API Management Flashcards

1
Q

What is Azure API Management?

A

An Azure service to create consistent and modern API Gateways for existing back-end services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the main components of API Management?

A

API Gateway
Azure Portal
Developer Potal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the API Gateway?

A

Accepts API calls and routes them to your backend

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the Developer’s Portal in API Management

A

Web user interface for developers where they can read API documentation
(includes testing?)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the 4 API capabilities?

A

(1) Accepts API Calls and routes them to your backend services
(2) Verfiy keys, tokens, certificates and other credentials
(3) Enforces usage quotas and rate limites
(4) Caches backend responses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Name the 4 Azure Portal’s Capabilities in API Management?

A

(1) Define or import API Schemas
(2) Set up policies like quotas or transformation on the API’s
(3) Package API into Products
(4) Manage Users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Name the 4 capabilities of Developers Portal in API Management?

A

(1) Read API Documentation
(2) Create an account and subscribe to get API Keys
(3) Test the API
(4) Access Analytics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is versioning?

A

You can use versions to handle changes with breaking changes
i.e., https://myapi.com/weather/city/v1
https://myapi.com/weather/city/v2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is revisions?

A

Revisions allow you to make changes to the APIs in a controlled and safe way, without disturbing your API Consumers

Each version can have multiple revisions, just like a non-versioned API. You can use revisions without using versions, or the other way around

i.e., https://myapi.com/weather/city;rev=2

Typically versions are used to separate API versions with breaking changes, while revisions can be used for minor and non-breaking changes to an API

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are products?

A

Products are how APIs are surfaced to developers, can have one or more APIs, contains titles, description and terms of use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are Groups?

A

Groups are used to manage the visibility of products to developers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What type of products are there in API Management?

A

Products and be Open or Protected. Protected products must be subscribed to before they can be used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the API Management Groups?

A

(1) Administrators
(2) Developers
(3) Guests

Administrators can create custom groups as well

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the role of an Administrator in API Managment Group?

A

(1) Manage APIs
(2) Creating the APIs
(3) Creating the operations and products

I would include setting policies, quotas, rate limites, security etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the role of a Developer in API Management?

A

Developers are granted access to the developers portal and build applications to consume the APIs

Developers can be created, invited or sign up.
Each developer is a member of one or more groups and can subscribe to the products that grant visibility to those groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the role of the Guest in API Managment?

A

Unauthenticated developer users with certain read-only access but cannot call the API’s

17
Q

What are the 4 basics steps to create an API

A

(1) In API Management, go to API’s and click on add API
(there will be several options but use OpenAPI option)
(2) You can upload your swagger.json file that describes the API
(3) Add Display Name and Name
(4) Publish

18
Q

What are the two Product types

A

(1) Starter
(2) Unlimited

Starter => no admin approval needed, but weekly limits
Unlimited =>admin approval needed, unlimited access

19
Q

What key is required by API Management?

A

Ocp-Apim-Subscrition-Key

Added as header in request

20
Q

What are policies in API Management?

A

Allows to change the behavior of the API through configurations.

Policies are a collection of statements that are executed sequentially on the request or response of an API

21
Q

What are the policy types in API Management?

A

(1) Access Restriction Policies
(2) Advanced Policies
(3) Transformation Policies
(4) Caching Policies

22
Q

What do polices do in API Managment?

A

(1) Format responses
(2) Restrict the amount of incoming requests
(3) Enforces existance/values on a HTTP header
(4) Caching responses

23
Q

What are the features of Advances policies in API Managment?

A

(1) Mock Responses
(2) Forward requests
(3) Retry
(4) Set Request Methods
(5) Trace

24
Q

What are some of the characteristics of Transformation Policies?

A

(1) Convert XML to JSON
(2) Convert JSON to XML
(3) Find/replace a string in response
(4) Set backend services (change the backend service called)
(5) Set query string parameter (add, replace, or delete a parameter)

25
Q

What does Caching Policy do in API Management?

A

(1) Stores to Cache
(2) Gets from Cache
(3) Remove value(s) from Cache

26
Q

What does Caching Policy do in API Management?

A

(1) Stores to Cache
(2) Gets from Cache
(3) Remove value(s) from Cache

27
Q

What are the scope types?

A

(1) Global
(2) Product
(3) API
(4) Operation

28
Q

When do polices execute?

A

(1) Inbound
(2) Backend
(execute on backend service before being sent back to the API Managment)
(3) Outbound
(4) Error

Polices are inherited. This means policies at the Global level with be overrided and the API Level

29
Q

What are the caching paramete types?

A

(1) vary-by-developer
(true => will cache response PER developer account and not on Subscription Key)
(2) vary-by-developer-group
(true => will cache responses PER user group)
(3) caching-type (internal provided by API Management)
(4) duration

30
Q

NOTES

API’s can be set up to use subscription key and certificates

A

Certificates are added to the inbound policy. The thumbprint of the certificate is added.

It is my undestanding at this time you still need the subscription key if your using certificate. The certificate providers more security