top of page
Writer's pictureALIF Consulting

How to Migrate a web app using Azure API Management

Updated: Jun 14

In today's interconnected world, APIs (Application Programming Interfaces) are the essential glue that binds applications, data sources, and services together. They act as intermediaries, enabling seamless communication and data exchange and fostering a more dynamic digital ecosystem. However, effectively managing these APIs, especially across diverse environments like cloud and on-premises deployments, can be a complex task.


What is API Management?

API Management tackles this challenge by providing a centralized platform to govern the entire API lifecycle. It encompasses everything from the initial design and publication of APIs to robust security measures, performance monitoring, and version control. Here's what API Management brings to the table:

Standardization

Enforces consistent design principles across all APIs, ensuring a familiar and user-friendly experience for developers integrating with them.


Access Control

Implements robust authentication and authorization mechanisms to restrict access to authorized users and applications, safeguarding sensitive data.


Performance Optimization

Manages API traffic flow, implements caching strategies, and closely monitors API performance to deliver an optimal user experience with minimal latency.


Actionable Insights

Provides valuable analytics on API usage patterns, helping identify areas for improvement and optimize API functionality based on real-world usage data.


Streamlined Developer Experience

Offers a dedicated developer portal where users can discover APIs, explore their functionalities through comprehensive documentation, and integrate them seamlessly into their applications.


The Power of Well-Managed APIs

APIs are the backbone of modern applications, playing a critical role in various scenarios:

Mobile App Development

Mobile apps leverage APIs to access data and functionalities from backend services, enabling rich and dynamic user experiences. Imagine a food delivery app – it wouldn't be possible without APIs to connect to restaurant menus, order processing systems, and real-time location tracking.


Microservices Architecture

In modern application development, APIs facilitate communication between independent microservices within an application. This promotes modularity, scalability, and faster development cycles.


B2B Integration

Securely share data and functionalities with partners and customers through well-defined APIs. This streamlines business processes by eliminating the need for custom integrations for every interaction.


Open Data Initiatives

Publish APIs to expose data for public consumption. This fosters innovation and collaboration by allowing developers to leverage valuable datasets to create new applications and services.


What is API Management in Azure?

Microsoft Azure offers a robust API Management service specifically designed to simplify and streamline API governance. It provides a comprehensive set of features to empower organizations of all sizes, from startups to large enterprises:

Unified Management Across Environments

Manage APIs regardless of their location, be it on-premises, in other cloud platforms, or within Azure itself.


API Gateway

 The API Gateway acts as a single entry point for all API traffic, enforcing security policies, routing requests efficiently, and offloading processing tasks from backend services.


Built-in Developer Portal

A user-friendly developer portal allows users to discover APIs, understand their functionalities, explore code samples, and easily integrate them into their applications.


Granular Security Features

Azure API Management offers a rich set of security features like OAuth authentication, IP whitelisting, throttling, and data encryption to protect your APIs from unauthorized access and malicious attacks.


Traffic Management

Implement load balancing, caching, and other traffic management techniques to ensure optimal API performance and responsiveness under heavy traffic loads.


Actionable Analytics and Monitoring

Gain insights into API usage patterns, identify potential issues proactively, and monitor API health to ensure consistent performance.


Scenarios

APIs enable digital experiences, simplify application integration, underpin new digital products, and make data and services reusable and universally accessible. With the proliferation and increasing dependency on APIs, organizations need to manage them as first-class assets throughout their lifecycle.


Azure API Management helps customers meet these challenges

  • Abstract backend architecture diversity and complexity from API consumers

  • Securely expose services hosted on and outside of Azure as APIs

  • Protect, accelerate, and observe APIs

  • Enable API discovery and consumption by internal and external users


Common scenarios include

Unlocking legacy assets

APIs are used to abstract and modernize legacy backends and make them accessible from new cloud services and modern applications. APIs allow innovation without the risk, cost, and delays of migration.

API-centric app integration

APIs are easily consumable, standards-based, and self-describing mechanisms for exposing and accessing data, applications, and processes. They simplify and reduce the cost of app integration.

Multi-channel user experiences

APIs are frequently used to enable user experiences such as web, mobile, wearable, or Internet of Things applications. Reuse APIs to accelerate development and ROI.

B2B integration

APIs exposed to partners and customers lower the barrier to integrating business processes and exchanging data between business entities. APIs eliminate the overhead inherent in point-to-point integration. Especially with self-service discovery and onboarding enabled, APIs are the primary tools for scaling B2B integration.


Solution Background

An e-commerce company in the travel industry is modernizing its legacy browser-based software stack. While their existing stack is mostly monolithic, some SOAP-based HTTP services exist from a recent project. They are considering the creation of additional revenue streams to monetize some of the internal intellectual property that's been developed.

Goals for the project include addressing technical debt, improving ongoing maintenance, and accelerating feature development with fewer regression bugs. The project will use an iterative process to avoid risk, with some steps performed in parallel:

  • The development team will modernize the application back end, which is composed of relational databases hosted on VMs.

  • The in-house development team will write new business functionality that will be exposed over new HTTP APIs.

  • A contract development team will build a new browser-based UI, which will be hosted in Azure.

New application features will be delivered in stages. These features will gradually replace the existing browser-based client-server UI functionality (hosted on-premises) that powers their e-commerce business today.

The management team does not want to modernize unnecessarily. They also want to maintain control of scope and costs. To do this, they have decided to preserve their existing SOAP HTTP services. They also intend to minimize changes to the existing UI. Azure API Management (APIM) can be used to address many of the project's requirements and constraints.



Architecture


Azure API Management

The new UI will be hosted as a platform as a service (PaaS) application on Azure and will depend on both existing and new HTTP APIs. These APIs will ship with a better-designed set of interfaces, enabling better performance, easier integration, and future extensibility.


Components


Alternatives

  • If the organization was planning to move their infrastructure entirely to Azure, including the VMs hosting the legacy applications, then APIM would still be a great option since it can act as a facade for any addressable HTTP endpoint.

  • If the customer had decided to keep the existing endpoints private and not expose them publicly, their API Management instance could be linked to an Azure Virtual Network (VNet):

o In an Azure "lift and shift" scenario linked to their deployed Azure virtual network, the customer could directly address the back-end service through private IP addresses.

o In the on-premises scenario, the API Management instance could reach back to the internal service privately via an Azure VPN gateway and site-to-site IPSec VPN connection or ExpressRoute, making this a hybrid Azure and on-premises scenario.

  • The API Management instance can be kept private by deploying the API Management instance in Internal mode. The deployment could then be used with an Azure Application Gateway to enable public access for some APIs while others remain internal.


Considerations


Availability and scalability


Pricing

API Management is offered in four tiers: developer, basic, standard, and premium. You can find detailed guidance on the difference in these tiers in the Azure API Management pricing guidance here.

Customers can scale API Management by adding and removing units. Each unit has a capacity that depends on its tier.



144 views0 comments

Recent Posts

See All
bottom of page