Azure API Manager ALM
Would like some good documentation on best practices for ALM with Azure API Manager.
For example...
How do people have their DEV/TEST/PROD environment setup and how do you deploy changes?
We are thinking about using the dev teir for our development and test environmnet and then the standard version for production. Are we on the right path?
Hi Dan, you are definitely on the right path.
Besides, below features might be useful to help you manage your environments:
1. Management Rest API: this is useful if you want to manage your environment programmatically.
http://msdn.microsoft.com/en-us/library/azure/dn776326.aspx
2. Backup/Restore: http://azure.microsoft.com/en-us/documentation/articles/api-management-howto-disaster-recovery-backup-restore/
Please let us know if you have any questions.
Regards,
Miao
Similar Messages
-
Azure API Management Usage Pattern for Enterprise - Grouping APIs
Consider the following scenario:
I have a 100 people in one org with 4 divisions
I create on Azure API Management instance
All 100 people are developing APIs and adding them to this single API management instance
Can I achieve following? If yes, how?
I want to group the APIs by those 4 division. Allow access of APIs only if it is added by people in their division. When I say allow access, basically I mean search the APIs and call the APIs.You can achieve this by using "Groups". First, you need to have a group per division. You can either manually create the groups and add users to them or if you use Azure Active Directory and enable developers to login with AAD to the portal, then
their existing group membership will also be available to use.
Once you have the group set up you need to have a product for each group. You can set the visibility settings of the product so that only members of a given group can see it. Then you can set which APIs the product contains and thus complete the mapping
of groups to APIs. -
Azure API Management - external endpoints
Hi,
I'm trying to implement the following scenario by using the preview Azure API management.
I have a Web API, hosted in an OnPrem IIS. I want to expose this API via the Azure API Management.
How can I manage exposing an OnPrem endpoint? Must I first be sure that my existing OnPrem API is published on the Internet? Or can I use a Service Bus Relay endpoint?
Thanks.Hi David,
Thanks for posting!
Base on my understanding, If your website is hosted on-permission( Intranet), you need expose the endpoints for Azure API management , and you need use the http or https endpoints for this feature. You could use azure service bus service to expose
your endpoints like this blog (http://blogs.msdn.com/b/paolos/archive/2013/10/24/how-to-integrate-a-windows-azure-web-site-with-a-lob-app-via-a-service-bus-relay-service.aspx
) and this thread (http://stackoverflow.com/questions/9626386/relay-webhttprelaybinding-to-webapi-service ), Also, you could publish the site on internet
and use the API url (http://blogs.iis.net/tomkmvp/archive/2010/02/03/how-do-you-access-iis-behind-a-nat-router.aspx ).If I am misunderstanding , please
let me know free.
Regards,
Will
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Azure API Management developer portal runtime error
Hi,
I'm trying to use the Microsoft Azure API Management functionality just announced in the TechEd 2014 americas.
I was able to create my namespace for Azure API Management in the Azure Mgmt Portal.
But now, when I click on the Management Console or Developer Portal, I got a runtime error (ASP.Net Runtime Error).
I tried from a PC where I'm not authenticated in Azure and it works until I reach the login page, and then I got this Runtime Error again and again.
My subscription is a MSDN subscription.
Any ideas or workarounds here?Hi,
The problem still exists but it appears only when I'm authenticated.
For example, I open the Windows Azure Management Portal with my admin account, goes to the API Management and click on the Management Console. I'm redirected to the https://middleway.portal.azure-api.net/admin URL and here I got a Runtime Error ASP.Net...
Strange no? -
How to setup Traffic Manager with Azure API Management
Hello-
I have been trying to configure traffic manager as a Failover mechanism for Azure API Management (not sure if this is the correct terminology).
The gist is this: I have configured Azure API management to point to a set of Web API's hosted in a Cloud Service. I would like to use Traffic Manager as a Failover mechanism to route requests to a different data center, should the primary service becomes
unresponsive or goes into a degraded state.
When going through the portal, there is no selection that is available to configure API Management/Web API: the selections are Cloud Service and Web apps.
