Getting started with API Management

API Management is a broad concept that encompasses the entire lifecycle of an API. It includes functions such as API design, documentation generation, versioning, developer onboarding, analytics, monitoring, and policy enforcement. In this turorial we will discuss the key aspects on an API Management tool, taking as example 3Scale, and we will show an example of how to use it as gateway for our MicroServices

Why should you use an API Management Solution?

An API Management provides several functionalities to your Microservices ecosystem in a centralized way. Here are some common usages on an API gateway:

Security: API Management Solutions provide robust security features such as authentication, authorization, and encryption to protect APIs and data. They help in implementing security best practices like OAuth, API keys, JWT tokens, and IP whitelisting, ensuring that only authorized users and applications can access your APIs.

Rate Limiting and Throttling: API Management allows you to set rate limits and throttle requests to prevent abuse or overuse of your APIs. This helps maintain API performance and ensures fair usage among consumers.

Monitoring and Analytics: API Management platforms offer comprehensive monitoring and analytics capabilities. You can track API usage, performance, and error rates in real-time, helping you identify and address issues promptly. Analytics also provide insights into consumer behavior and API usage patterns.

Developer Onboarding: API Management solutions typically include developer portals that make it easy for developers to discover, understand, and start using your APIs. This includes documentation, code samples, SDKs, and interactive testing tools.

Versioning and Lifecycle Management: You can manage API versions and the entire API lifecycle within an API Management platform. This includes version control, deprecation, and retirement of APIs, ensuring smooth transitions for API consumers.

Monetization: If you wish to monetize your APIs, API Management platforms can help you set up pricing models, billing, and payment gateways, enabling you to generate revenue from your API assets.

Policy Enforcement: You can enforce policies and rules on API usage, such as IP blocking, content transformation, and traffic routing. This allows you to enforce governance and compliance standards.

Cross-Origin Resource Sharing (CORS) and Cross-Origin Requests: API Management solutions can manage CORS settings to enable secure cross-origin requests, which is essential for web applications accessing APIs from different domains.

3Scale API Management

We will now show how to use an API Management tool taking as example the 3Scale Opensource project. 3scale, also known as Red Hat 3scale API Management, is a comprehensive API management platform that simplifies the creation, deployment, and management of APIs (Application Programming Interfaces).

3Scale Key Terminology:

  • Product: A collection of related APIs bundled together for easier management.
  • Application: Represents a client application that consumes your APIs.
  • Application Plan: Defines access rules, rate limits, and policies for applications.
  • Backends: Actual services or APIs that the gateway directs requests to.

Without further ado, let’s create a sample 3Scale Product to provide access to a microservice backend.

Creating a 3Scale Product API

Firstly, we need to create a Product. A Product represents a collection of 3scale objects that pertain to a specific client or group of users. From the Admin Dashboard of 3Scale select Products and add a new Product:

3scale what is a product

Our sample Product will map a Microservice that returns a list of random Cat Facts, therefore the name “CatFacts”.

Then, let’s add an Application Plan for our Product which will define the basic Pricing Rules:

api gateway tutorial

In the next step, we will define the Backend URL for our Microservice. Since the remote Microservice is accessible at https://catfact.ninja/fact , let’s map it with the following Private Backend:

what is an api gateway ?

Next step will be adding an Application to consume our Product. You can use Applications to control and manage access to your APIs, track usage, and apply policies and rate limits.

getting started with 3scale api gateway

Finally, we will create a Mapping between an URL of the API gateway with our Backend Service:

3scale tutorial

From the above configuration, the /cats Path of the API Gateway maps to the cat-backend. Note that this allows versioning and decoupling the actual remote Backend with your API Gateway.

Promoting and Testing the API Gateway

We have completed the configuration of our Cats API. Let’s promote it to the Staging APICast environment where we will test it:

3scale step-by-step tutorial

As you can see from the example curl command, when you create an application for your Product you will get an API Key to use it through the 3Scale gateway.

Let’s reach out the /cats URL from our APICast Gateway:

curl -k "https://catfacts-3scale-apicast-staging.apps-crc.testing:443/cats?user_key=fd9cbf07cfb131670f9518e30bfa4e80"

{"fact":"Kittens who are taken along on short, trouble-free car trips to town tend to make good passengers when they get older. They get used to the sounds and motions of traveling and make less connection between the car and the visits to the vet.","length":239}

As you can see from the above command, we successfully accessed a remote microservice through an API Gateway by defining a Product, an Application, an Application Plan and a remote Backend URL Address.

Conclusion

Overall, an API Management tool simplifies the management and security of APIs, enhances scalability and performance, and provides a unified entry point for clients to interact with a distributed network of backend services. It’s a crucial component in modern microservices architectures and API ecosystems.