API Management (APIM) is Azure's API gateway service allowing you to create consistent, modern APIs for a variety of backend services. APIM provides powerful capabilities, such as rate-limiting, quotas, and security. These capabilities can be applied to existing backend services without requiring any additional code.

This lab explores some of these capabilities using a backend service hosted on Azure App Service. You will learn about APIM policies and how they can modernize legacy APIs, and add a layer of security in front of backend services. You will also learn about API Management's built-in API key facilities called subscriptions.

Learning Objectives

Upon completion of this intermediate-level lab, you will be able to:

• Create an Azure API Management service instance
• Create APIs in API Management
• Use API Management policies to transform responses and secure APIs
• Secure APIs in API Management with Subscriptions
• Secure APIs in API Management with Client Certificates

Intended Audience

• Candidates for Microsoft Azure Developer Certifications
• Developers

Prerequisites

Familiarity with the following is beneficial but are not required:

• Azure App Service
• RESTful APIs
• JSON
• XML

The following content can be used to help fulfill the prerequisites:

• Getting Started with Azure App Service

Updates

February 1st, 2023 - Updated the instructions and screenshots to reflect the latest UI

September 22nd, 2022 - Migrated lab to use Cloud Academy Web Terminal

August 31st, 2021 - Added instructions to workaround Azure bug when modifying the OpenAPI JSON spec