
Dive into the Azure API Management Masterclass with a holistic, hands-on approach, covering the Azure API Management service and related Azure concepts, guided by an experienced instructor.
Navigate this Azure API management masterclass by choosing a learning path that fits your background, from full course to skipping sections, while exploring hands-on demos from section three onward.
Adjust the Udemy player settings to match your playback rate and volume, view transcripts or subtitles, and take notes for the Azure API management masterclass.
This lecture explains the fundamentals of Azure cloud, covering regions and availability zones, elasticity and on-demand provisioning, and how to deploy resources across regions and zones for high availability.
Explore how Azure resource hierarchy links resources to resource groups, subscriptions, and management groups, and learn to manage costs, access, and compliance while building API management services.
Learn to optimize azure api management costs by choosing between consumption and developer tiers, using the pricing calculator and budgets, and considering delete-and-recreate and backup options.
Create a new Azure account, log into portal.azure.com, assign a contributor role, and set up budgets and alerts while managing resources with resource groups.
Present API as a contract mediating between clients and back-end resources, illustrated with a hotel front-desk analogy, and cover requests, responses, resources, authentication, and operations like search, create, update, delete.
Define API as a broad collection of functions and libraries enabling app communication; a web service is an internet-based API, and all web services are APIs, but not vice versa.
Learn about API types by audience (private, public, partner, composite) and by implementation (REST, SOAP, RPC, GraphQL, OData), with examples and trade-offs.
This hands-on is for beginners who are unfamiliar with Postman Client or some basic HTTP/API terms
Understand HTTP Methods : GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS.
Understand the concept of Idempotence.
Explore how CRUD maps to http methods, which payloads apply to post and put, and how idempotency and safety distinguish get from post, put, delete, patch, options, and head.
Learn how HTTP status codes are grouped into 1xx to 5xx, with examples like 100 continue, 404 not found, and 500 internal server error, via postman public APIs.
Explore the representational state transfer style, where resources are represented by identifiers and manipulated via standard http methods within a client-server, stateless, cacheable, and layered framework with a uniform interface.
Explore public APIs with Postman and practice using Google Maps API features—places, autocomplete, and directions—via API keys, place IDs, and programmatic requests, then route them through an API gateway.
Define and design your API with stakeholders, then develop, test, secure, deploy, enhance, and monetize, while enjoying real-time, reusable, lightweight, loosely coupled, platform-independent components that can run containerized in Kubernetes.
Review key API concepts, including definitions, types by audience and implementation, idempotency, HTTP methods, status codes, REST design principles, examples like the Google Maps API, and Postman hands-on.
Azure API Management organizes an API lifecycle with three components: gateway, management plane, and developer portal, providing a reverse proxy, policy enforcement, and API discovery for decoupled backends.
Unify and secure your APIs with API management and API gateway, decoupling clients from back-end services and enabling seamless routing, security, caching, and observability.
Explore hands-on creation of an Azure API Management service in Central India using the consumption tier, including gateway URL, resource group setup, and core options for APIs, monitoring, and security.
Learn to import an API from YAML or JSON, configure it in the consumption tier with a base URL and suffix, and test operations including the OCP subscription key.
learn how to handle the offline demo conference api by switching to the swagger pet store open api v3, importing the yaml, and testing endpoints.
Explore how Azure API Management uses subscriptions and products to control access via subscription keys, header requirements, and product-level policies across APIs.
Import a pet store api from Swagger, test it, add it to a product, publish the api, and explore design and definitions with generated examples.
Explain the design-first approach to API development using YAML OpenAPI 2.0 specifications, define endpoints, schemas, and security, and show how Postman and other tools generate boilerplate code.
Enable operation-specific mocking policy in Azure API Management to simulate 200 JSON responses with generated examples, letting API consumers view realistic results while the backend is under development.
Learn to create and apply api revisions to update endpoints, add availability for a conference api, test with mocking and postman, and establish a current revision with a change log.
Create and manage API versions in Azure API Management, making v1 and v2 live simultaneously with path-based versioning and access via the product's subscription key.
This lecture is mainly related to Azure Cloud Fundamentals and not specific to API Management, feel free to skip through this lecture if you're already aware of RBAC in Azure. This is a an important concept that applies to all aspects of Azure, hence covering it for those who are relatively new to Azure Cloud.
