>> Hey friends, did
you know that as Azure API Management handles more than 77 billion API requests each month and that number of API requests is doubling
every six months. Miao is here to show us how easy it is to publish, manage, secure and analyze your API in minutes today on Azure Friday. Hey friends, I'm
Scott Hanselman and it's another episode
of Azure Friday. I'm here with Miao Jiang
to talk about some of the new features in Azure
API Management. How are you? >> Good. How are you? >> So, what's new? >> So, first for all just
a quick product refresher. So, Azure API Management is a service that helps
our customers to publish, secure, analyse and
manage their APIs. Some of the common
use cases are, first, to create an enterprise
API catalog and provide a central place
for people to discover, onboard and consume your APIs. It's often used together
with Azure Service Bus, Logic Apps and
Events-Grid to create an enterprise wide
integration platform. Some other use cases
are mobile enablement, basically exposing your APIs
to mobile and IoT devices. Also, emerging scenario is to use API management to create an API gateway for your microservices and
the serverless applications. So, our team has
been super busy and shipping features that
our customers want. Today, I'm going to demonstrate three new features that
we shipped recently. The first one is called
Versions & Revisions. Basically, this is a feature
that helps our customers to better manage
the life cycle of their APIs. So, there are two concepts here. There are API
Versions & Revisions. So, Versions is something that the consumers of
my API are aware of, and basically I create a new version of my API and
then make changes to it. And it's up to
the consumers of my API to decide when they are ready
to adopt a new version. And then there is Revisions. It's something that only
the API publisher is aware of. And I can create a new revision
with changes to my APIs and it will be private to me as the publisher of the API
until I publish it. So, it allows me
to make changes to my APIs in a private
and a safe way. So, let's see how that works. >> Sure. >> So, let me jump to my API management instance
and lets go to APIs. And here is a list of my APIs. As you can see, I have one API called the
Demo Conference API. Basically, it's
a very simple API that returns some data about this conference
such as speakers, sessions and so forth. So, let's first give it a try in the test console to make sure
everything is working. Okay, I just made a call to this operation and
everything works. So, the next thing
I want to do is that I want to make
a change to this API. I want to add a new
operation under this API. So, as we know, adding
a new operation is not a breaking change. So, I do not need a version,
or need a new version, for this API but I do want
to make this change in a private and a safe way and only publish it when
everything tests out. So, let me first go
ahead and create a new revision for this API. So, to create a new revision,
lets go to "Revisions" tab. As you can see,
currently there is only one revision under this API and it is
the current revision. This is what people will
see when they come to the developer portal of
my API management instance. So, to create a new revision, let me just click "Add revision" and add
a note for myself, "add a new operation". Okay, so now we can see that I have two revisions
under this API, but revision one is still
the current revision. So, let's go back to
the "Design" view and then make sure I
am on revision two. So, now I can go ahead
and add a new operation. Let me click on "Add operation". Let's say, the operation
I want to add is called "Get top speaker". Basically, it returns
the top speaker for this conference
based on ratings. I'm also going to use
the response mocking feature, which allows me to create an operation that returns
mocked responses. So, I don't have to necessarily
hook up with the backend. >> Yes, that was
my next question. What about the developer
who's making this thing? They may not have created it yet. >> Exactly, with
this feature,I can immediately unblock
the front end developers who need to use this operation, while my backend developers
do work around the code. >> Interesting, but that front end developer
is really making a real HTTP call
to a real server. In this case, it's API management that's
doing the mocking. >> Exactly. So I'm going to create a mocked response here. It will be HTTP 200. And here I'm going to provide the sample response. Let's
say its "application/json". And lets say the name of the best speaker is
Miao Jiang, shamelessly. Great. Okay, so now this new
operation has been created. >> Okay. >> The last step I need
to do is basically enable mocking using that response
I just created. Okay, so everything's good. Let's go back to the test
console and give it a try. >> It's really convenient that you can test it directly
from the portal. I noticed that you're not switching back and forth between the portal and somewhere like Postman, even though you could. >> Exactly. We have
a test console embedded in
this admin experience. >> Yes, it's great. >> As you can see, I
just made a call to this new operation and I got a response from this
mocked response I created. Okay, so everything looks good. So, now I'm ready to publish this revision to be
the current revision. >> So you were doing all
of that as a private-. >> Exactly, and to prove that, let's go to the developer portal. This is where the consumers
of my APIs will come. If I go to the "APIs" and go to the
"Demo Conference API", as you can see that "Get top speaker"
operation is not here. >> Right. >> So, now we are ready to
publish this new revision. Let's go back to
the "Revisions" tab and click on the three dots here, and lets say "Make current". >> Interesting, I noticed
that you have the choice of making current and making
a version from that. >> Exactly. I can also create a new version based
on this new revision. >> So, it's really up to you and API management enables you to express semantic versioning for your API, however
you choose to. >> Exactly. We're going to
have super flexible, okay. So, I can also provide a
"Change log" for this change. Okay, so now I can see revision two as
the current revision. So, if we go back to
the developer portal, if I refresh this page, you can see that that new
operation has appeared here. >> That happened immediately. >> Immediately. That's
right. So, the next thing I want to do is let's say for some reason I want to make a breaking
change to my API. Let's say, I need to remove
that new operation which was created just because people are jealous that Miao
is the best speaker. So, let me go back to
the design view actually. So, to create a new version of this API, it's super simple. I just click on the three dots
here, next to my API. >> Right. >> I say "Add version". So first of all, we need to provide a name
to this new version. I just call it "v2". And in terms of
the versioning scheme, we made it super flexible. So you can have your version identifier
wither in the "Path", in the "Header" or in
the HTTP "Query String". Okay, so in this case,
let's just keep it simple. Lets keep it in the "Path". >> Okay. >> Okay, and for
the version identifier again, you can use any
semantics you want. You could have code "v1", "v2" or use a date or
any semantics you want. So in this case,
I'll just call it v2 and just add it to a product, so we can use it. Okay, "Create". So now, under the
"Demo Conference API", you can see I have
two versions now. I have the original
version and "v2". So, currently "v2" is exactly the same as
the original version because it's just a replica
of the original version. And now we can go to "v2"
and then make changes. So, let's go to "v2".
