at Financial Technnology Year
Please contact them if you have any questions.
Azure API Management from Microsoft Azure
API gateway, developer portal, policy management, analytics, and security. Features include OAuth 2.0 and OpenID Connect support, subscription management, and comprehensive logging for compliance. Includes financial-services specific security implementations and monitoring tools.
Product analysis by function
API Management Platforms for IT and Infrastructure
Software for creating, publishing, maintaining, and monitoring APIs that connect different systems within the brokerage and with external partners and clients.
More API Management Platforms
More IT and Infrastructure ...
API Design and Creation
(9 Yes /12 Known /12 Possible features)
|
Graphical API Designer Visual tools for designing APIs using drag-and-drop or similar graphical interfaces. |
Not as far as we are aware.* Azure API Management does not provide a graphical (drag-and-drop) API designer; design is code/specification-centric. | |
|
OpenAPI/Swagger Support Ability to design and import/export API specifications using OpenAPI (Swagger) standards. |
Azure API Management supports import/export of OpenAPI (Swagger) for API definitions. | |
|
Version Control for APIs Management of multiple API versions with rollbacks and comparisons. |
API versioning, rollback, and comparison are supported; documentation confirms version control. | |
|
Mock Server Generation Automatically generates mock endpoints for testing and development. |
Mock responses can be configured for testing APIs; mock-server generation is documented. | |
|
Code Generation Automatically generates server and client code in various programming languages. |
Code generation (client SDKs) is supported via integrations (ex: OpenAPI, Visual Studio/Swagger tools). | |
|
API Modeling (Data Types, Schemas) Defines and manages reusable data models and schemas. |
API schemas and reusable definitions are managed as part of API definition in Azure API Management. | |
|
SDK Generation Provides software development kits (SDKs) for multiple languages based on the API definition. |
Not as far as we are aware.* SDK generation is indirect; Azure relies on external tools for generation from OpenAPI rather than in-platform generation. | |
|
Sample Data Injection Ability to inject sample data for demonstration and testing purposes. |
Sample data can be set in mocked responses for testing in developer portal. | |
|
Dynamic Documentation Generates interactive and up-to-date documentation from the API definition. |
Developer portal generates dynamic, interactive documentation from API spec. | |
|
REST & SOAP Support Enables design and management of both RESTful and SOAP APIs for legacy integration. |
REST is fully supported, and SOAP can be onboarded for legacy integration (documented on Azure Docs). | |
|
GraphQL API Creation Provides tooling for designing and exposing GraphQL-based APIs. |
Not as far as we are aware.* Native GraphQL endpoint creation is not supported (can be proxied). | |
|
Schema Validation Offers schema validation at design-time to prevent errors in API structures. |
Schema validation is supported; OpenAPI schema validation at import time. |
API Publishing and Deployment
(11 Yes /11 Known /11 Possible features)
|
One-Click Deployment Simple and fast deployment process for making APIs live. |
One-click deployment/publishing of APIs through Azure portal. | |
|
Multi-Environment Support Supports publishing APIs across multiple environments (Dev, Test, Prod). |
Multiple environments supported (internal, external, test, production, etc.) via configurations. | |
|
Environment Isolation Ensures API deployments are isolated across environments. |
Environment isolation available through separate service instances or products. | |
|
Zero-Downtime Deployment Enables publishing API updates with no service interruption. |
Deployment strategies include no-downtime approaches (zero-downtime deployment supported via revisions). | |
|
Canary Releases Supports incremental release strategies for APIs (e.g., canary testing). |
Canary releases are supported using revisions and deployment controls. | |
|
Automated Rollback Automated rollback procedures in case of deployment failures. |
Automated rollback of APIs on failure using revisions and deployment tools. | |
|
API Gateway Integration Seamless integration with industry-standard API gateways (e.g., Apigee, Kong). |
Integrates directly with Azure API Gateway and can route to other gateways via policies. | |
|
Cloud and On-Premise Deployment Supports both cloud-native and on-premise API deployment options. |
Azure API Management can be deployed as a cloud-managed SaaS or self-hosted gateway/on-prem. | |
|
Custom Domain Support Allows publishing APIs on custom domains with SSL. |
Custom domain/SSL assignment for apis supported in Azure management console. | |
|
Multi-Region Support Ability to publish APIs across multiple geographic regions for latency optimization. |
APIs can be deployed across multiple Azure regions for latency and DR. | |
|
Auto-Scaling Automatic scaling of API instances based on demand. |
Instances can be auto-scaled according to API demand. |
API Security and Authentication
(12 Yes /12 Known /12 Possible features)
|
