API Management
Publish APIs to developers, partners, and employees securely and at scale.
Web Resources
Agenda
This article will provide a demonstration on how to utilize either SAS token authentication or managed identity from API Management to make requests to Azure Storage. Furthermore, it will explore and compare the differences between these two options.
Comparision
The choice between Managed Identity and SAS Token depends on factors such as the level of control required, the duration of access, and the specific security requirements of your application. Both options offer different levels of access control and security features for accessing Azure Storage.
Azure Managed Identity...
Introduction:
In the ever-evolving landscape of API development, dealing with legacy systems and formats is a common challenge. This blog post aims to assist you in leveraging Azure API Management (APIM) to address a specific scenario: transforming XML data to JSON and vice versa. We'll delve into the techniques supported by Azure API Management that allow you to bridge the gap between these formats seamlessly.
Understanding the Challenge:
Legacy systems often communicate using XML, while modern APIs tend to rely on JSON due to its simplicity and widespread support. In scenarios...
Introduction:
The Azure PaaS product API management allows to expose APIs hosted on Azure App Services, also known as webapps. The process of importing and publishing the App service is described in document: Import Azure Web App to Azure API Management ; however, on this article we will analyze what actions Azure Portal performs behind the scenes to complete the import and figure out the cause of common scenarios.
Steps to collect a Browser Trace: HAR
Troubleshooting:
Background steps to import a WebApp to API Management:
Once you clicked on the Azure Portal > APIM > APIs >...
Background introduction
API Management allow us to import a function app as an API, the UI offers a straightforward process to import the function app as described on this Microsoft public document. However, in this article we want to go beyond and explore what actions are performed in the background, it will allow us to understand the import process better and will help us dealing with issues while importing the function app.
Steps
Please review all the steps carefully, they are executed in the following order.
Note: The easiest way to see these steps is collecting a HAR trace.
1-...
Background introduction
When a Function App is added as an API in APIM, there are some authorization details we need to consider while communicating from APIM to the backend function app.
It does not matter what Authorization level (function or anonymous) the function app has configured, APIM will always attach a function host key to the request. The host key is attached to the request as a header. However, we may experiment unauthorized errors even though the function host key is present in the request header.
So, this article is focused on analyzing one of those scenarios when...
APIOps applies the concepts of GitOps and DevOps to API deployment. By using practices from these two methodologies, APIOps can enable everyone involved in the lifecycle of API design, development, and deployment with self-service and automated tools to ensure the quality of the specifications and APIs that they’re building.
Background Introduction
Azure Application Insights is a powerful tool for monitoring the performance and availability of your applications. By sending web requests to your application at regular intervals from Application Insight’s servers around the world, it can alert you if your application isn't responding or responds too slowly. Since it is a useful tool to check the server's availability, some users may integrate the availability test feature of Application Insight with the API management service.
As the Application Insights server is in the public network, we need to ensure...
This repository provides guidance, examples, and tools to help you achieve API DevOps with Azure API Management.
Each API Management pricing tier offers a distinct set of features and per unit capacity. This page summarizes the key features available in each of the tiers.
Background Information
As we all know, the API management service is nothing but a proxy that helps to forward the request and response between the client and the backend server. Ideally, the API Management server will maintain two connections: the one with the client side, and the one with the backend server. The backend server proceeds the request from APIM when SSL/TLS connection is successfully established between APIM and the backend server. However, if any of the elements within the SSL/TLS connection go wrong, the client server may receive a 500 BackendConnectionFailure error...
Since, well, the beginning of Azure API Management, you've been able to validate that the Json Web Token (JWT) coming into your Azure API Management service is valid before passing it onto the backend service. The validate-jwt policy is one of the most used policies within Azure API Management, will happily ensure your client applications are using the right client IDs, and have the right audiences and claims. Meanwhile, Azure Active Directory (AAD) is a mainstay of enterprise APIs, providing authentication and authorization controls for a wide variety of APIs from M365 APIs to...
This validate-content policy is very helpful while we need to validate the size or content of a request or response body against one or more supported schemas. In this blog, I would like to introduce how to use different Elements and Attributes in validate-content policy to implement multiple requirements of request payload based on JSON schema validation.
We will cover two sections below mostly:
Using API level schema definition to restrict request payload
Using Service level schema definition to restrict request payload
Section1: Using API level schema definition to restrict request...
This e-book is designed for technical leaders tasked with establishing a new API program for their organization or maturing an existing program. It will provide insights and decision factors based on established practices in organizations with successful API programs.
This hands-on-lab will guide you through the different concepts around Azure API Management, from the creation to the DevOps, including good practices in terms of versioning, security and so on. It is designed to bring customers and partners to a 200-level understanding of Azure Api Management. This is meant to be a hands on lab experience, all instructions are provided, but a basic level of understanding of apis is expected(http operations, networking basics, openapi, rest, soap, oauth2 and other concepts).
Learn how to turn your data into a competitive edge by exposing your APIs. Read stories from companies who have used Azure API Management to create new value for their customers and advance their company’s digital transformation.