![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 7.000000000000001%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
2,462 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 59%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 93%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBG%3C/text%3E%3C/svg%3E)
Hi @Sajeda Sultana thanks for the question. Indeed as Pinaki suggests API management is principally a gateway (reverse proxy) for downstream APIs - it allows you to add functionality via policy and manage it in one place rather than provide the same for each API. You can also use API management to modernise legacy API's by using it as a façade to provide a new interface to an existing API.
In theory you could expose your JSON by uploading it to an Azure storage account container and using an APIM send-request policy to read the content via the storage http rest API and send it back to the caller.
There's a blog post here which is similar and can act as a rough guide, although it's persisting data rather than reading it, the principal is the same. https://techcommunity.microsoft.com/t5/azure-developer-community-blog/how-to-send-requests-to-azure-storage-from-azure-api-management/ba-p/3624955 you could amend the instructions here so you send a read request for the data rather than write.
Take care to ensure that both the call to storage is secure (in the blog post they use managed identity of the APIM against storage) with least privilege (in your case read permission).
In addition you will want to ensure callers into API Management are also authorized - because I expect you dont want just anyone to access your data. Options here include using oauth (for Azure this would be b2c or entra , or entra + b2b) - oauth is recommended - as well as client certificate and basic auth.