OAuth 2.0 Support Implements OAuth 2.0 protocol for secure delegated access. |
OAuth 2.0 protocol, including OpenID Connect, is natively supported for secure access. | |
|
API Key Management Control generation, rotation, and lifecycle of API keys. |
API key provisioning and lifecycle management is a core feature. | |
|
Mutual TLS (mTLS) Enforces two-way SSL/TLS authentication between client and server. |
Mutual TLS (mTLS) is available for client certificate authentication. | |
|
IP Whitelisting/Blacklisting Restricts API access based on source IP address. |
IP whitelisting/blacklisting is available through policy configuration. | |
|
Rate Limiting Prevents API abuse through rate limiting and throttling. |
Rate limiting, throttling, and quotas are part of the policy engine. | |
|
Quota Management Sets call quotas per client or partner for fair usage. |
Quota management is included (per subscription, product, etc.). | |
|
Single Sign-On (SSO) Supports integration with corporate SSO for authentication. |
Azure AD and SSO integrations are supported for portal authentication. | |
|
JWT (JSON Web Token) Support Supports authentication with JSON Web Tokens. |
JWT authentication is natively supported by Azure API Management. | |
|
Encryption of Data in Transit Ensures all data sent via API is encrypted in transit. |
All API traffic can be encrypted in transit (TLS/SSL). | |
|
RBAC (Role-Based Access Control) Enforces granular access controls based on user/role. |
Role-based access control (RBAC) available for both management and developer portal. | |
|
Audit Logging Records security-relevant API access and changes for audits. |
Audit logs are automatically kept for access and configuration events. | |
|
Integration with Security Appliances Connects API traffic with firewalls, SIEM, and DLP solutions. |
Integrates with Azure Sentinel and other SIEM/security solutions. |
Monitoring and Analytics
(9 Yes /10 Known /12 Possible features)
|
Real-Time Monitoring Live tracking of API usage, latency, and errors. |
Live usage monitoring and latency/error tracking are built-in. | |
|
Alerting and Notifications Automated alerts for outages, anomalies, or limit breaches. |
Alerts and notifications configured for failures, abuse, etc. | |
|
Detailed Logging Comprehensive logs for every API call, event, and error. |
Detailed logging for API calls, requests, responses, and errors. | |
|
Performance Dashboards Dashboards with key metrics and trends (latency, throughput, error rate). |
Performance dashboards (visualizations) are present in analytics. | |
|
Custom Metrics Ability to define and track custom business or technical metrics. |
Custom metrics can be defined and tracked with Azure Monitor integration. | |
|
Integration with Monitoring Tools Compatibility with Prometheus, Datadog, New Relic, etc. |
Integrates with Azure Monitor, App Insights, including third-party tools. | |
|
End-to-End Tracing Distributed tracing of API calls across microservices. |
Not as far as we are aware.* Distributed tracing is basic; full end-to-end tracing across microservices is limited unless integrated with Azure Application Insights. | |
|
User and Partner Analytics Insights into which clients and partners are using which APIs and how. |
Analytics can be grouped by user and partner. | |
|
Geo-Analytics Breakdown of API usage by geographic region. |
Geo-analytics is supported in usage analytics dashboards. | |
|
Error Analytics Breakdown and root cause analysis of API errors and failures. |
Error analytics, breakdown, and throughput are covered in analytic reports. | |
|
API Call Latency Measures the average time taken per API call. |
No information available | |
|
Uptime SLA Measurement Calculates actual API uptime to ensure SLAs are met. |
No information available |
Developer Portal and Experience
(10 Yes /10 Known /10 Possible features)
|
Self-Service API Registration Developers can sign up and request access to APIs without manual onboarding. |
Self-service registration and subscription to APIs are part of the developer portal. | |
|
Interactive API Explorer Allows users to test API endpoints with live requests directly in the web portal. |
Interactive API explorer (try-it) is included in developer portal. | |
|
Auto-Generated Documentation Always up-to-date API docs generated from the source specification. |
Documentation in developer portal is auto-generated and synced with API definition. | |
|
Code Snippets and Examples Ready-to-use sample code in multiple languages. |
Code snippets/examples generated and shown in developer portal for each endpoint. | |
|
API Onboarding Workflows Guides developers or partners through API setup and provisioning. |
Onboarding workflows and guided setup supported in portal. | |
|
API Status Pages Communicates live status and known issues for APIs. |
Status pages for APIs are available for visibility into API health. | |
|
Support Integration (Chat, Tickets) Easy access to developer support and ticketing from the portal. |
Support channels (tickets, knowledge base) integrated into portal. | |
|
Rate Limit and Quota Visibility Clear display of current usage, limits, and quota resets. |
Rate limit/quota usage clearly displayed in developer portal. | |
|
API Key Management by Developers Developers can create and manage their own API keys. |
Developers can create/rotate their own API keys in the portal. | |
