Azure is a powerful integration Platform as a Service (iPaaS) within Microsoft's public cloud. While its benefits are undeniable, some concerns persist, notably regarding the security of sensitive URLs. With a focus on IP Address filtering, this blog sheds light on how Azure Logic Apps can offer robust governance solutions, ensuring data protection for your organization.
Check out how we imported a Logic App as an API and tested the imported API to Azure API Management for an American Discount Supermarket Retail Client.
For the client, we have designed and implemented various logic app workflows for middleware integration. To expose the logic app to external vendors or any system internally, we used to create proxy URLs for the logic apps and provided them wherever needed. We have done it using APIM, which is a very powerful tool of Azure cloud.
Azure API Management supports the automated import of a Logic App (Consumption) resource, which runs in the multi-tenant Logic Apps environment.
Prerequisites of Azure API Management Services
- Create an Azure API Management instance if it does not exist in our subscription.
- We should have a Consumption plan-based Logic App resource in our subscription that exposes an HTTP endpoint.
What is the Logic App?
Azure Logic Apps streamline task automation and workflow management in the cloud. It facilitates seamless integration of applications, data, systems, and services across organizations. Whether operations are in the cloud, on-premises, or both, Logic Apps offer an efficient API management solution for integrating various aspects of business processes.
What is APIM?
Azure API Management is a platform that helps manage Application Programming Interfaces (APIs) across various environments. This hybrid solution works seamlessly across multiple clouds, facilitating efficient control and handling of APIs. It supports the complete lifecycle of APIs, from creation to deployment and beyond, simplifying the process for developers and businesses.
How Does Azure API Management Services Work?
- Azure API Management accepts API calls in the form of HTTP requests.
- Azure API Management services securely routes the HTTP requests to Logic Apps.
- Each HTTP request triggers a run in Logic Apps:
- Logic Apps uses secured template parameters to retrieve database credentials from Azure Key Vault, if any.
- Logic Apps Execution will be monitored if monitoring.
- Similarly, logic apps may have various actions to perform the task.
What are the Benefits of Azure API Management?
Azure API Management services assists clients in addressing the following challenges:
- Shielding API consumers from the intricate and diverse back-end architecture
- Securely exposing both Azure-hosted and external services as APIs
- Safeguarding, expediting, and monitoring APIs
- Facilitating the discovery and usage of APIs for both internal and external users.
Common Scenarios Include:
- Legacy asset modernization: APIs provide a means to update and modernize legacy back-ends, enabling access from contemporary applications and cloud services without the risks and costs associated with migration.
- App integration centered on APIs: APIs serve as easily consumable, standardized, and self-descriptive tools for exposing and accessing data, applications, and processes, simplifying and reducing the costs of application integration.
- Diversified user experiences: APIs frequently facilitate user experiences across various channels, including web, mobile, wearable, and Internet of Things applications. Leveraging APIs for development acceleration and improved returns on investment is common practice.
- Streamlined B2B integration: Exposing APIs to partners and customers reduces the barriers to integrating business processes and exchanging data among different entities. APIs eliminate the complexities of point-to-point integration, especially when self-service discovery and onboarding are enabled, making them crucial for scaling B2B integration.
Implementation of API Management Services:
- Navigate to your API Management Instance:
- Open the Azure portal and locate API Management Services using the search function.
- On the page for Azure API Management services, choose your specific API Management instance.
- Import and publish a back-end API
- Find your API Management service in the Azure portal, then click on "APIs" in the menu.
- Choose Logic App from the list of new APIs to add.
- Press Browse to see the list of Logic Apps with HTTP triggers in your subscription.
- Logic apps without HTTP trigger will not appear in the list.
- Select the logic app.
- AP API Management locates the related swagger linked to the chosen application, retrieves it, and then imports it.
- Include a URL suffix for the API.
- The suffix serves as a distinctive identifier for this particular API within the API Management instance.
- If you wish to publish the API and make it accessible to developers, navigate to the Full view and link it to a Product. In this illustration, we are utilizing the "Unlimited" product.
- You have the option to include your API in a product either during its initial creation or at a later stage through the Settings tab.
Products represent groupings of one or more APIs accessible to developers via the developer portal. Initially, developers must subscribe to a product to gain access to the API. Subsequently, upon subscription, they receive a unique subscription key for any API within that product. As the creator of the API Management instance, you possess administrator privileges and are automatically subscribed to all products.
- Every Azure API Management instance is equipped with two predefined sample products.
- Enter other API settings.
- You have the option to configure these values either during the initial setup or later by accessing the Settings tab.
- Select Create.
In This Way, we can import our logic apps to Azure APIM.
- Test the API in the Azure portal.
Operations can be directly accessed and tested through the Azure portal, offering a convenient method to evaluate and examine the functionality of an API.
- Choose the API you created.
- Press the Test tab.
- Select the operation you want to test.
- The page exhibits sections for query parameters and headers.
- Among the headers, there exists an "Ocp-Apim-Subscription-Key" field designated for the product subscription key linked with this particular API.
- Given your role as the creator of the API Management instance, an automatic population of the key is implemented, thereby eliminating the need for manual input.
- Press Send.
- When the test succeeds, the back-end responds with 200 OK and data.
You can also configure logic apps from API management, which is extremely useful as a single point of entry for all your APIs spanned across multiple applications. Using this approach, you can also handle complex opportunities to leverage Azure API management services.