example, one might add the following directive to the <inbound> policy for an API to ensure that the caller has attached a bearer token with… Continue reading Extract JWT Claims in Azure API Management Policy