Transcription
Azure API Management
Ing. Andreas PollakSpectoLogic e.U.www.spectologic.com
AgendaWhat is API-Management and why do I need it?Create & ConfigureProductsAlternative AuthenticationDelegationPolicies & SecurityConfiguration versioning with GITAnalytics & ReportsPricing
What is API Management?
Azure API ManagementDevelopersDeveloper )Publisher PortalASP.NET, PHP,NodeJS, Java,Ruby,
API Apps & API ManagementAPI AppsAPI ManagementHostingMonitorSimple Access ControlThrottleCORSManipulateTrigger/Action (Logic App)Consolidating
DEMOCreate API ManagementUp to 60 Minutes !Proxy (name.azure-api.net)Portal (name.portal.azure-api.net)Management (name.management.azure-api.net)SCM (name.scm.azure-api.net)
VPN Connection
External VPN
Internal VPN
DEMOAdd an API
ProductsUser(s)Product(s)Group(s)Rate limits & quotasAPI(s)
DEMOCreate a productSubscribe to a product
using Azure AD to sign up/in API ManagementAzure Active Directory,FB, Google, Azure API Management DevelopersGateway
DelegationHandle Authentication (SignIn/Up)Handle Product Subscription
Delegation Authentication ProcessDeveloperManagement APIMy Company SiteProtected WebPage[Anonymous] Product PageCorporateDelegation HandlerCorporateSignUp/In ProductProtected WebPage[Authorized]CorporateDelegation Handler
n
Cors*.spectologic.com/api/calc*.spectologic.comAPI MGMTGateway*.azurewebsites.com/api/calc
DEMOAdd a CORS policy
Request Throttling PoliciesRequestRequestAPI MGMTGatewayRequestToo many requests!Request3 requestsDestination
DEMOThrottling Policy
Validating bscription-keySubscription KeyAPI MGMTGatewayDestination
Properties in policiesPropertiesKey/Value Repository
DEMOValidating JWT tokens
More access restriction policiesSet-HeaderCheck-HeaderIP-Filter
HTTP-request ponse
Integrating with SLACK
Securing the backendClient Certificates Azure API Management ApplicationsGatewayBackendService
Securing APIs with OAuth2 / OpenID ConnectAzure API ManagementDevelopers GatewayApplicationsAzure ActiveDirectory Implicit/AuthCodeBackendService
Securing APIs with AAD - OAuth2Azure Active DirectoryAAD ApplicationAAD ApplicationApplicationAzure API MGMTOAuth 2.0 Configresource AppID-UriBackend Service
Securing APIs with AAD - OAuth2Azure Active DirectoryAAD ApplicationClientIDClient ermissionAAD ApplicationClientIDClient ermissionAAD ApplicationClientIDClient cationAzure API MGMTOAuth 2.0 Configresource AppID-UriBackend Service
Caching with API ManagementImproving Performance
Advanced CachingFragment Caching cache-lookup-value cache-store-value
API Management GIT-Configuration [Preview]multiple configuration versionssyncing of multiple tenants (Test Production)utilizing git workflow for collaborative editingtext-file based configurationsecrets from properties are kept in database only!
API Management GIT-ConfigurationInternalAPI MGMTDatabaseRequest to cloneconfig data to GITRequest to updateconfig data from GITGIT repositoryModify & Commit
Analytics & Reports
PricingPricingDeveloperStandardPremiumPrice 1.34 / day( 41.31 / mo) 19.02/dayper unit( 589.51 /mo) 77.50/dayper unit( 2,402.48 /mo)API Calls (per unit)32 K / day( 1 M / month)7 M / day( 217 M / month)32 M / day( 1 B / month)Data Transfer (per unit)161 MB / day( 5 GB / month)32 GB / day( 1 TB / month)161 GB / day( 5 TB / month)Cache10 MB1 GB5 GBScale-outN/A4 unitsContact us for moreUnlimitedSLAN/A99.9%99.95%Multi-Region DeploymentNoNoYesAzure Active DirectoryIntegrationUnlimited User AccountsNoUnlimited User AccountsVPNYesNoYesAdditional Data TransfersStandard Data Transfersrates applyStandard Data Transfersrates applyStandard Data Transfersrates apply
THANK YOU
ResourcesPapersWhitepaper CITO Research –Cloud-based API Management: Harnessing the Power of APIsHarvard Business ReviewGeneralAPIM OverviewConfiguration over GITTeam-Blog of Azure API ManagementLoggingHow to log to Event HubsAAPIM and Azure Event Hubs Integration
ResourcesPoliciesSend Request and Return Response PoliciesAdvanced Request Throttling with Azure APIMAPIM How to PoliciesAPIM Adanced PoliciesCORS Policy
ResourcesAuthorization & DelegationHow to authorize developer accounts with AADDelegation ProcessPricingPricing
Fragment Caching cache-lookup-value cache-store-value . API Management GIT-Configuration [Preview] multiple configuration versions syncing of multiple tenants (Test Production) utilizing git workflow for collaborative editing text-file based configuration secrets