Application Service: API Apps

  • Author: Ronald Fung

  • Creation Date: May 9, 2023

  • Next Modified Date: May 9, 2024

A. Introduction

An API gateway sits between clients and services. It acts as a reverse proxy, routing requests from clients to services. It may also perform various cross-cutting tasks such as authentication, SSL termination, and rate limiting. If you don’t deploy a gateway, clients must send requests directly to front-end services. However, there are some potential problems with exposing services directly to clients:

It can result in complex client code. The client must keep track of multiple endpoints, and handle failures in a resilient way. It creates coupling between the client and the backend. The client needs to know how the individual services are decomposed. That makes it harder to maintain the client and also harder to refactor services. A single operation might require calls to multiple services. That can result in multiple network round trips between the client and the server, adding significant latency. Each public-facing service must handle concerns such as authentication, SSL, and client rate limiting. Services must expose a client-friendly protocol such as HTTP or WebSocket. This limits the choice of communication protocols. Services with public endpoints are a potential attack surface, and must be hardened. A gateway helps to address these issues by decoupling clients from services. Gateways can perform a number of different functions, and you may not need all of them. The functions can be grouped into the following design patterns:

Gateway Routing. Use the gateway as a reverse proxy to route requests to one or more backend services, using layer 7 routing. The gateway provides a single endpoint for clients, and helps to decouple clients from services.

Gateway Aggregation. Use the gateway to aggregate multiple individual requests into a single request. This pattern applies when a single operation requires calls to multiple backend services. The client sends one request to the gateway. The gateway dispatches requests to the various backend services, and then aggregates the results and sends them back to the client. This helps to reduce chattiness between the client and the backend.

Gateway Offloading. Use the gateway to offload functionality from individual services to the gateway, particularly cross-cutting concerns. It can be useful to consolidate these functions into one place, rather than making every service responsible for implementing them. This is particularly true for features that require specialized skills to implement correctly, such as authentication and authorization.

B. How is it used at Seagen

As a biopharma research company using Microsoft Azure, you can use Azure App Service API Apps to easily create and deploy RESTful APIs for your applications. Here are some ways you can use Azure App Service API Apps:

  1. Build and deploy APIs quickly: Azure App Service API Apps provides a quick and easy way to build and deploy RESTful APIs. You can use Azure App Service to create API Apps using popular programming languages like .NET, Java, Node.js, and Python.

  2. Secure your APIs: Azure App Service API Apps provides built-in security features such as authentication and authorization, HTTPS support, and IP whitelisting. This helps to ensure that your APIs are secure and protected from unauthorized access.

  3. Monitor API performance: Azure App Service API Apps provides monitoring and logging capabilities that allow you to track API performance and identify any issues. You can use Azure Monitor or Application Insights to monitor API performance and configure alerts for any performance issues.

  4. Integrate with other Azure services: Azure App Service API Apps can be integrated with other Azure services such as Azure Functions, Azure Logic Apps, and Azure Event Grid. This allows you to easily integrate your APIs with other Azure services and applications.

  5. Scale your APIs: Azure App Service API Apps provides automatic scaling capabilities that allow you to scale your APIs up or down based on demand. This helps to ensure that resources are used efficiently and costs are kept under control.

Overall, Azure App Service API Apps can help your biopharma research company quickly and easily create and deploy RESTful APIs for your applications. With built-in security features, monitoring and logging capabilities, and the ability to integrate with other Azure services, Azure App Service API Apps can help you streamline your application development and improve your overall agility and efficiency.

C. Features

Azure Application Service: API Apps is a fully managed platform for building, deploying, and scaling APIs. Here are some of the features of Azure Application Service: API Apps:

  1. Easy development and deployment: API Apps provides an easy and streamlined development and deployment experience for APIs. You can use popular programming languages like .NET, Java, Node.js, and Python to develop APIs, and deploy them quickly and easily using Azure DevOps or other CI/CD tools.

  2. Scalability: API Apps is designed to handle high levels of traffic and scale as your API usage grows. It provides automatic load balancing and horizontal scaling, so you can handle millions of requests per second with ease.

  3. Security: API Apps provides robust security features to help protect your API from attacks and unauthorized access. It supports OAuth2 and Azure Active Directory authentication, and provides SSL encryption for secure communication.

