Azure API Management Policies and Security

Lab Steps

lock
Logging in to the Microsoft Azure Portal
lock
Creating an Azure API Management Instance
lock
Defining Your API in API Management
lock
Using API Management Policies to Manipulate Responses
lock
Authenticating Requests with API Management Subscriptions
lock
Starting an Azure Cloud Shell
lock
Securing API Management APIs with Client Certificates

The hands-on lab is part of this learning path

Ready for the real environment experience?

DifficultyIntermediate
Time Limit1h 30m
Students311
Ratings
4.4/5
starstarstarstarstar-half

Description

API Management (APIM) is Azure's API gateway service allowing you to create consistent, modern APIs for a variety of backend services. APIM provides powerful capabilities, such as rate-limiting, quotas, and security. These capabilities can be applied to existing backend services without requiring any additional code.

This lab explores some of these capabilities using a backend service hosted on Azure App Service. You will learn about APIM policies and how they can modernize legacy APIs, and add a layer of security in front of backend services. You will also learn about API Management's built-in API key facilities called subscriptions.

Learning Objectives

Upon completion of this intermediate-level lab, you will be able to:

  • Create an Azure API Management service instance
  • Create APIs in API Management
  • Use API Management policies to transform responses and secure APIs
  • Secure APIs in API Management with Subscriptions
  • Secure APIs in API Management with Client Certificates

Intended Audience

  • Candidates for Microsoft Azure Developer Certifications
  • Developers

Prerequisites

Familiarity with the following is beneficial but are not required:

  • Azure App Service
  • RESTful APIs
  • JSON
  • XML

The following content can be used to help fulfill the prerequisites:

Environment before
PREVIEW
arrow_forward
Environment after
PREVIEW
About the Author
Students100985
Labs175
Courses9
Learning paths26

Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.