Unified Catalog just got more awesome! Part 1: Integration with Microsoft Azure

For a while now we have been advertising how you could leverage the v7 Manager and AWS discovery agents publish your APIs to the environment grouping view in AMPLIFY Central and then promote them to the Unified Catalog to be discovered and consumed. In this blog post, we will explain how to discover APIs from Azure API Management and configure custom approval flows, by leveraging the AMPLIFY CLI, Integration Builder and collaboration tools such as Microsoft Teams.

If you:

  • Have APIs that are spread across multiple vendors.
  • Have multiple gateways environments.
  • Are lacking visibility into all your integrations assets and need to have a holistic view of all your APIs.
  • Need to implement a multi-step approval process and integrate with third-party tools.
  • Note of the above, but still you want to read about the newest and coolest Unified Catalog capabilities.

Then you should continue reading!

In this post, we will breakdown the demo and review the components. In future blog posts, we will dive deeper into each individual component.

The basic use case is as follows:

 API Provider

  • Will publish APIs from Azure API Management into the Unified Catalog via script.  Those APIs will require manual approval of subscription requests from consumers.
  • Is notified in Microsoft Teams, when there is a new subscription request and will where approve or reject the request.

API Consumer

  • Discovers the API in the Unified Catalog and request access by subscribing.
  • On approval, a subscription key will be created in Azure API Management and the key will be sent to the API Consumer’s email. After the key has been sent, the state of the Subscription in Unified Catalog gets updated to Active and the Consumer can now use the API with the key that was received over email.
  • Can cancel the subscription from the Unified Catalog. When canceled, the subscription in Azure Management will be removed and the state of the Unified Catalog will be updated to unsubscribed, indicating the consumer will no longer be able to use the API with the key received.

 

The technologies that were used in the demo:

  • AMPLIFY Unified Catalog as the central place to publish and discover the APIs.
  • AMPLIFY Central CLI to fetch the APIs from Azure API Management and promote them to the Unified Catalog.
  • Integration Builder to implement the logic for the subscription management and email notifications.
  • API Builder running in ARS to keep an authenticated user credentials green.
  • MS Teams for notifications and approval or rejection of subscription requests.

Azure API Management to Unified Catalog import script

This is a Node.js  script that fetches the APIs from Azure API Management and builds the resources needed to publish to the AMPLIFY Unified Catalog.  The following set of resources were configured.

  • Environment groups the set of APIs that are fetched from Azure API Management. An environment represents the logical grouping of APIs.
  • Webhookdefines the webhook URL that will be invoked to post a notification in Microsoft Teams and update the subscription in Azure API Management
  • Secret provides key value pairs of named secrets that are used to secure your webhooks. Setting a webhook secret allows you yo ensure that POST requests sent to the payload URL are from Axway.
  • ConsumerSubscriptionDefinition allows the configuration of the data needed from a consumer to subscribe to the API from the Unified Catalog.  It also has a reference to the webhook that will get invoked on subscription, and it is referenced in the ConsumerInstance resources.
  • Service holds all the information needed to represent your API (image, description, markdown documentation etc).
  • ServiceRevision holds the OAS specification file. Multiple revisions can be created.
  • ServiceInstance contains the endpoints (host and port information) where the API is deployed.
  • ConsumerInstance:  contains all the details for creating the asset in the Unified Catalog. It also contains a reference to the ConsumerSubscriptionDefinition that has the link to the webhook. That means that for each Subscription Update event generated from Unified Catalog related to the Catalog Item created from the ConsumerInstance, the webhook will get invoked.

Below is the resource relationship diagram.

 

The script will fetch from Azure only the APIs that are tagged with unifiedcatalog.

Note the API is tagged with unifiedcatalog.

The APIs will be visible in the Unified Catalog and consumers can subscribe to them.

Microsoft Teams flow to Approve/Reject subscription requests

The flow will send notifications to MS team’s channel as an Active card when a consumer subscribes to the API from the Unified Catalog. The API provider can then approve or reject the subscription requests from within the MS Active card. This action will trigger the Integration Builder flow, as a post-execution step. The MS flow will also post notifications in the channel for any subscription updates,

.Here’s a screenshot of the MS Teams card.

Note the actions and the link to the API in the Unified Catalog.

API Builder Docker Container hosted in ARS

This service was create to authenticate from Integration Builder to AMPLIFY Central and keep the authenticated user credentials green.  It will expose a GET /token endpoint that will return the current access_token for the configured credentials. This access token is then used by the Integration Builder flow to allow it to call Central. The service was created with API Builder and deployed to AMPLIFY Runtime Services ( ARS ).

Integration Builder flow to update subscriptions and send email notifications

This Integration Builder flow will receive the approve or reject requests from Microsoft Teams and unsubscribe requests from Unified Catalog,  then will subscribe/unsubscribe the consumer to the APIs in Azure API Management. It will also send email notifications to the user with the key to authenticate the API calls. The flow will call the API Builder app with get a valid Bearer token, then updates the Subscription states in Unified Catalog.

Summary

Axway makes it easy for you to automate the discovery of all APIs from Azure gateway and customize the approval flow to match your complex scenarios. Further, you can leverage Integration Builder to facilitate the development of integrations to third-party systems, with little code to no code.

Watch the demo video as we break down and explain the Azure to Unified Catalog integration.