In this presentation, Microsoft MVP & BizTalk360 Senior Software Engineer Sunny Sharma gives a deep look into Securing & Optimizing APIs using Azure API Management.
Secure and Optimize APIs using Azure API Management
1. PRESENTS
MICROSOFT GTSC, Bengaluru March 25, 2017
Powered by Brought to you by
Sunny Sharma
Senior Software Engineer, BizTalk360, Microsoft MVP
Secure and Optimize APIs using Azure API Management
2. âIn little more than a decade, APIs
have transitioned from relative
obscurity to become the âdigital glueâ
that empowers developers to create
new software applications,
partnerships and even new businesses.
This business-to-developer market is
quickly becoming one of the fastest
growing opportunities within cloud
computingâ
4. So you want an API program?
⢠How do you engage with developers?
⢠How do you reduce TTFSC?
⢠How do you enforce your business policies?
⢠How do you make your legacy API modern?
⢠How do you understand their behavior?
⢠How do you protect your core business systems?
8. API Gateway
⢠Accepts API calls and routes them to your backends.
⢠Verifies API keys, JWT tokens, certificates, and other credentials.
⢠Enforces usage quotas and rate limits.
⢠Transforms your API on the fly without code modifications.
⢠Caches backend responses where set up.
⢠Logs call metadata for analytics purposes.
9. Publisher Portal
⢠Define or import API schema.
⢠Package APIs into products.
⢠Set up policies like quotas or transformations on the APIs.
⢠Get insights from analytics.
⢠Manage users
10. Developer Portal
⢠Accepts API calls and routes them to your backends.
⢠Verifies API keys, JWT tokens, certificates, and other credentials.
⢠Enforces usage quotas and rate limits.
⢠Transforms your API on the fly without code modifications.
⢠Caches backend responses where set up.
⢠Logs call metadata for analytics purposes.
12. Features at a glance
Developer Experience
Self-Registration
Subscriptions
Documentation
Console
Issues Forum
Dashboard
Admin Experience
API specification
Product management
Policies Editor
Developer management
Content management
Configurable notifications
Security
Custom developer ID
Social Developer ID
API key authentication
Basic Authentication
Proxy & Policies
Call and bandwidth quotas
Rate limit
Caching
HTTPS
Authenticate with Basic
CORS / x-domain calls
Find and replace string
Re-write URL
Mask URLs
JSONP
JSON to/from XML
Set header or parameter
IP filter
Wildcard operations
Reports
Calls
Bandwidth
Cache hits/misses
Status codes
API and service response time
Proxy response time
Filter any report by product API
Operation