There’s galaxy of connections to be made!
We connect your applications to the rest of the world
Towards the API economy
APIs are customizable software interfaces that enable once separate software components to effectively communicate by overcoming the inherent incompatibilities created by differing software platforms. APIs bring a high level of connectivity and data sharing to multiple applications, regardless of their platforms, data structures and underlying technologies. The innovative power of APIs has led to the realization that APIs can be a critical component of enterprise solutions that impact the operational bottom line, contributing to efficiencies, growth, and innovation. That, in turn, has created the API economy, which is loosely defined as the way APIs can positively affect an organization’s profitability.
Enabling new business models
According to research firm Gartner, APIs make it easier to integrate and connect people, places, systems, data, and algorithms, create new user experiences, share data and information, authenticate people and things, enable transactions and algorithms, leverage third-party algorithms, and create new product/services and business models. For many organizations, the API economy proves to be a viable avenue to creating new services and capabilities, which will ultimately lead to new avenues of revenue. With the mainstreaming of APIs and the popular services that make use of them, organizations will make APIs a serious factor in their business model.
Do we realise this
Your functional requirements represent what it is that you like your API to do. What business capabilities does the API expose to its consuming clients? Who is your audience: internal developers, external consumers, or both? What data and functions around these data does it make accessible? Your non-functional requirements will typically be a mix of security, controlled access and service level concerns such as performance, availability, response time. It also includes concerns with regard to data protection and downstream systems integrity.
From Swagger to proxies
Besides giving your API product a meaningful name and useful description, it’s important to define operations for what your API will do. We specify the data models that describe the request and response messages. We capture the API interface using a service description language. To describe RESTful APIs, we can use Swagger. We create an API product from scratch which exposes (‘proxies’) an existing resource. We implement applicable security constraints (security policies) and ensure proper caching, rate limiting, and other types of behavior. After we’ve developed your API, it’s time to test it in a test environment.
Once your API has been tested and reviewed, it can be deployed in production. Enterprise APIs, including cloud APIs, are typically hosted on API gateways that ensure the expected performance, security, and scalability requirements are met. To facilitate adoption of the API, we publish it in an API developer portal. We provide clear documentation that describes API functions and applicable use cases. We clearly explain any API security constraints that may apply and we indicate which ‘consumption plans’ are offered, if any.
Keep on running
After we’ve tested and deployed/published your API product, the work isn’t done. We now need to monitor your API to understand how it’s being used and how it performs. We monitor availability, response time and throughput as well as metrics such as developer engagement and consumption overview. In addition, API products will be subject to regular updates.
With Microsoft Azure’s API management
Microsoft’s Azure API Management is made up of an API gateway, a management plane, and a developer These components are Azure-hosted and fully managed by default. API Management is available in various tiers differing in capacity and features.
All requests from client applications first reach the API gateway, which then forwards them to respective backend services. The API gateway acts as a facade to the backend services, allowing API providers to abstract API implementations and evolve backend architecture without impacting API consumers. The gateway enables consistent configuration of routing, security, throttling, caching, and observability. Specifically, the gateway acts as a facade to backend services by accepting API calls and routing them to appropriate back-ends. It verifies API keys and other credentials such as JWT tokens and certificates presented with requests. It enforces usage quotas and rate limits, and transforms requests and responses as specified in policy statements If configured, caches responses to improve response latency and minimize the load on backend services. Furthermore, the APi gateway emits logs, metrics, and traces for monitoring, reporting, and troubleshooting.
API providers interact with the service through the management plane, which provides full access to the API Management service capabilities. Customers interact with the management plane through Azure tools including the Azure portal, Azure PowerShell, Azure CLI, a Visual Studio Code extension, or client SDKs in several popular programming languages. The management plane is used to provision and configure API Management service settings as well as to define or import API schemas from a wide range of sources, including OpenAPI specifications, Azure compute services, or WebSocket or GraphQL backends. It packages APIs into products, sets up policies like quotas or transformations on the APIs. It get insights from analytics and it manages users and API keys.
API Management integrates with many complementary Azure services to create enterprise solutions, such as Azure Key Vault for secure safekeeping and management of client certificates and secrets, Azure Monitor for logging, reporting, and alerting, application Insights for live metrics, end-to-end tracing, and troubleshooting, Azure Active Directory for developer authentication and request authorization. Event Hubs for streaming events and several Azure compute offerings commonly used to build and host APIs on Azure, including Functions, Logic Apps, Web Apps, Service Fabric, and others.