I need to make HTTP calls from various Azure Logic Apps (standard) and Azure Function Apps to an external API that is secured with OAuth 1.0. I want (almost need) Azure API Management to mediate these calls and handle things like authentication and routing. I can't find a way to use OAuth 1.0 that's native to APIM.
I've been given a consumer key, a consumer secret, a token id, a token secret, and a realm. If I understand OAuth 1.0 correctly, that means that most of the work has already been done for me.
I've tried just making a call directly to the external API from Postman by setting the authentication type to OAuth 1.0 and giving it the consumer key, consumer secret, token id, token secret, and realm. That just works. I get the expected results back with a 200 status code.
I'm working on a solution that uses a very long C# expression to create the OAuth signature base string, signature, and header, but it seems strange that I'd have to write such complex C# code to implement an authorization scheme that's so common in legacy interfaces.