API Gateway using Azure API Management

API gateway in the microservices architecture is a single entry point for communication with all clients. Essentially, it is a proxy between client applications and services.

API gateway is an endpoint that is responsible for the following functionalities:

Accepting API calls and routing them to our backends
Verifying API keys, JWT tokens, and certificates
Supporting Auth through Azure AD and the OAuth 2.0 access token
Enforcing usage quotas and rate limits
Transforming our API on the fly, without code modifications
Caching backend responses, wherever they are set up
Logging call metadata for analytics purposes

If we were to use Azure API management for our API gateway, Microsoft has provided some excellent documentation here: https://docs.microsoft.com/en-us/azure/api-management/

Using Azure API management has the following benefits:

We can manage our various APIs from a single platform; for example, ProductService, OrderService, and other services can be easily managed and called by many clients.
Because we’re using API Management, it doesn’t only provide us with a proxy server; it also allows us to create and maintain documentation for our APIs.
It provides a built-in facility so that we can define various policies for quota, output formats, and format conversions, such as XML to JSON or vice versa.

Our ProductService has a REST API and let us assume that it provides the following resources:

API resource	Description
`GET /api/product`	Gets a list of products
`GET /api/product/{id}`	Gets a product
`PUT /api/product/{id}`	Updates an existing product
`DELETE /api/product/{id}`	Deletes an existing product
`POST /api/product`	Adds a new product

We had already created a .NET console application that acts as a client( ProductClient). Now, let’s write some code to call our Azure API gateway from our client.

namespace Sportopia.SportsStore.ProductClient
{
   class Program
   {
      private const string ApiKey = "myAPI Key";
      private const string BaseUrl = "http://localhost:3097/api";
      static void Main(string[] args)
      {
         GetProductList("/product/GetProductAsync");
         //Console.WriteLine("Hit ENTER to exit...");
         Console.ReadLine();
      }
      private static async void GetProductList(string resource)
      {
         using (var client = new HttpClient())
         {
            var queryString =
            HttpUtility.ParseQueryString(string.Empty);

            client.DefaultRequestHeaders.Add("Ocp-Apim-Subscription-
            Key", ApiKey);

            var uri = $"{BaseUrl}{resource}?{queryString}";

            //Get asynchronous response for further usage
            var response = await client.GetAsync(uri);
            Console.WriteLine(response);
          }
       }
    }
 }

In the above code, our product client is requesting the REST API to get all products. Below table explains the terms that appear in the code:

`BaseUrl`	This is the address of the proxy server.
`Ocp-Apim-Subscription-Key`	This is a key that’s assigned by API Management to a specific product the client has opted for.
`Resource`	This is our API resource, which is configured over Azure API Management. It will be different from our actual REST API resource.
`Response`	This refers to the response to a specific request. In our case, this is the default JSON format.

You might be interested in the following courses:

Course Category

Microservices with C#, .NET Core and Azure
by Ajay Kumar Konda
20 Lessonsin Microsoft Technologies
The microservice architectural style promotes the development of complex applications as a suite of small services based on specific business capabilities. This course will help you take a hands-on approach to build microservices and deploy them using ASP .NET Core and Microsoft Azure.

Course Category

Microservices with C#, .NET Core and Azure