Introduction
Azure API Management enables you to carefully identify and control who can access the data published by your APIs.
Suppose you work for a meteorological company, which has an API that customers use to access weather data for forecasts and research. There's proprietary information in this data, and you would like to ensure that only paying customers have access. You want to use Azure API Management to properly secure this API from unauthorized use.
In this module, you'll use two basic methods to secure access to an API in Azure API Management:
- Subscriptions
- Client certificates
By the end of this module, you'll be able to ensure that only people with the right credentials can access the information in your API. You'll also be ready to explore more advanced options to secure access to an API.
Learning objectives
In this module, you will:
- Create an Azure API gateway
- Import a RESTful API into the gateway
- Implement policies to secure the API from unauthorized use
- Call an API to test the applied policies
Prerequisites
- Familiarity with basic concepts of web APIs, such as operations and endpoints
- Familiarity with certificates
- You need an Azure subscription to complete the exercises. If you don't have an Azure subscription, create a free account and add a subscription before you begin. If you're a student, you can take advantage of the Azure for students offer.