Events
Mar 17, 11 PM - Mar 21, 11 PM
Join the meetup series to build scalable AI solutions based on real-world use cases with fellow developers and experts.
Register nowThis browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
APPLIES TO: All API Management tiers
This article provides an overview of common scenarios and key components of Azure API Management. Azure API Management is a hybrid, multicloud management platform for APIs across all environments. As a platform-as-a-service, API Management supports the complete API lifecycle.
Tip
If you're already familiar with API Management and ready to start, see these resources:
APIs enable digital experiences, simplify application integration, underpin new digital products, and make data and services reusable and universally accessible. With the proliferation and increasing dependency on APIs, organizations need to manage them as first-class assets throughout their lifecycle.
Azure API Management helps organizations meet these challenges:
Common scenarios include:
Tip
Visit aka.ms/apimlove for a library of useful resources, including videos, blogs, and customer stories about using Azure API Management.
Azure API Management is made up of an API gateway, a management plane, and a developer portal, with features designed for different audiences in the API ecosystem. These components are Azure-hosted and fully managed by default. API Management is available in various tiers differing in capacity and features.
All requests from client applications first reach the API gateway (also called data plane or runtime), which then forwards them to respective backend services. The API gateway acts as a facade to the backend services, allowing API providers to abstract API implementations and evolve backend architecture without impacting API consumers. The gateway enables consistent configuration of routing, security, throttling, caching, and observability.
Specifically, the gateway:
With the self-hosted gateway, an API provider can deploy the API gateway to the same environments where they host their APIs, to optimize API traffic and ensure compliance with local regulations and guidelines. The self-hosted gateway enables organizations with hybrid IT infrastructure to manage APIs hosted on-premises and across clouds from a single API Management service in Azure.
The self-hosted gateway is packaged as a Linux-based Docker container and is commonly deployed to Kubernetes, including to Azure Kubernetes Service and Azure Arc-enabled Kubernetes.
More information:
API providers interact with the service through the management plane (also called control plane), which provides full access to the API Management service capabilities.
Customers interact with the management plane through Azure tools including the Azure portal, Azure PowerShell, Azure CLI, a Visual Studio Code extension, a REST API, or client SDKs in several popular programming languages.
Use the management plane to:
The open-source developer portal is an automatically generated, fully customizable website with the documentation of your APIs.
API providers can customize the look and feel of the developer portal by adding custom content, customizing styles, and adding their branding. Extend the developer portal further by self-hosting.
API consumers such as app developers access the open-source developer portal to discover the APIs, onboard to use them, and learn how to consume them in applications. (APIs can also be exported to the Power Platform for discovery and use by citizen developers.)
Using the developer portal, API consumers can:
For organizations that want to empower decentralized teams to develop and manage their own APIs with the advantages of centralized API governance and discovery, API Management offers first-class support for a federated API management model with workspaces.
In API Management, workspaces bring a new level of autonomy to an organization's API teams, enabling them to create, manage, and publish APIs faster, more reliably, securely, and productively within an API Management service. By providing isolated administrative access and API runtime, workspaces empower API teams while allowing the API platform team to retain oversight. This includes central monitoring, enforcement of API policies and compliance, and publishing APIs for discovery through a unified developer portal.
More information:
API Management is offered in a variety of pricing tiers to meet the needs of different customers. Each tier offers a distinct combination of features, performance, capacity limits, scalability, SLA, and pricing for different scenarios. The tiers are grouped as follows:
More information:
API Management integrates with many complementary Azure services to create enterprise solutions, including:
More information:
APIs are the foundation of an API Management service instance. Each API represents a set of operations available to app developers. Each API contains a reference to the backend service that implements the API, and its operations map to backend operations.
Operations in API Management are highly configurable, with control over URL mapping, query and path parameters, request and response content, and operation response caching.
More information:
Products are how APIs are surfaced to API consumers such as app developers. Products in API Management have one or more APIs, and can be open or protected. Protected products require a subscription key, while open products can be consumed freely.
When a product is ready for use by consumers, it can be published. Once published, it can be viewed or subscribed to by users through the developer portal. Subscription approval is configured at the product level and can either require an administrator's approval or be automatic.
More information:
Users (API consumers) can be created or invited to join by service administrators, or they can sign up from the developer portal. Each user is a member of one or more groups, and can subscribe to the products that grant visibility to those groups.
API Management has the following built-in groups:
Developers - Authenticated developer portal users that build applications using your APIs. Developers are granted access to the developer portal and build applications that call the operations of an API.
Guests - Unauthenticated developer portal users, such as prospective customers visiting the developer portal. They can be granted certain read-only access, such as the ability to view APIs but not call them.
API Management service owners can also create custom groups or use external groups in an associated Microsoft Entra tenant to give users visibility and access to API products. For example, create a custom group for developers in a partner organization to access a specific subset of APIs in a product. A user can belong to more than one group.
More information:
Workspaces support a federated API management model by allowing decentralized API development teams to manage and productize their own APIs, while a central API platform team maintains the API Management infrastructure. Each workspace contains APIs, products, subscriptions, and related entities that are accessible only to the workspace collaborators. Access is controlled through Azure role-based access control (RBAC). Each workspace is associated with one or more workspace gateways that route API traffic to its backend services.
More information:
With policies, an API provider can change the behavior of an API through configuration. Policies are a collection of statements that are executed sequentially on the request or response of an API. Popular statements include format conversion from XML to JSON and call-rate limiting to restrict the number of incoming calls from a developer. For a complete list, see API Management policies.
Policy expressions can be used as attribute values or text values in many of the API Management policies. Some policies such as the Control flow and Set variable policies are based on policy expressions.
Policies can be applied at different scopes, depending on your needs: global (all APIs), a workspace, a product, a specific API, or an API operation.
More information:
Complete the following quickstart and start using Azure API Management:
Events
Mar 17, 11 PM - Mar 21, 11 PM
Join the meetup series to build scalable AI solutions based on real-world use cases with fellow developers and experts.
Register nowTraining
Module
Explore API Management - Training
Learn how the API Management service functions, how to transform and secure APIs, and how to create a backend API.
Certification
Microsoft Certified: Azure Administrator Associate - Certifications
Demonstrate key skills to configure, manage, secure, and administer key professional functions in Microsoft Azure.
Documentation
Feature-based comparison of Azure API Management tiers
Compare API Management tiers based on the features they offer. See a table that summarizes the key features available in each pricing tier.
Learn more about the features of the API gateway component of Azure API Management. API Management offers both Azure-managed and self-hosted gateways.
Learn how to use API Management to publish APIs to external, partner, and employee developers securely and at scale. Shows you how to create and manage modern API gateways for existing backend services hosted anywhere.