  4. Monitoring and analytics: API Apps provides comprehensive monitoring and analytics features to help you track API usage, performance, and errors. You can use Azure Application Insights to gain insights into API usage patterns and identify performance bottlenecks and issues.

  5. Integration with other Azure services: API Apps integrates with other Azure services like Logic Apps, Event Grid, and Functions, so you can build powerful workflows and event-driven applications using APIs.

  6. OpenAPI (Swagger) support: API Apps supports OpenAPI (formerly known as Swagger) specifications, making it easy to describe and document your API. This can help improve collaboration with other teams and third-party developers who want to use your API.

Overall, Azure Application Service: API Apps provides a powerful and flexible platform for building, deploying, and scaling APIs with ease. By leveraging its features, you can quickly build and deploy high-performance APIs that meet the needs of your organization.

D. Where implemented

LeanIX

E. How it is tested

Testing Azure Application Service: API Apps involves ensuring that the APIs are functioning correctly, securely, and meeting the needs of all stakeholders involved in the project. Here are some steps to follow to test Azure Application Service: API Apps:

  1. Define the scope and requirements: Define the scope of the project and the requirements of all stakeholders involved in the project. This will help ensure that the APIs are designed to meet the needs of all stakeholders.

  2. Create test plans: Develop test plans that cover all aspects of the API functionality, including input validation, authentication and authorization, error handling, and performance testing. The test plans should be designed to meet the needs of the organization, including scalability and resilience.

  3. Conduct integration testing: Test the APIs in an integrated environment to ensure that they work correctly with other systems and applications. This may involve testing the APIs with different operating systems, browsers, and devices.

  4. Conduct user acceptance testing: Test the APIs with end-users to ensure that they meet their needs and are easy to use. This may involve conducting surveys, interviews, or focus groups to gather feedback from users.

  5. Automate testing: Automate testing of APIs to ensure that they are functioning correctly and meeting the needs of all stakeholders. This may involve using tools like Azure DevOps to set up automated testing pipelines.

  6. Monitor performance: Monitor the performance of the APIs in production to ensure that they are meeting the needs of all stakeholders. This may involve setting up monitoring tools, such as Azure Application Insights, to track API usage and identify performance issues.

  7. Address issues: Address any issues that are identified during testing and make necessary changes to ensure that the APIs are functioning correctly and meeting the needs of all stakeholders.

By following these steps, you can ensure that Azure Application Service: API Apps is tested thoroughly and meets the needs of all stakeholders involved in the project. This can help improve the quality of the APIs and ensure that they function correctly in a production environment.

F. 2023 Roadmap

????

G. 2024 Roadmap

????

H. Known Issues

There are several known issues that can impact Azure Application Service: API Apps. Here are some of the most common issues to be aware of:

  1. Performance issues: Performance is a critical concern when it comes to API Apps. If the APIs are not performing well, it can impact the user experience and cause delays in processing requests. This can impact the overall performance of the application.

  2. Security issues: Security is another critical concern when it comes to API Apps. If the APIs are not properly secured, they may be vulnerable to attacks or data breaches. This can impact the confidentiality and integrity of the data being transmitted through the API.

  3. Scalability issues: Scalability is an important concern when it comes to API Apps. If the APIs are not designed to scale, they may not be able to handle the increased traffic and user demands that come with organizational growth.

  4. Integration issues: Integration issues can arise when integrating APIs with other systems and applications. It is important to ensure that APIs are designed to work seamlessly with other systems and applications to avoid integration issues.

  5. Compatibility issues: Compatibility issues can arise when different teams are using different tools or technologies. This can cause issues when integrating APIs with other systems and applications. It is important to ensure that all stakeholders are using compatible tools and technologies to avoid compatibility issues.

Overall, Azure Application Service: API Apps requires careful planning and management to ensure that the APIs are functioning correctly and meeting the needs of all stakeholders involved in the project. By being aware of these known issues and taking steps to address them, you can improve the quality of the APIs and ensure the success of your project.

[x] Reviewed by Enterprise Architecture

[x] Reviewed by Application Development

[x] Reviewed by Data Architecture