Setting up Azure API Management Service - Netwoven
Blog

Setting up Azure API Management Service

By Debashis Mandal  |  Published on July 21, 2021

Setting up Azure API Management Service

This article is about utilizing Azure API Management Service being used in a context and need was felt when a situation was experienced while working in a project. I am working in a product which is a multi-tenant app. This app uses it’s APIs for different tenants. The difficulty was to restrict access to different tenants with same function key as our APIs were built on top of Azure Functions. Now to mitigate this issue we implemented the API management service. It not only helped us to separate subscription keys for different tenants but also it helped us to restrict API calls and we got insights of its uses. Now we are planning to scale it by analyzing load in insights.

The Microsoft reference for setting up API Management Service is given here.

Overview of API Management

A managed API program can be exposed with backend using the Azure API Management as the Gateway Service.

Instead of clients sending requests directly to individual services, they send them to an API gateway. Creating modern API Gateways with existing backend services hosted in Azure can also protect them from abuse or overuse. This can also give insights of usage and health.

Developer portal helps to onboard partners/ developers API, programming up and running.

Setup of Azure API Management

Create API Management Service

To start with, go to API Management Service and create a new service. Fill in the details as described in the following image.

Setting up Azure API Management Service

The provisioning process might require a little wait time to confirm completion. Once provisioning completes, open the resource and click on “APIs” link under APIs section.

On the following screen APIs can be created from multiple sources like WSDL file generated by Swagger, Logic App, Open API etc. This article demonstrates with “Function App”.

Setting up Azure API Management Service
Setting up Azure API Management Service

Fill in the details to map existing Function App and its APIs.

Setting up Azure API Management Service

Click on “Select” to get a list of APIs available under the Function App.

You may also like: Learn how to proactively identify and protect your sensitive information

Setting up Azure API Management Service

Select the APIs that should be exposed in API Management and click “Select” to create APIs.

Subscription Management

To create subscription, create a Product first and check the following check boxes:

  • Requires Subscription
  • Requires Approval
Setting up Azure API Management Service

Fill in rest of the details and click “Create”. In the APIs section, select from the created APIs. Then select “Settings”. There under “products” select the newly created product.

Policies in Azure API Management

In Azure API Management, policy is an omnipotent capability of the system that allows the publisher to change the behavior of API through configuration. They are applied inside the gateway which sits between the API consumer and the Management APIs.

To set policy, click on any API and click the code icon in the “Inbound processing” section.

Setting up Azure API Management Service

Turn on the “Show Snippets” to view the list of available policies.

For example, click on “Limit call rate per subscription” from “Access restriction policies”

Setting up Azure API Management Service

In this example, the code snippet shows that the call is restricted upto 5 times in 5 seconds per subscription.

Similarly, other policies can be added in inbound/outbound sections.

Developer Portal

Click on “Developer Portal” in the APIs section to open up the developer portal.

Setting up Azure API Management Service

First time users require to Sign Up, else Login.

In any case, a login will be required for the Developer Portal.

Now subscribe to the product that was created. Once someone opts for a subscription, it will appear in “Subscriptions” link in Azure. After approving the subscription, developer will be able to see the subscription key which will be used to call the APIs.

Setting up Azure API Management Service
Code samples

By clicking on the name of the API, its details and code snippets in multiple languages can be viewed.

Setting up Azure API Management Service

Below is a sample code in C# to call this APIs:

Setting up Azure API Management Service

Replace the subscription key with the key available in Profile section under Developer Portal.

Benefits

We have a multi-tenant application where APIs are being served to different tenants. The problem was previously before implementing API Gateway was that the same function key was being shared by all the tenants. This was a security flaw. Here in this approach, we get different subscription keys for different tenants and we share that key with them so that with the help of that key they can consume our APIs. Another benefit we got that we could limit the usages of APIs for different tenants and could get the insights of the API calls. In the next step we are going to leverage the scaling of this service. In summary, we felt that the API Management Service helped us in few ways.

  • Independent development and freedom to choose technology
  • Independent deployment and release cycle
  • Granular scaling
  • Secure and optimize your APIs
  • Get insights of your APIs
  • Controlled access
  • Fault isolation

Download the Datasheet to learn more about Netwoven’s Information Protection and Compliance service.

Download the Solution Brief to learn how Netwoven’s solution proactively identifies and protects your sensitive data.

Leave a comment

Your email address will not be published. Required fields are marked *

Unravel The Complex
Stay Connected

Subscribe and receive the latest insights

Netwoven Inc. - Microsoft Solutions Partner

Get involved by tagging Netwoven experiences using our official hashtag #UnravelTheComplex