A prevalent issue in today's API landscape is the uncoordinated API portfolio within large organizations. These portfolios often feature varying development protocols, design styles, and versions, leading to faulty integrations. This complexity is partly due to the sheer number of APIs we encounter today, estimated by to be around 200 million.
In response to this phenomenon, known as “API Sprawl,” Microsoft released the API Center (abbreviated as APIC) in May 2024 after an extended public preview. There are currently three primary use cases we see within the API Center that can help companies grapple API sprawl: API Inventory, Governance, and Discovery/Consumption.
Maybe you’re like me and are now questioning, how exactly the API Center differs from Azure API Management. To make it short: They are fundamentally two distinct services with unique features and core functions. They complement each other well but can also operate independently. But to make it more clear, let’s take a deeper look on the API Centers use cases I mentioned before.
The API Center’s inventory management allows all APIs to be centralized in one location, offering a comprehensive catalog of all APIs. These APIs can be imported from API Management instances or registered directly in the API Center. During registration, general information, version details, licensing, and more can be provided.
APIs can have multiple versions throughout their lifecycle. In the API Center, you can add versions and, if needed, multiple specifications. Additionally, you can add information about environments and deployments for APIs. An environment represents a location where an API runtime can be deployed, such as an API Management platform. A deployment is a location where users can access an API, which can have multiple deployments across various staging environments or regions.
A very practical feature of the API Center is the ability to define custom metadata that can be added to APIs. This is useful for searching and filtering. Metadata can have various properties, such as numerical ranges or text properties with minimum and maximum lengths. With the “Predefined choices” property type, a list of values can be provided for selection. For instance, industry-specific metadata might list various company departments.
Metadata can be created for APIs, deployments, and environments (or all three) with options for being “Required,” “Optional,” or “Not applicable.”
Another governance feature is the linting and analysis capabilities of the API Center. For example, if you use a Function App to run the linting engine, it can respond to predefined events in the API Center, such as adding or replacing an API specification. When the event is received, the linting engine can check if the specification complies with internal policies, and an analysis report is then provided in the API Center.
The API Center offers two native discovery functions: the API Center Portal and the VSC Extension. The portal is similar to the Developer Portal from API Management but can reference APIs from multiple API Management instances, serving as a catalog where users can filter APIs and download specifications of various versions. Unlike the Developer Portal, testing APIs in the API Center Portal is currently not possible; this functionality is intended for the VSC Extension.
Notably, while the portal was directly usable from the API Center during the public preview, it must be self-hosted after general availability. This initially adds some overhead but offers flexibility, allowing customization and hosting on various infrastructures.
Additionally, the API Center Portal requires an app registration with the necessary API permissions. More information can be found in the official documentation.
The Azure API Center extension for Visual Studio Code enables API management directly within the development environment. With this extension, users can create, discover, test, and use APIs. Key features include:
Additionally, there are optional extensions for specific scenarios, such as the REST Client, the Microsoft Kiota extension, and the Spectral extension for API design compliance.
Also, the extension can be used within Github Copilot, which offers even more ways for API discovery.
The API Center is priced at €699 per month, aside from a 90-day trial period. Whether it is worth it for your organization depends on several factors, like the number of APIs. Generally, the more complex the underlying system, the greater the value of the API Center.
In this section, I will demonstrate how quickly you can get the API Center up and running and import your APIs within minutes.
First, create the resource by searching for the API Center in the Azure Portal. During creation, specify the resource group, name, region, and pricing plan. For this example, I will choose the free 90-day trial.
Once created, you can access the resource and start adding your APIs. We will import these from an existing API Management resource. There are two options: export the API specifications from an API Management instance using the az PowerShell module and import them into the API Center, or import them directly from API Management using PowerShell. We will opt for the latter.
First, add a managed identity to the API Center. Navigate to the Managed Identities tab of your API Center resource and enable the “System assigned” status.
Next, assign a role to this managed identity, allowing it to read the API Management resource data. Navigate to your APIM instance, select Access control, and add a role assignment. Choose the “API Management Service Reader” role and add the previously created managed identity as a member.
Almost done! Now we can import APIs easily using PowerShell. First, find the resource ID of your APIM instance:
$apimID=$(az apim show --name <apim-name> --resource-group <resource-group-name> --query id --output tsv)
To import all APIs, run the following command:
az apic service import-from-apim --service-name <api-center-name> --resource-group <resource-group-name> --source-resource-ids $apimID/apis/*
If you don’t want to import all APIs, you can specify the name of a specific API instead of using apis/*.
In summary, Microsoft’s API Center provides a powerful solution to manage the complexity of modern API portfolios, offering comprehensive tools for API inventory, governance, and discovery. By centralizing API management, it simplifies operations, enhances compliance, and fosters better integration across systems.
On a personal note, I’ve found the API Center to be an useful asset in streamlining API management processes and ensuring robust governance. Although pricey, it can help reducing API sprawl and could potentially be a game-changer for your API strategy.
We at Objektkultur are happy to help you navigate and integrate this new tool seamlessly into your operations. Feel free to reach out to us through our contact form here!
Autor des Beitrags
Seit dem Jahr 2023 ist Benjamin Klinkebiel als Consultant und Entwickler bei Objektkultur tätig, wo er seine Leidenschaft für die IT entfaltet. Diese Leidenschaft entdeckte er während seines Studiums der Medieninformatik.
Wir sind ein Software-Unternehmen mit Hauptsitz in Karlsruhe und auf die Umsetzung von Digitalstrategien durch vernetzte Cloud-Anwendungen spezialisiert. Wir sind Microsoft-Partner und erweitern Standard-Anwendungen bei Bedarf – egal ob Modernisierung, Integration, Implementierung von CRM- oder ERP-Systemen, Cloud Security oder Identity- und Access-Management: Wir unterstützen Sie!
Mehr über uns
Mit unserem Newsletter informieren wir Sie stets über die neuesten Blogbeiträge,
Webcasts und weiteren spannenden Themen rund um die Digitalisierung.
