Do not be confused! The Azure Service Management REST API and the Azure API Management REST API are completely different. Yes, they may have confusingly similar names but they service completely different purposes, support different authentication protocols, and are surfaced via different endpoint domains.
The Azure Service Management REST API
What can I do with it?
This service supports actions for managing Azure resources such as web apps or storage accounts. Think of it as an endpoint for the actions you might otherwise perform manually via the (Classic or New) Azure Portal.
What do the endpoints look like?
Service request URIs will be of the form: https://management.azure.com /subscriptions/…
How does authentication work?
Service authentication is achieved using OAuth via the use of a Bearer access token in the Authorization header. The app principal is an Azure Active Directory application. The AAD app must be given ‘permissions to other applications’ for ‘Windows Azure Service Management API’. As the only grant-able permissions are ‘delegated permissions’ (App+User) rather than ‘application permissions’ (App-only), this API can only be called from within a user context and not, for example, from the context of a web job.
The Azure API Management REST API
What can I do with it?
The API Management Service supports publishing APIs to consumers by providing an ID and secret key ‘shared signature’ authentication mechanism very similar to that used by Amazon or Instagram for their (public, pending approval) APIs. An API Management Service instance provides benefits like management of users, groups, products (endpoints), and subscriptions. There is then a REST API for managing these users, groups, products, and subscription that the API Management Service provides – this is referred to as the API Management REST API.
What do the endpoints look like?
Service request URIs will be of the form: https://{servicename}.management .azure-api.net/…
How does authentication work?
Service authentication is achieved via the use of a Shared Access Signature access token in the Authorization header. The identifier and secret key required to generated a request signature are available via API Management Service instance. Access to the API must be explicity allowed by checking the ‘Enable API Management REST API’ via the API Management Service publisher portal.
Credit to Microsoft Azure Documenation
Read more
Ok, so just reading the above really won’t be enough to get you firing off requests but hopefully it will provide enough clarity that you fully understand how to interact with which API.
Service Management REST API Reference
Vaguely related, I’ve recently blogged about posting authenticated requests to the Amazon Product Advertising API in .NET
I will post about using the Service Management API along will app configuration and full code samples for authentication in the near future. I will link to that post from here.
Paul.
