Azure API Management

Azure API Management is a fully managed service that helps developers to securely expose their APIs to external and internal customers. It provides a set of tools and services for creating, publishing, and managing APIs, as well as for enforcing security, scaling, and monitoring API usage.

API management includes a range of features and tools, such as an API gateway, a web-based developer portal, API lifecycle management, monitoring and analytics tools, and security features. 

Azure API Management can be used with a variety of back-end services, such as Azure Functions, Azure Logic Apps, and Azure Virtual Machines, as well as with on-premises and third-party systems. It can help developers to build and manage APIs in a way that is secure, scalable, and easy to use.

Azure API Management consists of an API gateway, a developer portal, and a management plane. These components are fully managed and hosted by Azure. API Management is available in several tiers with differing features and capacity.

Image Source: Azure

API gateway

API gateways enable consistent configuration of security, routing, throttling, observability, and caching. All requests from the client application first reach the API Gateway and are then forwarded to their respective backend services. 

Azure API Gateway acts as a front end for backend services, where the API providers can abstract API implementations and develop backend architectures without affecting API consumers. 

Key features of Azure API Gateway include:

• Acting as a façade for the backend service and accepting API calls, routing them to the appropriate backend
• Validating API keys and other credentials like JWT tokens and certificates, provided in the request
• Applying rate limits and usage quotas 
• Optionally transforming requests and responses according to policies
• Caching responses to minimize latency and reduce the load on backend services (assuming cache is configured)
• Collecting output logs, metrics, and traces to monitor, report and troubleshoot issues

Administration interface

The Azure API Management management interface is a set of Azure portal pages and tools that let you manage services and APIs. You can use the management interface to:

• Provision, scale, and monitor services
• Define or get an API specification
• Enforce usage policies such as quotas and rate limits
• Define security policy settings
• Perform user management
• Package APIs into products
• Define API transformations
• Manage API versions
• Perform analytics on API metadata

Developer portal

The open source developer portal is a fully customizable, auto-generated website with API documentation.

API providers can customize the developer portal’s appearance by adding content, custom styling, branding, and even extending the developer portal with self-hosting.

Application developers use the open source developer portal to discover, consume, and learn how to use APIs in their applications. It also makes it possible to export APIs to Microsoft’s low code Power Platform.

The developer portal enables developers to:

• View API documentation
• Perform API calls through an interactive console
• Create a new account, subscribe and get an API key
• Access usage analytics
• Download API definitions
• Manage API keys

Azure API Management works by providing a layer between API clients and the back-end API services that they access. When a client makes a request to an API managed by API Management, the request is first sent to the API Management gateway. The gateway is responsible for enforcing security policies, rate limiting, and other policies on the API.

If the request is allowed by the gateway, it is then forwarded to the back-end API service. The back-end API service processes the request and sends a response back to the API Management gateway, which in turn sends the response back to the client.

Here are outlines of how Azure API Management works for three types of users. 

API consumers

For API consumers, Azure API Management provides a convenient way to access and use APIs that are managed by the service. When an API consumer wants to use an API managed by API Management, they typically follow these steps:

• Find the API: The consumer can discover the API by browsing the developer portal, which is a web-based portal provided by API Management that lists all the available APIs. The consumer can also use the API Management REST API to programmatically discover APIs.
• Get API credentials: To use an API, the consumer typically needs to provide some form of credentials, such as an API key or an OAuth token. The consumer can obtain these credentials by signing up for an API Management account and creating an application in the developer portal.
• Send a request: The consumer can then send a request to the API by making an HTTP request to the API Management gateway, using the API endpoint and the API credentials. The request is forwarded to the back-end API service, which processes the request and sends a response back to the API Management gateway.
• Get a response: The API Management gateway then sends the response back to the consumer. If the request was successful, the response will include the requested data or functionality. If there was an error, the response will include an error code and message.

API providers

For API providers, Azure API Management provides a set of tools and services for building, publishing, and managing APIs. When an API provider wants to use API Management to manage their APIs, they typically follow these steps:

• Create an API Management service instance: The API provider needs to create an API Management service instance in the Azure portal. This creates a dedicated API Management environment that the provider can use to manage their APIs.
• Define the API: The provider needs to specify the API endpoint, the operations that the API supports, and the request and response formats. The provider can use the API Management portal or the API Management REST API to define the API.
• Configure security: The provider configures security for the API by specifying the authentication and authorization methods that the API will use. API Management supports a variety of authentication and authorization methods, including API keys, OAuth, and certificates.
• Set up policies: The provider can use policies to specify rules and behaviors for the API. For example, the provider can use policies to set rate limits, transform requests and responses, or cache responses.
• Publish the API: The provider can make the API available in the developer portal, which allows developers to discover, learn about, and interact with APIs.

Application developers

For application developers, Azure API Management provides a convenient way to access and use APIs in their applications. It allows them to do the following:

• Access API documentation: The developer portal provides detailed documentation for each API, including information about the API endpoint, the operations that the API supports, the request and response formats, and any required parameters or headers. Developers can use this documentation to understand how to use the API and to troubleshoot any issues that may arise.
• Test APIs: The developer portal also includes a built-in test console, which allows developers to send test requests to the API and view the responses. This can be useful for verifying that the API is working as expected and for debugging any issues that may arise.
• Run analytics: API Management includes a range of tools for monitoring and analyzing API usage, performance, and errors. Developers can use these tools to track the usage of their APIs, identify any issues that may be affecting performance, and collect and analyze usage data. This can be useful for understanding how the APIs are being used and for identifying opportunities for optimization and improvement.

Here is a tutorial showing you how to import an OpenAPI specification backend API into Azure API Management. The format is JSON.

When you bring your backend API into API Management, the API Management API will become a façade for backend API. You can customize this façade to adapt it to your needs, without making any changes to the backend API.

Before you start, you will need to create a new Azure API Management instance within your Azure account.

Step 1: Import and publish a backend API

To import and publish a backend API in Azure API Management:

1. In the Azure portal, type “API management” into the search bar and click API Management services.
2. Select your instance on the API Management Service page.
3. Within the API Management instance, on the left, click APIs > OpenAPI.
4. Select Full in the Create from OpenAPI Specification window and enter values into the fields according to the screenshot below. You can edit these values later in the Settings tab.
5. Click Create to build the API.

Image Source: Azure

Step 2: Test the new API in the Azure Portal

It is possible to call API operations directly from the Azure portal. This is a convenient means of viewing and testing your work:

1. On the left of the API Management instance, click APIs > Demo Conference API.
2. Select the Test tab and click GetSpeakers. The page displays query parameters and headers for this sample API.
3. Choose Submit to submit a test query
4. The backend should respond with 200 OK response code and some data. This shows how you can interactively query your API for testing purposes.

Image Source: Azure

The API management market has evolved significantly over the past five years, as companies move to the cloud, leveraging a variety of open source technologies, and begin to integrate API management into the operational model used by cloud native applications. 

Unlike other vendors that take a legacy approach to API management, either through rigid vertical stacks, or maintaining slow, legacy technologies, Solo brings a cloud native, secure, modern approach to API management. Solo Gloo Gateway and Gloo Portal enable companies to deliver self-service, secure API management across any cloud environment. Gloo Gateway, based on Envoy Proxy, delivers a Kubernetes-native API Gateway, powered by GitOps automation. This delivers the most scalable, secure, cloud native API management solution in the market.

Get started with Gloo Mesh / Gloo Gateway today!