API Management enables you to create compatible and modern API gateways for enduring back-end services. API Management helps organisations to publish their APIs to external partner as well as internal developers to unlock the potential of their data and services. Business users are looking everywhere to increase their operations using digital platform via creating new channels, finding new customers, and driving deeper engagement with existing ones. API Management provides the core competencies to confirm a successful API program through developer engagement, business insights, analytics, security and protection.
Azure API Management helps you to protect and effectively scale back-end, and launch a full-fledged API program for your business.
Following are the major components of Azure API Management:
- The API Gateway is the endpoint that:
- Acquires API calls and routes them to your back-ends
- Verifies API keys, JWT tokens, certificates, and other credentials
- Enforces usage quotas and rate limits
- Transforms your API on the fly without code alterations
- Caches back-end responses where founded
- Logs call metadata for analytics determinations
- TheAzure Portal is the administrative interface where you set up your API program with:
- Define or import API schema
- Package APIs into products
- Set up policies like quotas or transformations on the APIs
- Get insights from analytics
- Manage users
- The Developer Portal serves as the main web presence for developers, where you can:
- Read API documentation
- Try out an API via the interactive console
- Create an account and subscribe to get API keys
- Access analytics on their own usage
- Custom pages as per your need
- User friendly design
- Customize as per the login or not
Some Additional Features
-
Azure AD Integration
Azure API Management enables you to use Azure AD (and Azure AD B2C) as an identity provider for user sign in on the developer portal.
-
Allow multiple custom domain names
By default, Azure assigns a subdomain of azure-api.net (for example: apimdemo-neosalpha.azure-api.net). However, API Management allows you to expose your API Management endpoints using your own domain name.
-
Virtual Network Support
Azure VNETs allow you to position any Azure resource in an exceedingly non-internet routable network. These networks can be connected to your on-premises networks utilizing various VPN technologies. Azure API Management is deployed inside the virtual network (VNET), so it can access back-end services within the network. The developer portal and API gateway is configured to be accessible either from the online or only within the virtual network.
-
Multi-Region Deployment
Multi-region deployment enables API publishers to distribute Azure API management service across any number of supported Azure regions. It helps you to reduce request latency perceived by geographically distributed API consumers and improves service availability if one region goes offline.
-
Subscription key
Subscriptions are an important concept in Azure API Management. This allow you to access APIs published through an API Management instance.
-
Response caching
Using Response caching you can significantly reduce API latency, bandwidth consumption, and web service load for data that does not change frequently.
-
Publishing multiple versions of our API
Using Azure API Management you can publish multiple version of one API. You can change current version of your APIs to any published version using versioning option in Azure API Management.
-
Notifications
API Management provides you to configure notifications for specific events and to configure e-mail templates that are used to communicate with the administrators and developers of an API Management instance.
-
Authentication
API Management provides the aptitude to secure access to APIs (i.e., client to API Management) using client certificates. we are going to validate the incoming certificate and check certificate properties against desired values using policy expressions.
-
Backup and Restore
Backup and Restore features helps you to implement a disaster recovery strategy. It should be used for replicating API Management service configuration between operational environments, e.g. development and staging.
-
Self-hosted gateway
With the self-hosted gateway, you can deploy a containerised version of the API Management gateway component to the identical environments where you can host your APIs. All self-hosted gateways are managed from the API Management service they're federated with, thus providing the visibility and unified management experience across all internal and external APIs.
-
Using policies
You can use various inbound, outbound and on-error policies to modify the APIs requests and responses. Some of frequently used policies are mentioned below:
Access restriction policies –
- Check HTTP header
- Limit call rate by subscription
- Limit call rate by key
- Validate JWT
Advanced policies –
- Mock Responses
- Control flow
- Forward request
- Limit concurrency
Transformation policies –
- Convert JSON to XML
- Convert XML to JSON
- Find and replace string in body
- Mask URLs in content
-
Transform and protect your API
Sometimes for security reasons you want to hide original info about the technology stack that is running on the back-end. You can also hide original URLs that appear in the body of API's HTTP response and instead redirect them to the APIM gateway.
-
Enabling CORS (Cross-Origin Resource Sharing)
CORS is required to let portal visitors use the interactive console in the API reference pages and can be enabled for domains, including custom domains.
Azure API Management offers an end to end solution for managing the lifecycle of your APIs. If you are starting your API journey or want to simplify and streamline your approach to APIs, Azure API Management service is a good choice.
