This post shows how to add an AI assistant plugin to Backstage that lets internal developers chat with their own domain data using Azure AI Foundry Agents. We cover agent concepts, minimal API usage, plugin structure (frontend + lightweight backend proxy), security (secrets & identity), and deployment guidance. 1. Why an AI Chat Plugin in… Continue reading Building Backstage AI Chat Plugin with Azure AI Foundry Agents
Category: APIM
Backstage on Azure Container Apps with Microsoft Entra ID (Azure AD) Authentication
End-to-end guide: containerizing Backstage, provisioning Azure resources (with Bicep & CLI), enabling Microsoft Entra (formerly Azure AD) sign-in, managing secrets, scaling, observing, troubleshooting, and cleaning up — all aligned with current Azure best practices (managed identities, least privilege, and no hard‑coded secrets). Why Backstage + Azure Container Apps Backstage centralizes your internal developer portal (catalog,… Continue reading Backstage on Azure Container Apps with Microsoft Entra ID (Azure AD) Authentication
Measuring API Latency & Throughput with k6
Modern API platforms live and die by their tail latency. Your users do not care that the “average” response time is fine if 5% of requests are 10× slower. This post walks through using k6 to benchmark Azure API Management (APIM) backed APIs, first with a basic latency script and then with per‑request telemetry streamed into Azure… Continue reading Measuring API Latency & Throughput with k6
Blue-Green and Canary Releases with Zero-Downtime for Azure Functions Flex Consumption with APIM
This solution demonstrates the power of combining multiple Azure services to create sophisticated deployment patterns. As Azure Functions Flex Consumption matures, this approach provides a solid foundation that can be easily adapted when native deployment slots become available. The Challenge: Deployment Slots Without Slots Azure Functions on the Consumption plan has long provided deployment slots,… Continue reading Blue-Green and Canary Releases with Zero-Downtime for Azure Functions Flex Consumption with APIM
Azure Bot Service & Microsoft Teams – Architecture and Message Flow
Some time ago, I shared my experience building a secure bot using the Azure Bot Service and Bot Framework. Since then, I’ve frequently received questions about how the underlying system works. In this post, I’ll walk through the internal architecture of the Azure Bot Service—covering the key components, message flow, and supporting services—to provide a… Continue reading Azure Bot Service & Microsoft Teams – Architecture and Message Flow
Building a Secure Azure Bot for Microsoft Teams
Integrating bots with Microsoft Teams is a powerful way to improve collaboration and automate workflows. However, ensuring secure access, network isolation, and controlled data flows is crucial, especially in sensitive environments like financial or healthcare applications. In this blog post, I'll walk through a secure setup I recently implemented, showcasing how to create an Azure… Continue reading Building a Secure Azure Bot for Microsoft Teams
Creating Custom Widget for Managing Client Secrets in APIM Developer Portal
In today's rapidly evolving digital landscape, secure and efficient management of client credentials is paramount. Azure API Management (APIM) provides a robust platform for managing APIs, enabling organizations to expose and protect their services. Integrating Azure Active Directory B2C (Azure AD B2C) with the APIM Developer Portal allows API consumers to sign in and manage… Continue reading Creating Custom Widget for Managing Client Secrets in APIM Developer Portal
End-to-End Security: Function, Azure SQL, and API Management
Introduction In the dynamic realm of today's digital environment, safeguarding your applications and data holds utmost importance. This blog post is designed to lead you through the steps of establishing comprehensive security measures for an Azure Function App, Azure SQL database, and API Management. Our approach involves leveraging Azure Virtual Network (VNet) for robust network… Continue reading End-to-End Security: Function, Azure SQL, and API Management
Orion-Guardian: Azure DevOps Security Management at Scale
Introduction In the ever-evolving landscape of software development, ensuring the security and autonomy of your projects is paramount. Azure DevOps has become a cornerstone for many development teams, providing a robust set of tools for collaboration and project management. However, managing security at scale can be a daunting task. Enter Orion Guardian – a game-changing… Continue reading Orion-Guardian: Azure DevOps Security Management at Scale
Secure API with API Management, network integrated Container Apps
Introduction In today's digital landscape, APIs play a crucial role in connecting applications and enabling seamless interactions. However, with the increasing importance of APIs, ensuring their security becomes paramount. In this blog post, we'll explore how to create a secure API using .net and hosted on Azure Container Apps, expose them via Azure API Management… Continue reading Secure API with API Management, network integrated Container Apps
Reverse Engineering 