|
Community Forums/FAQs Facilitates collaboration via forums or Q&A for developers. |
Community/FAQ sections exist for developer assistance. |
Integration and Connectivity
(7 Yes /9 Known /10 Possible features)
|
Connector Marketplace Library of pre-built connectors/integrations to common brokerage platforms. |
No information available | |
|
Webhooks Support Supports real-time outbound notifications to third-party services. |
Webhooks (event outbound notifications) are available via API policies. | |
|
Event-Driven Architecture Support for asynchronous, event-based workflows (e.g., message queues). |
Not as far as we are aware.* Event-driven/message queueing is not natively supported (requires external Azure solutions, e.g., Event Grid, Service Bus). | |
|
Custom Plugin/Extension Framework Enables custom extensions and hooks for bespoke integration needs. |
Policies and plug-ins can be created for custom logic through policy expressions. | |
|
Data Mapping and Transformation On-the-fly mapping and transformation between data formats (JSON, XML, FIX, CSV, etc.). |
Data mapping/transformation between common data formats is supported through policy expressions. | |
|
Batch Processing Support API platform supports high-volume batch file processing. |
Not as far as we are aware.* Batch file processing is not a direct function of Azure API Management. | |
|
Synchronous and Asynchronous Messaging Supports both real-time and batch/messaging integrations. |
Both synchronous and asynchronous messaging can be handled through policies and integration with other Azure services. | |
|
Legacy System Integration Support for mainframes or legacy middleware (e.g., MQ, FTP). |
Legacy system connectivity supported through external VNET integration and policy scripting for FTP/MQ. | |
|
GraphQL/FIX/Protobuf Adapter Support Adapters for financial industry protocols and formats. |
Protocol translation (e.g., SOAP to REST) is supported; integration with GraphQL requires a proxy. | |
|
API Chaining/Orchestration Capability to coordinate multiple API calls as part of a workflow. |
API orchestration/chaining can be implemented via policy expressions. |
Scalability and Performance
(6 Yes /7 Known /10 Possible features)
|
Horizontal Scaling Ability to add more nodes to handle increased API loads. |
Instances of Azure API Management can be scaled horizontally. | |
|
Vertical Scaling Directly increases resources (CPU, RAM) per node for greater throughput. |
Vertical scaling supported by adjusting tier/resources in Azure service plan. | |
|
Concurrent Connection Support Maximum number of simultaneous connections supported. |
No information available | |
|
API Throughput Maximum number of API calls handled per second. |
No information available | |
|
Low Latency HTTP Routing Optimized networking for fast API responses. |
Optimized HTTP routing and performance settings are highlighted in documentation. | |
|
Caching Layer Support Integrated support for in-memory or distributed caching. |
Caching is supported via built-in policies. | |
|
Rate Throttling Capabilities Dynamic control over API call rates to prevent overload. |
Rate throttling/enforcement of call volume via policy. | |
|
Load Balancer Integration Native integration with software/hardware load balancers. |
Integrates with Azure load balancing and external load balancers. | |
|
Streaming API Support Support for high-frequency data over persistent connections (e.g., WebSockets, SSE). |
Not as far as we are aware.* Natively streaming API protocols (WebSockets, SSE) not supported as first-class in API Management. | |
|
API Response Time Guarantee Guaranteed maximum latency for API requests. |
No information available |
Compliance and Governance
(10 Yes /10 Known /10 Possible features)
|
Regulatory Compliance Templates Built-in templates for major financial regulations (MiFID II, SEC, GDPR, etc.). |
Regulatory compliance options, including templates for GDPR, MiFID II, are mentioned in Azure blueprints and compliance documentation. | |
|
Data Retention Policies Configurable data storage and deletion schedules. |
Data retention configurable at service level via policies and data export. | |
|
Audit Trail Immutable, searchable logs of all API changes and access. |
Audit trails (immutable, searchable logs) available via diagnostic settings. | |
|
Policy Enforcement Engine Automated enforcement of business and IT policies. |
Policy enforcement managed via policy expressions and automation. | |
|
Consent Management Captures and manages client data consent as per regulations. |
Consent management is possible through API Management and external integrations for regulatory workflows. | |
|
PII Data Masking On-the-fly obfuscation of personally identifiable information in API responses. |
PII data masking can be implemented using policies (documented in Azure policies). | |
|
Vulnerability Scanning Automated security scans for the API surface. |
Vulnerability scanning included via Azure Security Center integration. | |
|
Change Approval Workflows Enforced approval flow for significant API config changes. |
Change approval workflows managed through GitHub/Azure DevOps integration with required reviews for changes. | |
|
Exportable Compliance Reports Auto-generated compliance reports for internal/external audits. |
