While working recently I came across the Azure API management service we will explore the basics of this service in this article.
Before reading this article if you feel like below
The answer is Yes and below are the basic points that we should care before starting the API management service.
Why do we need Azure API Management Service?
Imagine a situation where we are asked to expose some of our API to the external partners, they want to access some part of our API. This API will be available in a public environment and only partners should be able to access and consume it. As an architect or a developer making the changes and providing controlled and managed access to the resource will be difficult. API management service provides all these features like documentation, rate-limiting Ability, Health monitoring, Security, and Combining multiple backends to provide a uniform interface to the end-user.
Basic Component of Azure API Management
- API Gateway
The API gateway is the endpoint which can be called by the client and it serves the following purpose
- Verify the security and authenticity of the Client calling the API (Verify token, Subscription key)
- Accept and Route the API calls to the backend
- Enforce rate-limiting and usage quotas
- Implement caching
- Transform the Request and response (e.g. From JSON to XML or vice versa )
- Azure Administrator Portal
This is the administrative interface that we use to perform the following operations
- Define and import backend schema
- Setup policies
- Package API as products
- Manage users
- Developer Portal
This acts as a main playground for the developers and it provides us many features like
- API documentation
- API playground console where we can execute the API and see the result
- Provision for creating the Subscriber keys and accounts
- Analytics for the API Usage
Now we see the basic building block of the Azure API management service but there are some component which needs to be discussed before diving in and creating our first API
Product is nothing but the way our API will be presented to the client or developers. generally, the Product contains some metadata like title, description, terms and conditions. We can keep these products open where they will be available to use directly or they can be restricted or protected where we will need the subscription keys to access these APIs.
Groups are nothing but the users who want to access the product ( API ) there are three types of groups
Azure subscription managers are the users of this group. they manage the instance of the API service. creating the APIs operation and products that are used by the developer.
These are the developer which are authenticated come into this category. These are the peoples who build applications using the API.
These are non authenticated users, they are the users who want to explore the API without actually subscribing to the API management service.
These are the capabilities of the Azure API Management service where we can change the behaviour of the API by using the configuration. they are executed sequentially on the request or response for example if we want to add some rate-limiting capabilities or if you want to add some transformation to the response we can apply the different types of policies to the API management service.
In the next article, we will see how we can create the Azure API Gateway and create our first instance of the Azure API Management service.