Let's say I'm going to delete this new operation. >> Which would break anyone who is using the original one, if you removed it
from the original. >> Exactly. Yes. So, just
removed this operation in v2 and if I go back to
the original version, you can see that
operation is still there. So, people who have been using this operation will
not be broken. If we go to the developer portal, if I go to the API's page, you can see under
Demo Conference API, It also shows there are two
versions original and v2. If I go to a v2, that operation is gone and if I go to original, the operation is still there. So, this is versions
and revisions, It really allows
API publishers to roll out changes to the APIs
in a safe way. >> This is something that
can be used for, of course, all the services people have, but also their microservices and things that they're putting
together of any kind. This is the front end
to all of your APIs. >> Exactly, exactly. So, the second feature I
want to demonstrate today is our integration with
Azure Application Insights. >> Okay. >> So, basically it allows
API management to send telemetry data from
your API management instance to Azure Application
Insight's instance. So, that you can monitor
and troubleshoot your API using Azure
Application Insights. So, let me go back to
my API management instance. So, to enable this
integration, first of all, you need to go to the
Application Insights view here, tap here. Basically, this allows you to
create a connection between your API management instance and your Azure Application
Insights instance, as you can see, I already have one connection created here, to add a new connection
I just click on the add button and I can pick my API Insight instance from here and provide a description
and that's it, right? So, I'm not going to do that here because I already
have a connection, and next if I go back
to the APIs view. >> Okay. >> So, if I go to "All
APIs", go to "Settings", we have a bunch of settings
to allow you can show what and when to log telemetry
to Azure App Insights. For example, you can select which Application Insights instance you want to send
the telemetry to, right? Also, you can show
the telemetry sampling. So, basically you can
reduce the volume of data that we sent
to Azure App Insights. >> It might turn it down to
every other or every 10th, If you felt that your APIs were producing
too much telemetry. >> Exactly, exactly. Let's say if you reduce
the sampling rate to, let's say, 20 percent, but you still want telemetry
when there is an error. >> Of course. >> So, we have a checkbox here, called "Always log error". So, basically this allows you to always send a telemetry when there's an I'd
run this condition. For example, if the backend
times out or if the backend returns an unexpected
response code. We are currently making
changes to our APIs. So, these were applied
to all the APIs, but it can also have this settings for
each individual API, okay? So, now I already have
Azure ping sites enabled. So, if I go to my
App Insight instance. There are a few things here
that are really useful, the first one is
the Application map, which gives me a quick, high level overview of
how my APIs are doing, if they are a healthy
or not, right? >> I've used Application Insights extensively for App Services. I can tell people it's amazing, just being able to turn this on. It's so great that you in API management have turned it on. You get so much
information like you get this diagram for free. >> Yes. I love it. Yes. >> You don't have to
do anything. You check the box, you set it up, and look at all the context and information that you
get. It's so valuable. >> Exactly. Yes. This is
a really useful feature. So, here we are looking
at the application map off my APIs, right? >> Okay. >> You can see
my API management instance is deployed into two regions and the traffic doesn't look super healthy here. For example, in
the West US instance. Here, you can see 16 percent of the incoming request
are failing, right? So, if I click on a node,
I can quickly see, oh, here are the top
failing requests. One of them is
the conference API. >> Right. >> The session is operation. If I click on that I can see
the failure rate over time. If I click on the top
three response code here, I can see some of
the recent request. If I keep zooming in, it will show me what
exactly is the exceptions. So, I can see, oh, this APIs discourse are failing because people are using
invalid API keys, basically. >> Yes. It's so valuable.
