Microsoft Dev Proxy v0.15: Mock the APIs Secured with Entra and Many More

Microsoft has lately released Dev Proxy v0.15., showcasing a selection of enhancements aimed at streamlining application enhancement procedures. Between a huge list of improvements, the most noteworthy addition is the ability to mock APIs that are secured with Entra. Other additions are connected to the simulation of OAuth flows, improved checking URLs, enhanced support of CORS, custom made commands and a lot more.

For audience unfamiliar with it, Dev Proxy, formerly named Microsoft 365 Developer Proxy, functions as a command-line instrument utilized for mimicking real API behaviours throughout application tests. With Dev Proxy, builders can create resilient purposes adept at handling problems and limits.

1 of the essential additions in this update is the capacity to simulate CRUD APIs secured with Microsoft Entra. Via the CrudApiPlugin Dev Proxy, builders can now emulate CRUD APIs, notably valuable when building apps in the absence of accessible APIs.

As described, this model extends support to simulate APIs secured with Microsoft Entra, a vital attribute for organization app progress. Builders can determine CRUD APIs and validate aspects of the entry token, like the viewers, issuer, permissions or token life time, making sure much easier simulation of secured APIs with out the have to have for intensive setup.

(Dev Proxy simulating a CRUD API secured with Microsoft Entra, Supply: Microsoft 365 System blog)

On top of that, the introduction of EntraMockResponsePlugin allows the simulation of OAuth flows, a widespread security evaluate in Microsoft cloud-dependent programs. This plugin facilitates the emulation of authentication processes, ensuring compatibility with Microsoft Identification libraries.

In addition to an announcement blog site article, the author of DevProxy, Waldek Mastykarz, was a visitor on the PnP Weekly podcast, the place he mentioned a few of interesting specifics about a tool. InfoQ gives the paraphrased assertion:


In your enhancement natural environment, you typically generate elements that are not shipped anyway. Our strategy makes it possible for for simulation, giving you manage about areas like token verification. We intention to mimic fact with no wasting time on pointless parts, optimizing your workflow.


Also, Enhancements have also been built to monitoring capabilities, with the addition of the urlsToWatch option. This attribute enables builders to specify URLs for monitoring directly from the command line, enhancing performance in running presets and checking API action. Also, this edition brings assistance for checking URLs on a specific port only.

(Specifying URLs to observe from the command line, Source: Microsoft 365 Platform blog)

The update also addresses the require for bigger customization, allowing for developers to add many scenarios of the identical plugin. As mentioned, this flexibility enables the development of many CRUD APIs or mocks for various use cases, enhancing adaptability in growth environments.

Futhermore, throttling simulation capabilities have been increased in this variation, enabling builders to configure retry-soon after values for throttled responses with extended plugins like GenericRandomErrorPlugin and GraphRandomErrorPlugin. Stating that this will bring developers the capacity to simulate varied scenarios and notice their impression on application general performance.

Also, concerning the CORS, Cross-Origin Source Sharing, the launch includes RateLimitingPlugin and RetryAfterPlugin to expose throttling details for cross-origin requests.

On top of that, developers now have far better manage over how Dev Proxy is initiated, with options to chorus from registering it as a program-huge proxy or putting in SSL certificates. As stated, these possibilities deliver flexibility for people, specially in Docker container environments.

In addition, Dev Proxy has been extended to assist customized instructions, letting plugins to introduce new functionalities independent of request checking.

About the breaking variations, a handful of are described which include adjustments to how plugins existing options to facilitate adding many scenarios of the very same plugin, modifications to the tracking of throttled requests, and revisions to logging treatments, involving the renaming of logging ranges. As described, these principally effect users with personalized plugins.

Last of all, the release also includes several bug fixes and functionality enhancements. For a specific checklist of alterations, developers are encouraged to examine the GitHub release notes relating to this new release.