This lecture is mainly related to Azure Cloud Fundamentals and not specific to API Management, feel free to skip through this lecture if you're already aware of Managed Identities in Azure. This is a an important concept that applies to all aspects of Azure, hence covering it for those who are relatively new to Azure Cloud.
Explore workspaces in Azure API Management premium tier, enabling isolation of control and data planes and independent development, monitoring, and management of APIs within dedicated workspace environments.
Create a new Azure Key Vault to store keys, secrets, and certificates in a standard tier, using RBAC with public access in Central India for a few cents per month.
Create named values to store secrets such as the Google Maps API key, reference them in policies, and fetch securely from Azure Key Vault for a backend.
Configure a backend in Azure API Management to use basic authentication by storing base64-encoded username and password as a named value or secret, and reference it in the backend settings.
Learn to add an API manually in Azure API Management, configure a backend and inbound policies, and use rewrite rules to map a clean operation name to the backend URL.
Explore policy scopes in Azure API Management from global to operation level and how inheritance uses base statements. See hands-on rate-limiting examples to understand how inherited policies affect API calls.
Explore api policies, a sequence of xml statements processed at the gateway to modify requests and responses, including authentication, rate limiting, and caching, with policy fragments and named values.
Learn to manage Azure API Management with Azure CLI, VS Code, and Cloud Shell; list APIs, export to table, test operations, and update policy changes across services.
Import a web app as an api in Azure API Management by creating an app service and importing it. Test a get operation to verify the web page is served.
Import a soap service using azure api management, test operations with soap actions and envelopes, then create a rest facade on top of the soap backend to expose json endpoints.
Import an Azure function as a backend in Azure API Management by creating a function app with HTTP trigger. Test get and post endpoints, and use the auto created key.
Import an Azure logic app as a backend in api management, create a simple http request workflow with a compose and response, and test the generated runtime url.
Debug Azure api management by enabling tracing, inspecting trace data, and understanding security risks, tracing scope, legacy tracing, and the move to a multi-stage tracing method.
Learn to trace API calls in Azure API Management using the new method, including token steps, trace IDs, and the List Trace API endpoint to diagnose throttling policies.
Explore Azure API Management's internal 20-second cache policy, observing cache lookup and store behavior and how results vary by subscription and developer.
Master external Azure Redis cache in Azure API Management with an advanced caching policy, using cache lookup value and cache store value keyed by caller ID header and user ID.
Export your API to Postman or Power Platform by choosing the workspace and generating a collection, then test with the subscription key and download the open API specification.
Explore OAuth 2 flows for securing API access with Azure AD as identity provider, including the authorization code flow with user consent and the client credentials flow for machine-to-machine access.
Explore Azure AD setup for API management by creating resource and client apps, configuring client ID and secret, defining scopes, and granting access for OAuth 2 authentication.
Configure OAuth 2 parameters in Azure AD for API Management by supplying client id, client secret, and scope. Validate the token with aud and scope claims and test with Postman.
Enforce OAuth 2 authentication using Azure AD for a demo conference API, configure app registrations, scopes, and a JWT validate policy, then test with Postman.
Navigate the developer portal to test, discover, and subscribe to APIs, and manage sign up pages and users. Enable CORS, manage starter and unlimited subscriptions, and test with JWT authentication.
Learn how to control product visibility in the developer portal by assigning users to groups (developers, guests, administrators) and configuring integration product access, including custom groups.
Create an OAuth 2 server in the developer portal to connect to Azure AD, then enable the authorization code flow in api security for testing via the test console.
Authorize the developer portal test console with Azure AD as the OAuth 2.0 server to acquire a JWT token for API calls via authorization code flow.
Configure Azure AD B2C as an OAuth2 server to authorize external users to access the colors API, including tenant creation, app registrations, and scope setup.
Implement AD and B2C identities in the developer portal, redirect anonymous users to sign-in, and enable external and internal sign-in via OAuth2 client credentials for secure API access.
Configure external user sign-up and sign-in with Azure AD B2C in the API management developer portal, enabling guest users to sign up, authenticate, and access colors API with JWT tokens.
Configure Azure AD identity in the developer portal, including the client id, client secret, and redirect URI, then sign in users and call APIs with JWT using defined scopes.
Explore real-world OAuth2 use cases, from JWT authentication and test consoles to single sign-on with Azure AD and B2C, linking identity providers like Google, Facebook, and Okta.
remove sensitive response headers and mask backend urls using outbound policies in api management, test with a demo conference api, and replace backend urls with the frontend api url.