I'm just as a fan of Application Insights
and API management. If you scroll down
here at the bottom on the right hand side, it's got things like, show me the telemetry slightly
before and slightly after. >> It's okay. >> You can just turn
it on and it's going to take all those
great APIs that you're making available in
API management have so much more intelligence
behind them, it's such a great feature. >> Yes. >> I love that you've
made this possible. >> Yes. >> Okay. So, the next thing
I want show here is the live metrics,
live dashboard. So, basically it gives
you a real time view of your API traffic. So, imagine if you just
released an API and you can see traffic coming in real time.
It's super cool, right? So, let's go back to
my API management instance and go to our conference API. Let me just try to
make a few calls. >> Yes. I can imagine releasing a product and everyone
seeing around a big television watching the live dashboard API
that just went live. >> Yes. >> Very exciting time. So, you're making calls from your test here. >> Yes. So, if I go back. >> A fake load testing there and there they are, instantly. >> Instantly. Yes. >> Yes. When we say live. We're not joking,
that means live. >> Exactly. All right. So, this is the live dashboard. The next thing I want
to show you here is the "Metric Explorer". So, basically it
allows me to quickly create custom charts based on telemetry we send
to a Bing site. For example, I can
add a new chart here and let's say I want to look at the number of requests
to the API backend. I can have dependency calls. >> Dependency calls are
super useful because you're getting to see
who's downstream with you. >> Exactly. >> Okay. These charts and
these Metric Explorers are so great because you
can then pin them on your dashboard and view
them from anywhere. >> Exactly. The reason it's not showing charts is
because I have select. I was futuring by
only a single API, which has no traffic. Sorry. >> Okay. So, you apply those
and then refresh that. >> There we go. >> There it is. >> Yes. Over almost 3,000 requests right there,
updates like that. >> Right. Exactly. I
can quickly navigate or explore the metrics based
on the telemetry data. >> I see everyone who's using API management should
turn on App Insights. The two products complement
each other so nicely. >> Totally. Yes. So, my favorite featuring
App Insights here is, they are powerful query engine, which allows me to quickly
go into a live stat issue, or troubleshooting my APIs. So, for example, let's
say it's 2:00 AM in the morning and I got a call from one of
our customers say, ''Hey, I'm getting 400 or 500 Azure Sphere
responses for your API. What's going on?'' So, I can easily go to App
Insights and go to "Analytics" here and query all the telemetry that we sent to App Insights. >> All Right. If you already know how to do these queries, it's the same language that you use across any Azure resource. >> Exactly. Yes. So, let's say the first thing I
want to do here is, I want to query
all the requests where result code is not 200
in the last 24 hours. >> Nice. >> Okay. So, here
we got one here. >> Yes. >> You can see DC
is the temperature. >> One of those 401s that we saw. >> Yes. So, if I copy the operation ID and
then query exceptions, where a person ID equals to that. Sorry. Spaces. >> It's always the spaces. >> There you go. >> Yes. >> We saw, the exception
for this request. >> Access denied due to
invalid subscription key. >> Exactly. >> In that much time
you were able to dig into an exception and understand
exactly what we want. >> Exactly. >> Yes. >> So, this is our intuition
was App Insight super useful for troubleshooting
and monitoring your APIs. The last feature I want to demonstrate here is
called Entity tags. This creates a feature
that allows API publishers to assign task to your
APIs and operations. So, this is useful because it helps them to better organize and present your APIs on
a developed portal and also it improves their
searchability of your APIs, both in the admin portal and
in the developer portal. >> So, important once you have more than a few dozen operations. >> Exactly. Yes. So, let me
show you how that works. So, let's go to
my demo conference API. If I go to "Settings", as you can see I've
already tagged it. Was a tag code called events. For example, my HTTP Bin API, I have tagged it with
a tag called Utility. Basically, I'm tagging my
APIs based on the usage. >> Yes. >> So, after I've
tagged them my APIs, one thing I can do
here is I can future my APIs here in admin portal
based on those tags. For example, I can quickly show all my APIs that are for events. If I go to the developer
portal here, go to the APIs page, again, developers can also
search my APIs based on tags. But, one good thing here
is that it can also view my APIs grouped by the tags.
So, I show right here. So, here you can see
all the APIs are now grouped according
to their tags. So, that if I have
dozens of APIs, developers can quickly find
APIs that are useful to them. >> Very cool, it
gives a functional crosscutting view even though you might have a lot
of different APIs run by different teams, everything that is events or everything that is
utilities can be seen. >> Exactly. >> Fantastic. So, are all
of these things available and ready to be
looked at right now? People can use these? >> Yes. Yes. >> Fantastic, we're
learning about all kinds of great new features in Azure API Management that you can use in your services and
your microservices and help you integrate across
all Azure products. We're learning about that
today on Azure Friday.
