Read more
From our Integration experts
Why Azure API Management is the solution for a good API strategy
22 Nov, 2023
No IT organization can do without an API strategy anymore
Almost all data and processes are accessed through APIs. More than 80 percent of Web traffic consists of API calls. And in our own networks, too, we are constantly using this technology. With Azure API Management your organization is able to securely and insightfully access all your data and processes. In this blog, I'll tell you why Azure API Management is the solution for a good API strategy.
By Eldert Grootenboer, Technology Lead Azure & Integration and Microsoft MVP Azure
Two types of API personae
When we talk about APIs, we can distinguish between two types of API personae: services and data, and connected experiences. The services and data are your APIs, for which you want to grant access to the outside world. These can run in Azure, as well as on-premises, at other cloud providers, or on SaaS services. The connected experiences are the buyers, who want to use your data and services. These can be APIs, but also websites, devices and more.
Azure API Management
Azure API Management works as follows: this solution is placed between services and data and connected experiences, and acts as a facade. In this situation, the connected experiences no longer know about the backend, but only connect to API Management. Here they have a single access point where all APIs are made available. These APIs can be a direct representation of the services in the backend, or an abstraction where only certain operations are accessed (or even composite APIs consisting of operations from various APIs in the backend).
Three Pillars of Azure API Management
Azure API Management consists of three pillars:
1. Azure Portal
In this, you configure your APIs and the service. Policies also enable you to make your APIs smarter here. Policies are xml snippets that allow you to add functionality to your APIs. Such as the caching policy. This allows you to add caching to an existing API without having to modify it yourself. There are many different policies, with as many possibilities. These can include setting up security, using OAuth, certificates or basic authentication. You can also apply validations, which allow you to validate the payload of messages before they are passed to the backend. Or transformations, which allow you to transform both messages and protocols.
2. Gateway
Or the API Management service itself. This is the instance of API Management within which the APIs live that are defined, policies are executed and routing of frontend and backend calls takes place. The connected experiences connect to the gateway and thus have one access point for all APIs. Moreover, you can implement this so that they also always have a unified way of authenticating, regardless of the authentication used by the backend services. This makes it much easier for your buyers to purchase the services. In addition, all the traffic going through API Management is made transparent, providing a clear picture of who is using the APIs, when, how often, etc. These insights are all made available in the portal in a clear way, and you can apply monitoring to this as well.
3. Developer Portal
This is a website where developers building connected experiences can see at a glance what services are available to them. They can also request a subscription to an API here, then after an approval step (if required), they can access the API. In addition, within the developer portal, they can also invoke the APIs right away. This allows them to immediately see what data is expected and what responses will be returned, without having to set it up in their own application first.
A wide range of benefits
In short, Azure API Management offers a host of benefits. Being able to access and view all APIs ensures that they are always under your governance. And thanks to the many policies available, you can make APIs smarter, without requiring any development on the APIs themselves. Finally, it ensures that you always unlock all APIs in a secure way, and insight is present into who has access to which data and processes. This is why Azure API Management is the solution for a good API strategy.
Connect with us
Our Integration Teams are ready to help!