Discover how to authenticate with client certificates for backend and API management by creating and configuring a Key Vault, enabling managed identities, and implementing certificate-based policies.
Learn to implement basic authentication with backends in Azure API Management using policies and named values, including base64 comparison of the authorization header.
Explore what CORS is, how browsers enforce it, and how to enable an origin in Azure API Management to allow cross-origin requests from a front-end.
Explore protocol ciphers and Defender in Azure API Management, noting TLS 1.2 is default and Defender for Cloud protects API lifecycles and classifies data.
Explore Azure API Management networking options, including external and internal VNet injection, application gateway with WAF, private endpoints, and front door for secure, scalable API access.
Inject api management into an external vnet by creating a region-aligned vnet with a dedicated subnet, adding a network security group, and configuring TCP service-tag rules and a public IP.
Inject the api management into an internal vnet by provisioning a private ip and mapping hostnames via dns or hosts to it, so endpoints stay within the vnet.
Integrate an Azure application gateway with API management inside a VNet to expose selected external APIs via a fronting gateway while discarding internal-only requests, with path-based routing and health probes.
Enable DDoS protection on your VNet to shield the Azure API Management instance, and leverage Azure Front Door and WAF for security.
Establish private endpoint connectivity between API management and your VNet using private links, so traffic flows over the Microsoft backbone instead of the internet, with optional public network access disabled.
Configure azure front door to provide global http load balancing and cdn for API management, with waf, ddos, and bot protection, and place API management behind the front door.
Create dev and prod api management services in West India with managed identity, set up dev and prod environments in GitHub, configure secrets, extractor and publisher workflows for deployment.
Learn to run the extractor tool to import APIs, named values, back ends, and policies, generate artifacts, and promote changes from dev to production via GitHub Actions.
Follow the publisher workflow deploying changes to api management production and verify what migrated, including subscriptions, policy fragments, named values, and secrets migration gaps.
Learn to override environment-specific named values in Azure API Management, including plain values and secrets, using configuration dot prod YAML and key vault secrets in dev and prod workflows.
Override Azure api management backends with a prod config file, migrating secrets and named values. Validate production function apps by updating backends and testing the apis end-to-end.
Learn to route API management services to environment-specific loggers using production config, wire Application Insights for dev and prod, and manage secrets via named values in CI/CD pipelines.
Override API level properties using the environment config file and migrate diagnostic settings to production, demonstrating display name, path suffix, and application insights integration for Azure API Management Masterclass.
Extract API changes with an extractor config to target conference API, enabling teams to push isolated updates. Update extractor yaml, run the workflow, and deploy from dev to prod.
Learn APIOps strategies for multiple teams by adopting multi-repo setups with team-specific extractor configs, isolating API access, and scaling through customized pipelines and per-API repositories.
Demonstrate a code-first azure api management workflow in vscode, cloning the api ops repo, editing api information, and merging changes to dev and prod via pipelines.
Learn how scale units and capacity metric affect throughput and scaling decisions in Azure API Management, from developer to standard and premium, including serverless consumption tier autoscale.
Explore how Azure API management rolls out platform updates via canary and pilot regions. Learn to monitor with activity log events and alerts, and review breaking changes and retirement notices.
Explore fault tolerance in Azure API management with zone redundancy and multi-region deployment in premium tier, using regional gateways to boost availability and reduce latency.
Explore how premium Azure API Management enables zone redundancy with availability zones, multi-region deployment, and auto scaling based on capacity metrics to ensure resilient API delivery.
learn to implement disaster recovery for Azure API Management with backup and restore, understand RTO and RPO, enforce tier-matched backups, and simulate production to pre-prod environments.
Authenticate with Azure rest api using a service principal to obtain a bearer token, then call management.azure.com endpoints to list resource groups for backup, restore, and recovery of deleted instances.
Back up and restore an Azure API Management service across regions using a storage account and managed identity, via REST endpoints and Postman, with IAM roles and activity logs.
Restore an Azure API Management service to another region using a backup, noting name changes, overwritten APIs and named values, and monitor progress via the restore endpoint and activity log.
Recover a soft-deleted Azure api management service within a two-day window using rest endpoints with restore true, and understand the compute platform and Stevie versioning.
Explore Docker for APM and its impact on backend failover across regions, and learn to implement policies for regional failover, retries, and caching to reduce downtime.
