Microsoft Azure Api Management

Api-Management
There are a lot of companies that offer their information to third parties to integrate their business elsewhere on the Internet. When our information is important to others, the most common way of sharing is through Apis. This is sometimes not an easy task, since we must take into account quotas, authentication, caching, traffic analysis, call limit, etc. For all these reasons, Microsoft Azure provides us a new service called Api Management, which allows us to manage all our organization Apis in a centralized way.

Create an Api Management account

To use this service you must create an account through the Microsoft Azure portal:

Create an Api Management Service

We use the NEW option from the menu below and launch the wizard to create a new account:

Create an Api Management Service Wizard

In the first part of the wizard is necessary to indicate the name that will be part of the URL of the service, and the region where it will be located.

Create an Api Management Service Organization Name

Also we must choose the name of the organization and administrator email. The advanced options allow you to select the type of account (TIER) we need: Developer or Standard. This information can be changed later using the portal, SCALE section.

Accept the changes and wait to complete the task. This process can take several minutes.

Your Api management service was created

Once the account is created we have two portals: one for service management, independent of Microsoft Azure portal, and another for developers or users who will use the Apis. In the first one, we have a set of options that will allow us to add Apis, policies, modify the developer portal, etc.

Add Apis to the service

I’ve created a .NET Api to add it to Api Management add expose it to developers:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web.Http;

namespace WebApi.Controllers
{
    public class TestController : ApiController
    {
        static List<string> list = new List<string> { "Barney", "Robin", "Ted", "Lily" };

        // GET: api/Test
        public IEnumerable<string> Get()
        {
            return list;
        }

        // GET: api/Test/5
        public string Get(int id)
        {
            return list[id];
        }

        // POST: api/Test
        public void Post([FromBody]string value)
        {
            list.Add(value);
        }

        // PUT: api/Test/5
        public void Put(int id, [FromBody]string value)
        {
            if (id < list.Count)
            {
                list[id] = value;
            }
        }

        // DELETE: api/Test/5
        public void Delete(int id)
        {
            if (id < list.Count)
            {
                list.RemoveAt(id);
            }
        }
    }
}

Access the administration portal through either links Azure portal, MANAGE bottom menu button or through the link Management console. In the admin page use the ADD action in the Dashboard API or the APIs section, as shown in the image:

Add API

For a new Api we need a descriptive name, the URL where it is hosted (in this example have deployed my Api on Microsoft Azure Web sites, but could be in any other hosting) and the suffix by which we will refer to it in Api account Management.

Add New Api

Once it finished the wizard will take you to the new Api where we can create operations or methods that the developer can use. To do this just click on the ADD OPERATION option:

New Api Add Operation

To prove that I’ve created this example as simple as possible, using the convention of ASP.NET Web Api which we can use the same URL changing only the Http Verb in each request, to get, create, modify and delete elements. In the wizard New operation we register each of the operations using as URL /test, since it is the name of the controller of Web APIs, write a descriptive name for each action and use the appropriate HTTP Verb:

New operation GET

In those operations where necessary to obtain the id, just modify the URL template and add {id} to the end of the address, as shown in the following image:

New Operation URL template

Also we can choose the data type expected for that ID in the Request > Parameters section:

Api New Operation Request Parameters

This information will be used for the Api documentation. Once we have finished adding all operations, we can see the list of operations, in order to modify them in the future:

Api Operations

Products

If we want to expose an API to developers or customers, it must be contained within what is known as Product in Api Management. A product allows us to group several Apis, control access to them by groups and so on.

Api Management Products

For this example we will create a new product through ADD PRODUCT where we assign a name, a description (optional) and mark Require approval suscription:

Api Management Add New Product

Once created, we click on the new item in the list of the PRODUCTS section and add the Api we created in the previous step, through the ADD TO PRODUCT API option.

Add Api to product

The last step would be to publish it through PUBLISH option, so that It’ll be visible for developers:

Api Management Product Publish

Users and groups

For a user/client/developer can access the product previously created, it must have a user account within the Api Management. There are two ways to register a user: creating an account manually associating an email and password through the ADD USER, or by allowing the user to configure their own credential through an invitation using INVITE USER:

Api management Users ADD USER INVITE USER

If the user is created through invitation, it won’t be visible until the developer has chosen a password using the e-mail he received (you need to check the [email protected] address is not SPAM). Once the user has chosen password, you can access the PRODUCTS section and subscribe to our Api:

Api management product subscribe

As we selected the suscription Require approval option during the creation of the product, the user will receive the following message waiting for approval:

Api Management Product you'll be notified

When an administrator accesses the portal, he will see the Dashboard that some of the products have pending requests to approve/deny:

Api Management Dashboard Alert Product Request

Select the product and accept the new user access through the Subscription requests tab:

Api Management Suscription Request

From this point, the user will have access to the Api and will also assigned a token (subscription key) to access it.

Testing the Api

The last step of this post is we test the Api configured within Microsoft Azure Api Management. With the new user we have to access the new site via https://[ACCOUNT_NAME].portal.azure-api.net/ or by clicking the link Developer Portal. Select the APIS option where we can see the list of available apis and select the created during this post:

Developer portal APIS returngis

When you access any of them we can see the list of available operations on the left side and the option to open a terminal and launch requests or copy the client code in different languages​​:

Testing Api

This has been a general introduction to the new Api Management service, in order to understand what the intention is.

I hope this helps.

Happy clouding!