Search This Blog

API Management

  • API Management
  • Components: 
    • API GW: Azure API management is a matured API gateway. eg we use it with microservices architecture. 
    • Developer Portal: It's a website for your consumer. It is like a matured/ modern Swagger. It allows you to see the definations of your api. Submit request, get response from apis. You can customize the look and feel of a portal. 
    • Az Portal: Mocking of APIs is possible. Thus we can do testing of system to stimulate the backend system. 
APIM as  Gateway:
  • Response Cache: APIM can be used to cache the response and thus decrease the load on APIs. It has built in default cache mechanism. You can also configure cache policies like duration of cache and how response must be cached. 
  • Security: 
    • Authentication, Authorization using OAuth 2.0 or OpenID connect can be implemented here. 
    • APIM can be integrated with Azure EntraID. 
    • Rate Limiting and throttling. 
      • Error 429: Meaning too many request/sec. helps to stop this error by setting up the throttling point. It could be in 2 ways
        • Amount of data transferred. 
        • Rate of calls per Sec. 
    • IP Filtering and Geo Fencing. 
    • Protects the backend API from Public direct attack. 
    • Content filtering and validation can be done on request and response going through the APIM
  • API Management Policies: Policies are collection of XML statements they are used to execute an operation on request or response of an API.
  • Different Policies:
    • Check HTTP header: forces a particular format of http headers. 
    • You can use the validate-jwt policy to validate the JSON Web tokens for Open ID Connect authentication.
  • Policies: Inbound, outbound and backend [IMP]
  • Inbound Policies – These policies are executed when the API management API is called. This policy can be used when a human and/or browser-friendly URL should be transformed into the URL format expected by the web service
  • Backend Policies – These policies are executed when API management calls the Backend APIs. Forward the incoming request to the backend service specified in the request context
  • Outbound Policies – These policies are executed when API management returns the response to the caller.
  • To use an existing API (which uses an Open API specification) behind the Azure API Management service, you can use the Import-AzApiManagementApi command.
Pricing:
  • Developer: 
    • Non production only, 
    • No scaling, no SLA, No Service credit
    • YES AD integration.
    • 500 request/ Sec
  • Basic
    • 2 scaleout 
    • 50MB cache
    • 1200 request/ Sec
  • Standard
    • 4 scaleout 
    • 1GB cache
    • 2500 request/ Sec
    • 5 times expensive than Basic
  • Premium
    • 10 Scaleout per region
    • 5GB cache
    • Mutli region development. 
By

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)