Azure API Management
What are the allowed options for the backend API host, in order to integrate with Azure APIM?
The advantage of Azure APIM lies in its ability to provide complete abstraction and separation layer to the complexities of the backend API strategy. Hence, any API hosted on premise , or other cloud provides, or any Azure service like Azure Functions, Azure Logic Apps, Containers, Microservices, Azure Web API etc.
How to enable a blanket policy for all APIs in line with an organization’s compliance requirements?
While Azure provides built in Policies covering a whole lot of frequently needed rules on request and responses, it is also possible to customize these policies. Additionally, Policy Fragments is another way , where one can create a custom reusable XML based policy that can be included in any other policy document.
How are policies evaluated if multiple are applied?
If there are multiple policies, then evaluation is done sequentially
Is it possible for Developer Portal URL to contain organisation domain name ?
Yes. Be default the developer portal URL and gateway URL uses the *.azure-api.net subdomain. One can configure a custom domain for gateway and/or developer portal to point to company name. The URL would then look like for eg: demo-mockapi.developer.mycompany.com
How to prevent guest or anonymous access to the developer portal ?
Subscription Key based approach is good approach to limit unwanted access. However, if it is a strict requirement to allow access to developer portal only to registered users, then one workaround is to force the Sign In page so anonymous users and login or sign up to use the developer portal. Select Identities from Navigation Blade of API service instance -> Click Settings -> Check Redirect anonymous users to sign-in page. Now all users that arrive at the Developer Portal will need to sign in/sign up.
What Is Azure API Management ?
Azure API Management Service is a PaaS (Platform as a Service) offering by Azure. This service provides a secure way to publish and manage the APIs created by on-premise or cloud backend services. Azure APIM service acts as an intermediate layer between the backend applications that hold the code behind the API endpoints and the consumers of the API endpoints.
This platform as a service offering provides easy management of the APIs by way of many built-in policies that control requests and responses, built-in authentication methods, and monitoring capabilities.