Integrate 2023 Review: What’s New With APIM?

From June 5 to 7, Integrate 2023, the world’s biggest conference on integration topics, took place. As last year, Azure API Management (APIM) was the main focus of the discussions with several sessions devoted to this component and its importance within modern cloud architectures.

This post aims to briefly summarize the new features presented regarding this key component, Azure APIM, and, in particular, the session given by Fernando Mejia, Senior Program Manager for API-related topics at Microsoft.

Integration With Postman

Postman and its tools are widely used today for API testing, observability, documentation and sharing. To improve API development, Microsoft has added the ability to directly export an API definition and then import it into Postman to create a Postman collection.

This feature will save a lot of time since creating and configuring a Postman collection for an API is currently done manually.

GraphQL Synthetics

With the growing number of use cases where you need to collect and render sparse data, GraphQL APIs offer a practical solution because they allow you to query precisely the data you want to send or retrieve.

However, many ecosystems already include Representational State Transfer (REST) and simple object access protocol (SOAP) APIs, so moving to a GraphQL model would require a huge investment. To solve this issue, Azure APIM includes synthetic GraphQL-type APIs, which are front-end APIs based on existing REST and SOAP APIs. Here, APIM acts as a resolver (see our post on GraphQL API: An Overview and Use Cases to learn more about GraphQL resolvers).

With a GraphQL synthetic API, it will be possible to expose a front-end GraphQL API to query behind the legacy APIs, whether REST or SOAP.

GA Azure APIM Self-Hosted Gateway Authentication

With Azure APIM, you can use self-hosted gateways to expose on-premise APIs. Previously, the connection between Azure and the on-premise environment was only secured by a pair of keys and token gateways that had to be renewed every 30 days.

This new feature allows the authentication of communication between the self-hosted gateway and the endpoint via Azure AD. This will make it possible to use managed identities, app registrations, custom roles and OAuth 2 features to secure the connection.

Note: The next two features that will be presented are currently preview features. As a reminder, preview services are incomplete services that Microsoft makes available to customers so they can try them out early and provide feedback.

Microsoft Defender for API (Preview)

Microsoft Defender for API can be integrated into an Azure APIM to give a single dashboard a set of tools for protecting published APIs. This provides an overview of each API, the classification of sensitive data, prioritization of risk resolution (especially with Azure Sentinel) and machine learning-based anomaly detection.

Azure API Center (Preview)

Microsoft has introduced a new Azure API Center service to keep track of all of an organization’s APIs in one place, whether they are in Azure APIM or not. This makes it easier to find, manage and reuse the APIs. This tool will give you a centralized list of APIs, regardless of their type, where they are located and used and what stage they are at in their life cycle. It will also give you information about versions, specification files and common metadata.

Integrate 2023: Key Takeaways

With the growing use of APIs within companies for various use cases, Microsoft continues to invest in its Azure APIM service to make it as comprehensive as possible.

Want to learn more about APIs? See our other posts on this subject!

And if you’d like help with your API projects, don’t hesitate to get in touch.