Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

We welcome user feedback and feature requests!

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Make OData a first class citizen.

    Apparently OData (Microsoft's flagship REST data protocol) isn't fully supported.

    More info:

    https://social.msdn.microsoft.com/Forums/azure/en-US/7363e392-86d8-4b60-99fd-af98e128ab06/whats-the-odata-story?forum=AzureAPIApps

    quote
    "If you can manually create Swagger 2.0 metadata to describe your REST API, it will work perfectly."
    /quote

    Assuming it's true that swagger can't do OData, I would think that fact alone would've precluded swagger as an option.

    Additionally, whatever the reason swagger cannot create metadata for a WebAPI OData project should have been addressed before launch.

    Regardless, please fix this.

    190 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
    • Add ability to use API Key authentication

      It would be nice to be able to protect API apps with a set of API Keys instead of requiring a user to manually log in. This would be especially helpful for backend APIs that don't require user authorization or are accessed primarily by other servers.

      176 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        8 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
      • Access to a populated User.Identity

        It would be very valueable to have Access to a "populated" User.Identity in the Controllers. Most of the the time, at least in my apps, my Apis will present user specific Content. Having a populated User.Identity would help alot.

        59 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          1 comment  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

          Hello!

          At the moment our recommended method for checking the identity of the current user is to check several attributes added to incoming requests. This is to allow your application to go completely in and out of memory on lower priced tiers without “always-on.” Check out the tutorial below for the header names.
          https://docs.microsoft.com/en-us/azure/app-service-api/app-service-api-authentication

          We would like to have language specific auth functionality like this in the future. I am placing this item in “unplanned” to be used in future planning sessions.

          thanks for your feedback!
          Alex
          Azure App Service Team

        • Add administrative option for disabling ftp account in webapps

          An unmanaged FTP account is a security concerns for enterprise environments. This concerns is even greater when teams have control over their own environment zuch as is the case with DevOps. Please add the possibility to centrally disable the ftp account feature of webapps.

          26 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            1 comment  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
          • API Apps with AllowAnonymous

            Have a mix of authentication levels for different endpoints in the underlying Web API?

            API App to have access level of 'Public (authenticated)' but one of the endpoints needs to be accessible as an anonymous user. Previously I would have just applied the AllowAnonymous attribute on the method, but the gateway still intercepts and returns an unauthenticated response.

            Would be great to mark a specific method as allowing anonymous and the default behaviour to respect the gateway authentication level.

            23 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              1 comment  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

              Thank you for your feedback!

              Right now the workaround is to set your authentication/authorization option to enabled, but set the action for unauthenticated requests to “allow.” Then manually redirect unauthenticated requests to the secured endpoints to the authorization flow at /.auth/login/done.
              https://docs.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-how-to-configure-active-directory-authentication#optional-configure-a-native-client-application

              We would like to add more robust support for multiple auth levels in the future. I am placing this item in “unplanned” to be used in future planning sessions.

              Thanks!
              Alex
              Azure App Service Team

            • Certificate Authentication

              From what I can see clients can only authenticate to API apps interactively. This, like others said, makes automated authentication difficult. It would be great to support certificate authentication, much like the Azure Management API does, i.e. https://msdn.microsoft.com/en-us/library/azure/ee460782.aspx#bk_cert

              20 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

                Thank you for your feedback!

                For the time being you can use service principle auth to programmatically authenticate with an API if you are using AAD auth. https://docs.microsoft.com/en-us/azure/app-service-api/app-service-api-dotnet-service-principal-auth

                We would like to add general cert auth to App Service authentication/authorization in the future. I am placing this item in “unplanned” to be used in future planning sessions.

                Thanks!
                Alex
                Azure App Service Team

              • Support generating custom Web API from Swagger document

                Support generating custom Web API from Swagger document from Visual Studio

                9 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  1 comment  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

                  Thank you for your feedback!

                  We would like to add support for generating server code from a swagger definition. I am placing this item in “unplanned” to be used in future planning sessions.

                  Please feel free to update this thread if you find any open source packages that work for you. We found the swagger server stub generator was a good tool if you find yourself generating a lot of new servers. https://github.com/swagger-api/swagger-codegen/wiki/Server-stub-generator-HOWTO

                  Thanks
                  Alex
                  Azure App Service Team

                • Speed up deployment of option for customers to select their required TLS encryption level

                  Microsoft will make available the option to select TLS 1.2 on April 30, 2018. Authorize.net is disabling support for TLS 1.0 and TLS 1.1 on February 28, 2018. A 2 month gap is a long time and It's probable many legacy web apps will stop working on that day. It would be great if Microsoft could speed up deployment of the manual option to February 28, so unawares customers can make the switch without needing a programmer.

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

                    Hi there,

                    We are definitely moving as fast as we can to enable TLS 1.2 across the board. There are a few outstanding items before this is released and we can’t promise support before February 28th. We are definitely trying to get this out earlier than our committed date of April 30th though.

                    The actual option, once enabled, will be a simple switch in the Azure Portal or through CLI.

                    Thanks,
                    Oded

                  • Don't see your idea?

                  Web Apps

                  Feedback and Knowledge Base