Skip to main content

Azure API Management (Day 24 of 31)

List of all posts from this series: http://vunvulearadu.blogspot.ro/2014/11/azure-blog-post-marathon-is-ready-to.html

Short Description 
Nowadays all features and functionality that is exposed by an online application needs to be exposed over an API also. We need to be able to integrate our system with custom devices and applications. Because of this it is important to be able to expose our system using a consistent API, easy to manage and maintain.
For things like this Azure API Management was introduce. Using this service we can publish our application to our clients (public or private way) in a scalable, secure with tracing and audit capabilities.


Main Features 
Traceability
It has the capability to monitor in real time the load, the number of connections and many more. In this way we can take decision in real time to scale. The audit can be consumed later on by an analytic system and detect patterns or make predictions.
Connect with multiple backends
We have the capability to connect multiple services using only one API endpoint. In this way we can expose our services in a consistent and uniform way.
API Documentation
We have the capability to generate a friendly and usable documentation for each functionality that we expose. In this way our API can be integrated more easily with external services.
JSON and RESTful
The API that is expose is exposed using RESTfull standards JSON format. Even if our backend is using old technology we can expose it using the modern one with minimal costs.
Scalability
The resources consumed by our system can scale up or down based on our needs. In this way we don’t have a system limited to a specific number of users.
Cache
Azure API Management has caching capabilities. This mean that we can cache the response of different services for a specific time period, reducing the load on our backend.
Load limit
There is full and configurable control on the number of requests that each client can do. Using this approach we can control when clients do more calls that they are allowed. On top of this we can limit the rate frequents of calls and responses.
Error Rate
Using the monitoring part of Azure API Management we can know the number of errors, use cases when this error appeared. Fixing issues and finding root cause is simplified.
Access Control
We have full control related to persons who has access to our API. One or more operations are grouped in a so called ‘product’. We can allow to different clients to use the operations that are exposed over a product.
Each client (client developer) has a subscription key that is used to access our API.
Access Management
We can control at a very small granular level who has access to our API, for what period and what kind of operations can be called.
Client subscription key
We don’t need to send to each client the subscription key. Once a client has access as client developer to our API he can access a small part of our management portal and manage his subscription key.
Guests
There is full support for API that can be accessed by anonymous users. This users are allowed only to see the API (Read Only) without the ability to access it.
Group Management
It allow us to create groups of users with different rights and permissions.
OAuth 2.0 and Certificates
There is full support for authentication using OAuth 2.0 protocol or based on certificates. In this way the service is flexible enough to support any kind of needs and requests.
Standard Unit
It is the scaling unit of Azure API Management.

Limitations 

  • One Standard Unit can handle 1K requests per second and can goes to even 2.8K requests per second.
  • Latency between 1 to 15ms.


Applicable Use Cases 
Below you can find some use cases when I would use Azure API Management.
API for clients that needs to pay a subscription
For use cases when clients pay the access to our API, Azure API Management can be used with success to control the access and measure how much resources each client consume.
Expose legacy system to the modern world
If we have legacy systems that works very good and we want to expose it in a modern way, that this could be a good solution for us.

Code Sample 

Pros and Cons 
Pros

  • Scalable
  • Secure
  • Easy to manage
  • Low Latency

Cons
-

Pricing 
When you need to calculate the cost of Azure API Management you should take into account the following:

  • Number of calls per day
  • Data transfer
  • Cache size


Conclusion
In conclusion we can say that Azure API Management it’s very useful when we want to expose in a consistent and secure way our API and functionality. You should reserve 1 hours and look over this interesting services.

Comments

Popular posts from this blog

Windows Docker Containers can make WIN32 API calls, use COM and ASP.NET WebForms

After the last post , I received two interesting questions related to Docker and Windows. People were interested if we do Win32 API calls from a Docker container and if there is support for COM. WIN32 Support To test calls to WIN32 API, let’s try to populate SYSTEM_INFO class. [StructLayout(LayoutKind.Sequential)] public struct SYSTEM_INFO { public uint dwOemId; public uint dwPageSize; public uint lpMinimumApplicationAddress; public uint lpMaximumApplicationAddress; public uint dwActiveProcessorMask; public uint dwNumberOfProcessors; public uint dwProcessorType; public uint dwAllocationGranularity; public uint dwProcessorLevel; public uint dwProcessorRevision; } ... [DllImport("kernel32")] static extern void GetSystemInfo(ref SYSTEM_INFO pSI); ... SYSTEM_INFO pSI = new SYSTEM_INFO(

ADO.NET provider with invariant name 'System.Data.SqlClient' could not be loaded

Today blog post will be started with the following error when running DB tests on the CI machine: threw exception: System.InvalidOperationException: The Entity Framework provider type 'System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer' registered in the application config file for the ADO.NET provider with invariant name 'System.Data.SqlClient' could not be loaded. Make sure that the assembly-qualified name is used and that the assembly is available to the running application. See http://go.microsoft.com/fwlink/?LinkId=260882 for more information. at System.Data.Entity.Infrastructure.DependencyResolution.ProviderServicesFactory.GetInstance(String providerTypeName, String providerInvariantName) This error happened only on the Continuous Integration machine. On the devs machines, everything has fine. The classic problem – on my machine it’s working. The CI has the following configuration: TeamCity .NET 4.51 EF 6.0.2 VS2013 It see

Navigating Cloud Strategy after Azure Central US Region Outage

 Looking back, July 19, 2024, was challenging for customers using Microsoft Azure or Windows machines. Two major outages affected customers using CrowdStrike Falcon or Microsoft Azure computation resources in the Central US. These two outages affected many people and put many businesses on pause for a few hours or even days. The overlap of these two issues was a nightmare for travellers. In addition to blue screens in the airport terminals, they could not get additional information from the airport website, airline personnel, or the support line because they were affected by the outage in the Central US region or the CrowdStrike outage.   But what happened in reality? A faulty CrowdStrike update affected Windows computers globally, from airports and healthcare to small businesses, affecting over 8.5m computers. Even if the Falson Sensor software defect was identified and a fix deployed shortly after, the recovery took longer. In parallel with CrowdStrike, Microsoft provided a too