Microsoft Azure API Management and How Cloudockit Can Help You Document It?


Regan Kong

March 2020 – Reviewed September 2022

What is API Azure?

An application programming interface, or API, enables companies to open their applications’ data and functionality to external third-party developers, business partners, and internal departments within their companies. This allows services and products to communicate with each other and leverage each other’s data and functionality through a documented interface. IBM

What is APIM in Azure

Azure API management (Azure APIM) allows you to publish, secure, transform, maintain, and monitor multiple APIs.

APIM allows organizations to use their existing back-end services to create complete API programs by creating consistent and modern API gateways. It offers developer engagement, business insights, analytics, security, and protection. Azure offers a secure platform to manage APIs that can verify credentials, enforce policies, log data to be used for analytics purposes, manage users and much more.

Currently, Azure offers the following features at different price tiers:

Azure AD integration

Multi-region deploymentMultiple custom domain names

Developer portal

Built-in analytics

Self-hosted gateway

SSL settings

External cache

Client certificate authentication

Backup and restore

Management over Git

Direct management API

Azure Monitor logs & metrics

Static IP

Microsoft Azure APIM Security

Azure APIM Security is used to help secure your resources by stripping response headers and limiting the number of calls made to the API. It also has the following built-in security controls:

Network isolation & firewalling support

Forced tunnelling support

Azure monitoring support

Control & management plane logging & audit

Data plane logging & audit

Authentication & authorization

Server-side encryption at rest & in transit

Encrypted API calls

Configuration management support

The Typical Architecture of Microsoft Azure API Management

The Azure API Management is composed of 3 components:

The API gateway

The API gateway serves as an endpoint that handles API calls, credentials, usage quotas, caching and more. The gateway can connect to REST, RESTful and SOAP APIs. It can also connect to the following Azure resources: Logic Apps, App Services and Function Apps.

The Azure portal

The Microsoft Azure portal is a web interface where the API program is set up. It offers functionalities such as API packaging, policy settings, user management and more. Furthermore, an analytics portal is also available to consult data on users, requests, subscriptions, and operations.

The developer portal

The Microsoft Azure developer portal allows developers to read the API documentation, try out the API, get API keys and access analytics based on their own usage.

Let Cloudockit auto-generate your Azure archicture diagrams

Free Trial

Dependencies of Azure APIMs with Cloudockit

Cloudockit can easily detect the following dependencies for API Manager in your Azure environment:

    • API
    • Logic Apps
    • App Services
    • Function Apps

Azure APIMs in Architecture Diagrams

An API Management diagram should display its dependencies on any external resource or API.

Currently, Azure API Management can use Logic Apps, App Services, Function Apps and external APIs. As your API Manager grows, so will its dependencies, that is where Cloudockit comes into play. Cloudockit can scan your cloud environments and detect all dependencies related to your API Management resources. Below is an example of a diagram generated by Cloudockit for an API Management resource that uses two external APIs, a Function App, an App Service, and a Logic App.

Coupled with Cloudockit’s Track Changes feature, it is possible to detect changes made to an API Management resource. For example, it is possible to be notified when an API is added or deleted between two document generations.

APIMs in Azure Cloud Reports

Cloudockit detects every APIM on your environment and generates a Word, PDF, or HTML document with relevant information such as its name, resource group, location, type, date of creation, developer portal URL, gateway URL, Tier, Virtual IP addresses and products.