Microsoft New Policies Extends Azure API Management Integration with Third Party Services

By CIOReview | Monday, December 14, 2015

FREMONT, CA: Microsoft announces a new set of policies to simplify integration of Azure API Management with external services. Built on the customers’ request for extending better usage of Azure API Management, these policies enable integrations with third party services.

The three policies include: send-request that sends a request to the specified URL; send-one-way-request that sends a request to the specified URL without waiting for a response; and return response that aborts pipeline execution and returns the specified response directly to the caller.

Policies of API Management are the pre-defined statements that allow developers to change the behavior of the API through configuration. Featuring with number of use cases, these policies enable alerting of error conditions, validation of reference tokens, aggregating responses from distinct backend services, transparent versioning and edge caching.

Microsoft Azure API Management helps organizations publish APIs to internal and external developers that unlock the data and services. It offers developer engagement, business insights, analytics, security and protection for an API program. Operations in API Management are highly configurable, with control over URL mapping, query and path parameters, request and response content, and operation response caching. Rate limit, quotas, and IP restriction policies can also be implemented at the API or individual operation level.

Some of the common scenarios in API Management are: securing mobile infrastructure by gating access with API keys, preventing DOS attacks by using advanced security policies like JWT token validation; enabling ISV partner ecosystems by offering fast partner on-boarding through the developer portal and building an API facade to decouple from internal implementations that are not ripe for partner consumption; Running an internal API program by offering a centralized location for the organization to communicate about the availability and latest changes to APIs, gating access based on organizational accounts, all based on a secured channel between the API gateway and the backend.