Overall Satisfaction with Azure API Management
API Management is being used to externalize, modernize, and secure our API set. As part of our strategy to open up and integrate more with our clients and patients we chose to leverage API Management as our main gateway to health data and submission of orders. API management takes away a lot of the headaches associated with externalizing web services and API sets. Things like versioning, enabling both XML and JSON even though the back-end service is only XML, providing a developer portal and subscription keys... there is a lot more that makes this well worth the costs.
- Developer portal - while a little rough around the edges, it works well and provides a tidy UI for externalizing your APIs. Developers can register themselves and request and manage subscriptions to products/APIs. The site is customizable too - though that process is a little cumbersome. The sign-up process even has customizable email templates for verification.
- Flexible - there are a lot of customizations that are possible through the use of API policies. This could be transforming XML to JSON or vice versa, modifying headers, restricting parameters, redirecting to different end-points depending on the message body... the sky is the limit as to what you can do.
- Management - the structure of how APIs are managed is well thought-out. It makes it quick to start standing up new APIs and versioning them. Additionally, the analytics provided are also very helpful in diagnosing possible bottlenecks or unusual usage.
- Cost - the upfront cost is a bit restrictive. I've been told it is because there are a few underlying VMs that are running this service. So if you're just starting out with API management, it can be an expensive proposition. Value increases as you add additional APIs. If you're using Azure B2C for the developer portal, you'll require Standard or Premium since they support AAD integration.
- Security granularity - at time of writing, APIM doesn't support breaking out operations to products. For example, if you have an API that has a GET and a POST operation, and you want the POST operation to require a different subscription. There is a work around, but it makes management a bit messy.
- Developer and Publisher portal - it's a little weird. Microsoft hasn't migrated all the publisher portal functionality into the "native" Azure portal. So some of it feels a little weird - especially when working with the content management side of things for the developer portal.
- Scaling - while it's easy to scale up, the cost of APIM ramps up very quickly. Standard -> Premium is a 4x jump.
- + APIM has made management of various APIs across multiple LOBs easier and provides a common front-end for our 3rd party developers.
- + APIM as a gateway for our APIs has made things more secure and provided more insight into API usage patterns.
- - The cost of APIM is high, however with each additional API we add, we get more value.
Azure APIM vs Amazon API Gateway:
1) Azure APIM was a complete package that included a developer portal.
2) We are very Microsoft centric - so the Microsoft product suite aligned very well with our business needs.
3) It was faster and easier to stand up Azure APIM for testing than it was for the Amazon API Gateway.
APIM is useful for the standard scenarios:
1) Securing your back-end APIs - If you have a legacy back-end web service that has a basic authentication scheme, you can add some additional security by placing APIM in front, and requiring subscription keys. Leverage your existing firewall to ensure only your APIM instance can communicate with your back-end API, and you've basically added a layer of protection.
2) Lift and shift - there are always going to be clients that don't want to update their clients to use a newer API; in some cases you can make a newer API look like an older one by implementing some complex policies in APIM. You can also do the opposite, making older APIs look new, such as making an XML back-end accept both JSON and XML.
3) Centralizing your APIs - if you've acquired another company and want to make their API set look as if it's a part of the larger whole, APIM is an easy way to provide a consistent front-end interface for developers.
Azure API Management Feature Ratings
Evaluating Azure API Management and Competitors
- Product Features
- Product Usability
- Product Reputation
- Vendor Reputation
- Existing Relationship with the Vendor
We have an existing relationship with Microsoft. They are a very reputable company, and coupled with a solid product, using Azure APIM made the most amount of sense. The biggest detractor was price, however APIM is priced competitively with others in the market. It's hard to go wrong with a Microsoft product.
With the evaluation process, I may have expanded the scope to additional vendors. While we looked at the big players - Microsoft and Amazon - the complexity of APIM means that it requires a lot of time to evaluate each vendor. There simply wasn't enough time to evaluate a third option.