Synchronize APIs from an API Management instance
This article shows how to create a link to an API Management instance so that the instances's APIs are continuously kept up to date in your API center inventory.
About linking an API Management instance
Although you can use the Azure CLI to import APIs on demand from Azure API Management to Azure API Center, linking an API Management instance enables continuous synchronization so that the API inventory stays up to date.
When you link an API Management instance as an API source, the following happens:
- All APIs, and optionally API definitions (specs), from the API Management instance are added to the API center inventory.
- You configure an environment of type Azure API Management in the API center.
- An associated deployment is created for each synchronized API definition from API Management.
API Management APIs automatically synchronize to the API center whenever existing APIs' settings change (for example, new versions are added), new APIs are created, or APIs are deleted. This synchronization is one-way from API Management to your Azure API center, meaning API updates in the API center aren't synchronized back to the API Management instance.
Note
- There are limits for the number of linked API Management instances (API sources).
- API updates in API Management typically synchronize to your API center within minutes but synchronization can take up to 24 hours.
Entities synchronized from API Management
You can add or update metadata properties and documentation in your API center to help stakeholders discover, understand, and consume the synchronized APIs. Learn more about Azure API Center's built-in and custom metadata properties.
The following table shows entity properties that can be modified in Azure API Center and properties that are determined based on their values in a linked Azure API Management instance. Also, entities' resource or system identifiers in Azure API Center are generated automatically and can't be modified.
Entity | Properties configurable in API Center | Properties determined in API Management |
---|---|---|
API | summary lifecycleStage termsOfService license externalDocumentation customProperties |
title description kind |
API version | lifecycleStage | title |
Environment | title description kind server.managementPortalUri onboarding customProperties |
server.type |
Deployment | title description server state customProperties |
server.runtimeUri |
For property details, see the Azure API Center REST API reference.
Prerequisites
An API center in your Azure subscription. If you haven't created one, see Quickstart: Create your API center.
An Azure API Management instance, in the same or a different subscription. The instance must be in the same directory.
For Azure CLI:
Use the Bash environment in Azure Cloud Shell. For more information, see Quickstart for Bash in Azure Cloud Shell.
If you prefer to run CLI reference commands locally, install the Azure CLI. If you're running on Windows or macOS, consider running Azure CLI in a Docker container. For more information, see How to run the Azure CLI in a Docker container.
If you're using a local installation, sign in to the Azure CLI by using the az login command. To finish the authentication process, follow the steps displayed in your terminal. For other sign-in options, see Sign in with the Azure CLI.
When you're prompted, install the Azure CLI extension on first use. For more information about extensions, see Use extensions with the Azure CLI.
Run az version to find the version and dependent libraries that are installed. To upgrade to the latest version, run az upgrade.
Note
az apic
commands require theapic-extension
Azure CLI extension. If you haven't usedaz apic
commands, the extension can be installed dynamically when you run your firstaz apic
command, or you can install the extension manually. Learn more about Azure CLI extensions.See the release notes for the latest changes and updates in the
apic-extension
.Note
Azure CLI command examples in this article can run in PowerShell or a bash shell. Where needed because of different variable syntax, separate command examples are provided for the two shells.
Add a managed identity in your API center
For this scenario, your API center uses a managed identity to access APIs in your API Management instance. Depending on your needs, configure either a system-assigned or one or more user-assigned managed identities.
The following examples show how to configure a system-assigned managed identity by using the Azure portal or the Azure CLI. At a high level, configuration steps are similar for a user-assigned managed identity.
- In the portal, navigate to your API center.
- In the left menu, under Security, select Managed identities.
- Select System assigned, and set the status to On.
- Select Save.
Assign the managed identity the API Management Service Reader role
To allow import of APIs, assign your API center's managed identity the API Management Service Reader role in your API Management instance. You can use the portal or the Azure CLI.
- In the portal, navigate to your API Management instance.
- In the left menu, select Access control (IAM).
- Select + Add role assignment.
- On the Add role assignment page, set the values as follows:
- On the Role tab - Select API Management Service Reader.
- On the Members tab, in Assign access to - Select Managed identity > + Select members.
- On the Select managed identities page - Select the system-assigned managed identity of your API center that you added in the previous section. Click Select.
- Select Review + assign.
Link an API Management instance
You can link an API Management instance using the portal.
- In the portal, navigate to your API center.
- Under Assets, select Environments.
- Select Links (preview) > + New link.
- In the Link your Azure API Management Service page:
- Select the Subscription, Resource group, and Azure API Management service that you want to link.
- In Link details, enter an identifier.
- In Environment details, enter an Environment title (name), Environment type, and optional Environment description.
- In API details, select a Lifecycle stage for the synchronized APIs. (You can update this value for your APIs after they're added to your API center.) Also, select whether to synchronize API definitions.
- Select Create.
The environment is added in your API center. The API Management APIs are imported to the API center inventory.
Delete a link
While an API Management instance is linked, you can't delete synchronized APIs from your API center. If you need to, you can delete the link. When you delete a link:
- The synchronized API Management APIs in your API center inventory are deleted
- The environment and deployments associated with the API Management instance are deleted
To delete an API Management link:
- In the portal, navigate to your API center.
- Under Assets, select Environments > Link (preview).
- Select the link, and then select Delete (trash can icon).