After having seen in Part I, how the Azure API Management can help us with throttling and caching, we will see how to protect our backend APIs with Azure Active Directory in order to create multiple consuming routes. We will inject application roles so that the backend API may behave differently according to how it is consumed (via Azure API Management) or via direct calls. This allows exposing the same backend API through both external and internal consumers in a secure way.