API Gateway using Azure API Management

API gateway in the microservices architecture is a single entry point for communication with all clients. Essentially, it is a proxy between client applications and services.

API gateway is an endpoint that is responsible for the following functionalities:

  1. Accepting API calls and routing them to our backends
  2. Verifying API keys, JWT tokens, and certificates
  3. Supporting Auth through Azure AD and the OAuth 2.0 access token
  4. Enforcing usage quotas and rate limits
  5. Transforming our API on the fly, without code modifications
  6. Caching backend responses, wherever they are set up
  7. Logging call metadata for analytics purposes
api gateway microservices

If we were to use Azure API management for our API gateway, Microsoft has provided some excellent documentation here: https://docs.microsoft.com/en-us/azure/api-management/

Using Azure API management has the following benefits:

  • We can manage our various APIs from a single platform; for example, ProductService, OrderService, and other services can be easily managed and called by many clients.
  • Because we’re using API Management, it doesn’t only provide us with a proxy server; it also allows us to create and maintain documentation for our APIs.
  • It provides a built-in facility so that we can define various policies for quota, output formats, and format conversions, such as XML to JSON or vice versa.

Our ProductService has a REST API and let us assume that it provides the following resources:

API resourceDescription
GET /api/productGets a list of products
GET /api/product/{id}Gets a product
PUT /api/product/{id}Updates an existing product
DELETE /api/product/{id}Deletes an existing product
POST /api/productAdds a new product

We had already created a .NET console application that acts as a client( ProductClient). Now, let’s write some code to call our Azure API gateway from our client.

namespace Sportopia.SportsStore.ProductClient
{
   class Program
   {
      private const string ApiKey = "myAPI Key";
      private const string BaseUrl = "http://localhost:3097/api";
      static void Main(string[] args)
      {
         GetProductList("/product/GetProductAsync");
         //Console.WriteLine("Hit ENTER to exit...");
         Console.ReadLine();
      }
      private static async void GetProductList(string resource)
      {
         using (var client = new HttpClient())
         {
            var queryString =
            HttpUtility.ParseQueryString(string.Empty);

            client.DefaultRequestHeaders.Add("Ocp-Apim-Subscription-
            Key", ApiKey);

            var uri = $"{BaseUrl}{resource}?{queryString}";

            //Get asynchronous response for further usage
            var response = await client.GetAsync(uri);
            Console.WriteLine(response);
          }
       }
    }
 }

In the above code, our product client is requesting the REST API to get all products. Below table explains the terms that appear in the code:

BaseUrlThis is the address of the proxy server.
Ocp-Apim-Subscription-KeyThis is a key that’s assigned by API Management to a specific product the client has opted for.
ResourceThis is our API resource, which is configured over Azure API Management. It will be different from our actual REST API resource.
ResponseThis refers to the response to a specific request. In our case, this is the default JSON format.

You might be interested in the following courses:

Course Category

Back to: Microservices with C#, .NET Core and Azure > Communication