Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
Cannot override x-forwarded-to on API Management
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 43%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDN%3C/text%3E%3C/svg%3E)
Dimitry Nechaev
20
Reputation points
I would like to use APIM to proxy App Insights endpoint for a website front - end (javascript)
Reasons:
- Any ad blocker will block app insights entirely.
- Don't want to expose telemetry key.
Problem 1 - cannot collect client IP address. This is important for a public e-commerce website with lots of synthetic traffic.
Problem 2 - Following Microsoft documentation does not work.
- https://learn.microsoft.com/en-au/answers/questions/1663105/azure-app-services-header-x-forwarded-for-rewrite
- https://learn.microsoft.com/en-us/azure/api-management/set-header-policy
I need a very simple thing - overwrite x-forwarded-for with client's IP address. That's all.
Here is my attempt:
<inbound>
<find-and-replace from="MYINSTRUMENTATIONKEY" to="123-456-678-fffff-ddsdfgsfdd" />
<set-header name="X-Forwarded-For" exists-action="override">
<value>@(context.Request.IpAddress)</value>
</set-header>
<set-header name="X-Forwarded-For-Test" exists-action="override">
<value>@(context.Request.IpAddress)</value>
</set-header>
<set-backend-service base-url="https://testmock.free.beeceptor.com" />
</inbound>
Outcome:
- "x-forwarded-for-test" shows my ip.
- "x-forwarded-for" nailed to APIM ip. No Matter What.
What's wrong?
My APIM is Basic v2
Azure API Management
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 77%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Sai Prabhu Naveen Parimi 3,235 Reputation points Microsoft External Staff Moderator2025-08-11T08:54:23.0266667+00:00 It would be helpful to have more information:
- What other policies are defined in your APIM configuration? It might be useful to see if there are any conflicting policies.
- Are there any error messages or logs that indicate what might be happening during the header processing?
- Is the
x-forwarded-forheader being modified at the backend or any intermediary service?
Sign in to comment
Sign in to answer