I've also looked into th Powershell Add-AzureTrafficManagerProfile using the -Type ["Any"] option with same result - it adds the endpoint but it is in a "Degraded" state.
I need to understand the correct way to accomplish this - I'm pretty sure I'm doing something wrong.
gigabitHi Shaun,
For most Traffic Manager applications, endpoint health is probed in the same way on each endpoint. That's why Traffic Manager profiles have endpoint monitoring settings configured at the profile level, not the endpoint level.
It appears your case is an exception--you need to configure a different monitoring path for each of your endpoints. To do this, you should use
'nested' Traffic Manager profiles. Create a child profile for each endpoint (with endpoint monitoring settings particular to that endpoint) and then join them in a parent profile. Endpoint health will propagate up from child to parent and should
give the behaviour you're looking for.
There's no downside: We bill only for the actual monitored endpoints and actual queries received (so no extra costs), and the parent-child link will be unwound within the Traffic Manager name servers (so no extra latency).
Regards,
Jonathan Tuliani
Program Manager
Azure Networking - DNS and Traffic Manager -
Write Custom policies in Javascript for API management in Azure
I am new to API Management in Azure.
Is it possible to write custom policy in Javascript like it is possible to write in API Management tool in APIGEE?Hi,
It seems that it is not support in Azure API management, please vote this similar voice at:
http://feedback.azure.com/forums/34192--general-feedback/suggestions/6564897-api-management-policy
Best Regards,
Jambor
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Azure API and tokens issued by azure AD
anyone know of a sample that showcases the azure API management/delivery feature consuming (access) tokens issued by Azure AD?
is there a reasons why its not even a sensible thing to conceive? (it seems obvious...but perhaps I have a disconnect somewhere)perhaps a useful comment flows from this:
The documentation (at github, on AAD samples) is very engineering centric. Its very correct; very precise, overly so. It embeds best practices within (without teaching how to think about which of the 10 flows are proper, for different scenarios); and sometimes
calls things opened connect, sometimes oauth2. Distinguishing the differences is the subtle art of interpreting Microsoft engineering speak.
I learned 10 years not to program Microsoft apps in a way that is not demonstrated by an official sample. Thus the lack of a AAD sample of Azure API is problematic. I don't know (having been burned 100 times) that the OAUTH2 mentioned in the API docs is
compatible with one of the oauth2 flows of AAD sample land.
call me over thinker, if you like. But, this is what its like to be on the en d of the fragmented, drip drip, ALL change EVERY 3 years, communications style in windows/azure/win32 comsec.
i suspect the fix is another attempt at a best practices document - with best practice teaching samples - similar to those that so excellently rounded out WIF work, in the last generation of efforts. -
Exposing Azure Search Service through API Management
Hi everyone,
I've just setup the API Management and customised the portal for the APIs i'd like to manage. One of the APIs is actually an Azure Search instance. The only problem i can see is that the JSON response from the Azure Search contains a couple of URLs that
tie back to the Search, I've tried to add a policy to mask the URLs in the response, but it doesn't quite get it right and the resulting URLs don't work.
So, is it possible to properly expose the Search service through the API Management service with properly masked URLs?
thanks,
AndrewHi Miao,
thanks for your quick response.
Although I don't need to know a specific date - i'd be interested if there is a target for when this functionality may be added? e.g. 2 months, 6 months?
I'm evaluating the technology at the moment for a deliverable required in a couple of months and will need to decide whether to wait or develop a wrapper around the search service that removes the data we don't want exposed.
thanks,
Andrew -
How to make API manager developer console client use AAD as a oauth2 token issuer
the answer is configure the oauth2 authorization service record to ONLY use the client_credentials grant type.
See
https://yorkporc.wordpress.com/2015/02/23/getting-api-manager-to-use-aad-sts-finally/ for a success case.
Do NOT (as one might do, thinking as a security engineer) use the authorization_code grant.
So, after a week of effort, I figured my way through awful documentation to do something really easy (once one knows how).