Compliance reports exportable using Azure compliance documentation and APIs. | |
|
Contract and SLA Management Track and manage legal obligations and performance guarantees. |
Contract and SLA management available via API Management and Azure Marketplace. |
Maintenance and Lifecycle Management
(9 Yes /9 Known /10 Possible features)
|
API Deprecation Workflow Automates notifying users and retiring outdated APIs. |
Deprecation workflows and notifications can be configured for APIs. | |
|
Backward Compatibility Checks Checks API changes for breaking compatibility. |
Checks for API backward compatibility with warnings for breaking changes using versioning tools. | |
|
Automated API Testing Built-in test suites for continuous integration and delivery. |
Automated API testing available through integration with CI/CD tools (Azure DevOps). | |
|
Sandbox Environment Isolated environment for safe API experimentation. |
Sandbox environments for safe API testing provided for each API product instance. | |
|
Release Management Coordinates and documents API version rollouts. |
Release management with revisions and documentation is part of the platform. | |
|
Incident Management Integration Links with incident response tools for outage resolution. |
Integration with Azure Monitor and incident management tools possible. | |
|
Change Notification System Automated or manual notifications for API updates to users. |
Change notifications (manual or automated) are configurable for API consumers. | |
|
Rollback Support Easily revert to previous API versions. |
Support for rollback to previous revisions/versions is included. | |
|
Automated Health Checks Continuous monitoring and health status reporting for APIs. |
Automated health checks are available as part of the gateway's built-in monitoring. | |
|
Custom Lifecycle Stages Define bespoke API lifecycle stages to suit organization needs. |
No information available |
Extensibility and Customization
(8 Yes /8 Known /10 Possible features)
|
Plugin Architecture Ability to add third-party or custom-developed plugins. |
Supports a plug-in architecture using policies and extensions. | |
|
Custom Scripting Support Allows scripting or business logic within API flows (e.g., JavaScript, Python). |
Supports custom scripting in policy definitions (C# expressions, etc.). | |
|
UI Theme Customization Ability to change developer portal look and feel. |
UI theme customization is possible in the developer portal. | |
|
Branding Options Custom logos, colors, and company info in developer portals. |
Custom branding supported in the developer portal. | |
|
API Workflow Designer Built-in drag-and-drop for API workflows and transformations. |
No information available | |
|
Custom Policy Definition Define bespoke security and access policies. |
Custom policy definitions for security and access are managed via API Management policy framework. | |
|
Configurable Messaging Templates Edit email and notification templates sent from the platform. |
Notification/email templates are configurable from the portal. | |
|
Extensible Data Model Customize data model for additional business attributes. |
Data model extensibility via API schemas/policies and back-end integrations. | |
|
Custom Auth Provider Integration Plug in identity providers not natively supported. |
Custom auth provider integration supported via OpenID Connect, OAuth, or custom policies. | |
|
White-Labeling Support Deploy platform as an OEM/private-label solution. |
No information available |
Support, Documentation, and Training
(8 Yes /8 Known /10 Possible features)
|
24x7 Support Availability Round-the-clock technical support coverage. |
24x7 technical support is available for paid Azure support plans. | |
|
Knowledge Base & FAQs Comprehensive, searchable help and how-to articles. |
Comprehensive FAQs and how-to articles are available in documentation. | |
|
Video Tutorials Official video walkthroughs of common integration tasks. |
Official video tutorials are provided by Microsoft for API Management. | |
|
API Usage Best Practices Documentation Guidelines and recommendations for efficient, secure API usage. |
Best practices documentation is published as part of Azure API Management Docs. | |
|
Code Example Libraries Curated code samples for various use cases and languages. |
Sample code libraries provided in Azure docs and GitHub repos. | |
|
Multi-Language Support Documentation and support available in multiple languages. |
Microsoft docs available in multiple languages for global support. | |
|
Onboarding Workshops Instructor-led or virtual onboarding sessions for developers. |
Onboarding workshops offered by Microsoft and partners for API Management customers. | |
|
Dedicated Customer Success Manager Assigned contact to help with setup, scaling, and troubleshooting. |
No information available | |
|
Community Channel Access (Slack, Discord, etc.) Official real-time forums for peer and expert support. |
Azure community support available via Microsoft Q&A, Stack Overflow, and Slack. | |
|
SLA on Support Response Guaranteed response within a defined time window. |
No information available |
This data was generated by an AI system. Please check
with the supplier. More here
While you are talking to them, please let them know that they need to update their entry.