Explore how to set up a custom domain for Azure API management, configure text and CNAME DNS records, manage certificates in Key Vault, and test the gateway.
Provision a self-hosted gateway as a containerized Linux image from the Microsoft Artifact Repository. Provision with AKS and manage production using version tags, while planning hybrid or multi-cloud connectivity.
Learn the basics of images, containers, and Kubernetes, including pods, services, and YAML manifests, to build and manage a self-hosted gateway on AKS.
Learn to pull Docker images, run an nginx web server in a container, map ports, and mount volumes, building familiarity with containerized apps and Azure API gateway on AKS.
Provision a self-hosted gateway on Azure Kubernetes Service (AKS) using a Kubernetes manifest. Configure deployment and service objects, including a headless service for instance discovery, and validate with kubectl.
Onboard and test APIs on the self-hosted gateway, verify via postman, compare with the managed gateway, and monitor metrics while using DNS or custom domain for access.
Understand Microsoft policies for self-hosted gateway, including supported image versions and premium tier implications, plus the Azure responsibility split with shared and own roles.
Clean up resources in resource groups after Kubernetes deployment, including public IPs, VM scale sets, and load balancer; remove custom gateway and onboard the managed gateway in Azure API Management.
Master querying Azure api management gateway logs with kql, switch to kql mode, filter by api id and response code, and save or export queries for observability via log analytics.
Configure log analytics workspace and diagnostic settings to ingest, query with Kql, and stream API management logs, with resource-specific tables, retention and cost controls.
Configure application insights in your api management service and link it to Log Analytics workspace. Explore application map, live metrics, availability, failures, and performance insights to monitor and troubleshoot APIs.
Explore Azure API Management analytics and metrics in classic and modern views, filter by time range, and monitor requests, failures, unauthorized requests, and response times.
Configure and monitor alerts in Azure API Management by creating alert rules, action groups, and alert processing rules with lookback periods and signal-based filtering.
Learn to create and customize Azure API Management workbooks that combine text, metrics, and queries into interactive dashboards, including failure analysis and configurable visualizations.
Explore how Azure Monitor unifies observability, monitoring, and logging across apps, VMs, storage, containers, and networks, with Application Insights, Log Analytics, metrics, alerts, and health advisories.
Note that this course doesn't require any prior experience on API, API Gateway or Azure. Necessary basics are covered in the course. Learn the feature-packed Microsoft Azure API Management Service with this HANDS-ON DRIVEN course.
Azure API Management is Platform-as-a-Service (PaaS) offering from Microsoft which provides low-code unified cloud platform for implementing API Gateway on HTTP services and managing complete lifecycle for the APIs.
This course is carefully structured to make sure it provides a holistic learning journey for anyone wanting to explore the numerous configurations, functionalities and use-cases of Azure API Management Service
New to Azure, Cloud or APIs? No worries.
Curated for everyone - beginners & experienced
Covers the necessary Cloud and API fundamentals in dedicated sections
Explore Azure APIM essential concepts and features, then organically dive into advanced features and implementations with subsequent sections
Familiar with Azure and/or APIs but not with API Management?
Somewhat familiar with API Management?
GOOD !
Now explore with me all the flavours of this feature-packed API Management Service.
Go from Beginner/Intermediate to EXPERT!
To make our APIM Service Implementation and Architecture robust, we'll implement various solutions using other tools and services.
So join me to implement API Management and also explore some other related services along the way:
App Registrations, OAuth2 Flows and Azure AD (Microsoft Entra ID) for delegated authentication and security
Azure Application Gateway, Front Door, Private Endpoint, VNets, NSGs for APIM Networking
GitHub Actions for APIOps Implementation
Docker Containers and AKS (Azure Kubernetes Service) for deploying Self-hosted Gateway
Azure Management REST API for Operations e.g. backup, restore & recovery options
Azure Key Vault, Managed Identity, Custom Domains, DNS, Blob Storage, VMs etc.
Microsoft Azure is fastest growing major Cloud Platform and this API Management offering is one of the most popular and widely used API Management Solution for a variety of IT organizations.
I've created this course out of my passion for teaching & technology. Having spent 14 years working in Enterprize Integration and all its flavours (APIs, ETL, EDI, Streaming etc), this service seemed like a good starting point to bring to you some crucial aspects of what I've learnt from project implementations in both Integration and Cloud. I am confident that this practical guide would help tremendously whether your goal is just learning or whether you want to implement the service in your own organization.
Happy Learning !!