The documentation at
http://azure.microsoft.com/en-us/documentation/articles/api-management-howto-oauth2/#step1 sends one the wrong way, since its picture happens to select authorization_code (which doesn't work, at least with AAD as the AS).
its pretty clear that the developer console site is not architected to be using AADs own rather excellent delegated user identity security model. One could be leveraging the web site's own session (itself derived from the id_token issued by AAD) to entitle
the web app server-side process to act for the user, which would normally supply (user's) auth_code and the sites own client credential set to get privileged access to certain api endpoints of the api management instance. Obviously, that would require
the console to be nominating which resouces (Api endpoint, within a product) are to be placed in the audience field of the token, which in turn requires more advanced AAD configuration (of those API endpoints, as AAD apps in their own right).
Sigh. MSDN editorial culture strikes yet again.hi Peter,
Thanks for your feedback!
I will try to reproduce this issue on my side and report it. Thanks for your time and appreciate your patience.
Any results, I will post back ASAP.
Regards,
Will
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Hi.
I'm trying to configure ADD and Api Management son I'm not so sure that is the right place where send the issue.
When I try to set the Authentication type to 'Authorization code' I'n receiving this message:
No permission to access user information is configured for 'GUID-APP' application, or it is expired or revoked
The 'GUID-APP' is the client-id of a new app I have registered especially for 'API management' (is not the app where the real API is implemented). The name of the app is: apimanagement. For this app I have configured :
Application permissions: 2
Delegate permissions:4
Which kind of permission shoud I configure to remove the issue ?
Thanks.Hi,
The issue should possibly be a replication delay in Azure AD, when the Permission Object that the application creates to access the Azure Management API (RDFE) does not replicate quickly enough to the authentication endpoint. The app currently does include
a 5 sec delay before requesting an authorization code, but this delay may not to consistent. The workaround would be to sign out of the app and then sign back in. (Quoted from below thread)
Source:
Azure AD OpenId Multitenant invalid_grant error
https://social.msdn.microsoft.com/Forums/vstudio/en-US/dd289578-5d04-4ce0-a533-0505f8a8bedd/azure-ad-openid-multitenant-invalidgrant-error?forum=WindowsAzureAD
Hope it helps!
Thanks.
Dharmesh Solanki
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Hello,
Any help with this technical issue would be greatly appreciated.
When our clients call our API Management front end, we'd like them to connect to https://api.mydomain.com/service
Traffic Manager will be used to load balance between API Management interfaces at 2 separate Azure DCs.
Our API Management services are set up with the addresses apimNameSite1.azure-api.net and apimNameSite2.azure-api.net
Our 2 back-end servers live in an azure IaaS vNets (in separate DCs) and their azure endpoint URLs are webServerSite1.cloudapp.net and webServerSite2.cloudapp.net
We have a wildcard SSL certificate for *.mydomain.com
From what I've read (I may have missed something), API management doesn't terminate SSL. (have since found this is incorrect, API Management DOES terminate SSL) Can anyone give me a solution for configuring HTTPS for the API management interface in
this scenario?
One way I've thought of addressing it is to:
- Create a CNAME record for the alias api.mydomain.com pointing to the traffic manager address
- Traffic manager is configured using powershell to load balance between the apimNameSite1.azure-api.net and apimNameSite2.azure-api.net endpoints
- Create a CNAME record for the alias webServerSite1.mydomain.com pointing to webServerSite1.cloudapp.net
- An API in API management on Site1 is configured with an HTTPS URL scheme and has https://webServerSite1.mydomain.com/service set as the web service URL.
- The IIS web site on the back end server has a HTTPS binding configured using the *.mydomain.com certificate
I'm not sure if this will work, and I have to get a number of people to configure stuff on their end to POC it so would prefer to have it right at the start. Does anyone have suggestions or links to good sources on the subject?I found the Custom Domain settings under Configuration for the API Management service. Will close this thread if all works out ok. I hope having traffic manager in front of it doesn't cause any issues.
-
Retrieving billing/usage through Azure API
I'm looking to retrieve my account usage details through Azure API but couldn't find the relevant API for that.
I know I can download the CSV file of usage details in Azure Portal Account->Subscriptions->Download Usage Details, and would need to retrieve the same through API.
