What is Azure API Management?

Azure API Management is a fully managed service that helps developers to securely expose their APIs to external and internal customers. It provides a set of tools and services for creating, publishing, and managing APIs, as well as for enforcing security, scaling, and monitoring API usage.

API management includes a range of features and tools, such as an API gateway, a web-based developer portal, API lifecycle management, monitoring and analytics tools, and security features. 

Azure API Management can be used with a variety of back-end services, such as Azure Functions, Azure Logic Apps, and Azure Virtual Machines, as well as with on-premises and third-party systems. It can help developers to build and manage APIs in a way that is secure, scalable, and easy to use.

How Azure API Management works

Azure API Management works by providing a layer between API clients and the back-end API services that they access. When a client makes a request to an API managed by API Management, the request is first sent to the API Management gateway. The gateway is responsible for enforcing security policies, rate limiting, and other policies on the API.

If the request is allowed by the gateway, it is then forwarded to the back-end API service. The back-end API service processes the request and sends a response back to the API Management gateway, which in turn sends the response back to the client.

Here are outlines of how Azure API Management works for three types of users. 

API consumers

For API consumers, Azure API Management provides a convenient way to access and use APIs that are managed by the service. When an API consumer wants to use an API managed by API Management, they typically follow these steps:

  • Find the API: The consumer can discover the API by browsing the developer portal, which is a web-based portal provided by API Management that lists all the available APIs. The consumer can also use the API Management REST API to programmatically discover APIs.
  • Get API credentials: To use an API, the consumer typically needs to provide some form of credentials, such as an API key or an OAuth token. The consumer can obtain these credentials by signing up for an API Management account and creating an application in the developer portal.
  • Send a request: The consumer can then send a request to the API by making an HTTP request to the API Management gateway, using the API endpoint and the API credentials. The request is forwarded to the back-end API service, which processes the request and sends a response back to the API Management gateway.
  • Get a response: The API Management gateway then sends the response back to the consumer. If the request was successful, the response will include the requested data or functionality. If there was an error, the response will include an error code and message.

API providers

For API providers, Azure API Management provides a set of tools and services for building, publishing, and managing APIs. When an API provider wants to use API Management to manage their APIs, they typically follow these steps:

  • Create an API Management service instance: The API provider needs to create an API Management service instance in the Azure portal. This creates a dedicated API Management environment that the provider can use to manage their APIs.
  • Define the API: The provider needs to specify the API endpoint, the operations that the API supports, and the request and response formats. The provider can use the API Management portal or the API Management REST API to define the API.
  • Configure security: The provider configures security for the API by specifying the authentication and authorization methods that the API will use. API Management supports a variety of authentication and authorization methods, including API keys, OAuth, and certificates.
  • Set up policies: The provider can use policies to specify rules and behaviors for the API. For example, the provider can use policies to set rate limits, transform requests and responses, or cache responses.
  • Publish the API: The provider can make the API available in the developer portal, which allows developers to discover, learn about, and interact with APIs.

Application developers

For application developers, Azure API Management provides a convenient way to access and use APIs in their applications. It allows them to do the following:

  • Access API documentation: The developer portal provides detailed documentation for each API, including information about the API endpoint, the operations that the API supports, the request and response formats, and any required parameters or headers. Developers can use this documentation to understand how to use the API and to troubleshoot any issues that may arise.
  • Test APIs: The developer portal also includes a built-in test console, which allows developers to send test requests to the API and view the responses. This can be useful for verifying that the API is working as expected and for debugging any issues that may arise.
  • Run analytics: API Management includes a range of tools for monitoring and analyzing API usage, performance, and errors. Developers can use these tools to track the usage of their APIs, identify any issues that may be affecting performance, and collect and analyze usage data. This can be useful for understanding how the APIs are being used and for identifying opportunities for optimization and improvement.

API management with Gloo Gateway

The API management market has evolved significantly over the past five years, as companies move to the cloud, leveraging a variety of open source technologies, and begin to integrate API management into the operational model used by cloud native applications. 

Unlike other vendors that take a legacy approach to API management, either through rigid vertical stacks, or maintaining slow, legacy technologies, Solo brings a cloud native, secure, modern approach to API management. Solo Gloo Gateway enables companies to deliver self-service, secure API management across any cloud environment. Gloo Gateway, based on Envoy Proxy, delivers a Kubernetes-native API Gateway, powered by GitOps automation. This delivers the most scalable, secure, cloud native API management solution in the market.

Get started with Gloo Gateway today!

BACK TO TOP