Plan API authentication solution

[jhanninen]

We need to solution that provides support for:

• protect API from unauthorized usage
• separate apikeys for multiple tenants
• possible to integrate to external authorization service (hsl-id?)

[jhanninen]

Azure API management might the first alternative to test. https://azure.microsoft.com/en-us/pricing/details/api-management/

Probably we could use Consumption -pricing model, if it's available for us to use. Basic is a bit expensive for our usage, because the there shouldn't be very many users.