Any help is appreciated. Thanks in advance.Hi ksrishna,
Thanks for your posting!
Currently we don't got the billing usage file using API. You could download in the account page on the portal. Also, you could vote this feature via this customer feedback page:
http://feedback.azure.com/forums/170030-billing/suggestions/1143971-billing-usage-api
Regards,
Will
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Deploy Services with Azure Resource Manager
Hi,
I would like to create an Azure Resource Manager template that includes a few Cloud Services.
I couldn't find how to configure Cloud Services in the Azure Resource Manager template.
What should be the type of the resource in the Json template?
ThanksHi,
Azure Resource Manager Tools for visual studio is in a Preview version, at currently, this preview only has two templates available, going forward, more templates will be added for common application scenarios that use other Azure features including caching,
storage, virtual machines, and more. See more at:
http://azure.microsoft.com/blog/2014/08/11/azure-resource-manager-tools-preview/
Best Regards,
Jambor
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Configuring Alert management (ALM)
Hi
I am planning to configure Alert management (ALM) for CCMS .Can anyone help me with the steps involved? I have gone through few posts in forums but its all abt configuring it in XI.I am thinking of solution manager as the Central ALM server. Is solution manager have any feature similar to Alert management so that I can use that instead of ALM?
Thanks in Advance
PrinceHi prince....
See these DOCS.
<a href="http://help.sap.com/saphelp_nw04s/helpdata/en/28/83493b6b82e908e10000000a11402f/frameset.htm">Technical Infrastucture of Alert monitor</a>
<a href="http://help.sap.com/saphelp_erp2005/helpdata/en/cb/df8a3eacd49076e10000000a114084/frameset.htm">solution montoring in solution manager</a>
<a href="http://help.sap.com/saphelp_nw04s/helpdata/en/1a/40f83ee0e66856e10000000a114084/frameset.htm">MOnitoring with solution manager</a>
Regards,
vijay -
May 2015 VTS Middleware Track - Resources for the API Management session
Some very cool resources:
Blog
article on "In-depth look into Oracle API Catalog (OAC) 12c": https://technology.amis.nl/2014/11/14/in-depth-look-oracle-api-catalog-oac-12c/
Data
sheet of Oracle API Catalog: http://www.oracle.com/technetwork/middleware/id-mgmt/downloads/oracle-api-catalog-ds-2347229.pdf?ssSourceSiteId=ocomen
Oracle
online documentation about Oracle API Catalog: https://docs.oracle.com/middleware/1213/oac/index.html
Data
sheet of Oracle API Manager: http://www.oracle.com/us/technologies/soa/oracle-api-manager-ds-2421644.pdf
Oracle
online documentation about Oracle API Manager: https://docs.oracle.com/middleware/1213/apimgr/index.html
Oracle
product page about API Management: http://www.oracle.com/us/products/middleware/soa/api-management/overview/index.htmlYou could check the note on MOS Doc ID 1114976.1 it may have what you need.
Maybe you are looking for
-
Invoking Discoverer Report from Zoom Menu Option
HI there I've seen this on client site but never done it myself. Does anyone have any documentation or guidance on how to set up a form personalization so that the zoom menu option on a form links to a discoverer report, potentially passing parameter
-
problem is iTunes wants to restore while I have no backup(i know stupid move on my part esp. since I just got back from an amazing summer trip and so....yea Ive been busy and really it is my fault. I had bought this iPad from ebay for a good deal t
-
Should the fire wire ports always be active
I have a 17" MBP (core 2 duo late 2007) and a 15" MBP (also core 2 duo late 2007) and when I connect my recently purchased WD 500GB Passport, the drive's light indicates that it is still receiving power from the MBP's after I've shut-down the compute
-
Open file in Netscape (or SeaMonkey) Composer window
anyone know a script for this?
-
Error : Severity and Description Path Resource Location Creation Time Id
i have this error : Severity and Description Path Resource Location Creation Time Id invalid character or markup found in script block. Try surrounding your code with a CDATA block. essai/src essai.mxml Unknown 1236103965593 182 my source is attach c