I am planning to use Azure API Management’s “Credentials Manager” in my policies so that validating a request and generating bearer token to be sent in each request to the backend will be the responsibility of the Azure APIM instead of the backend APIs.