Web Apps

Web Apps in Azure App Service provides a scalable, reliable, and easy-to-use environment for hosting web applications. Select from a range of frameworks and templates to create a web site in seconds. Use any tool or OS to develop your site with .NET, PHP, Node.js, Python and more. Choose from a variety of source control options including TFS, GitHub, BitBucket and others to set up continuous integration and develop as a team.

More details about the services are available in the App Service documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow or MSDN.

Products that we listen to in this space include: App Service, Web Apps, API Apps and Web App for Containers.

We welcome user feedback and feature requests!

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add ability to use API Key authentication

    It would be nice to be able to protect API apps with a set of API Keys instead of requiring a user to manually log in. This would be especially helpful for backend APIs that don't require user authorization or are accessed primarily by other servers.

    206 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      9 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
    • Make OData a first class citizen.

      Apparently OData (Microsoft's flagship REST data protocol) isn't fully supported.

      More info:

      https://social.msdn.microsoft.com/Forums/azure/en-US/7363e392-86d8-4b60-99fd-af98e128ab06/whats-the-odata-story?forum=AzureAPIApps

      quote
      "If you can manually create Swagger 2.0 metadata to describe your REST API, it will work perfectly."
      /quote

      Assuming it's true that swagger can't do OData, I would think that fact alone would've precluded swagger as an option.

      Additionally, whatever the reason swagger cannot create metadata for a WebAPI OData project should have been addressed before launch.

      Regardless, please fix this.

      203 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        4 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
      • Access to a populated User.Identity

        It would be very valueable to have Access to a "populated" User.Identity in the Controllers. Most of the the time, at least in my apps, my Apis will present user specific Content. Having a populated User.Identity would help alot.

        59 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          1 comment  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

          Hello!

          At the moment our recommended method for checking the identity of the current user is to check several attributes added to incoming requests. This is to allow your application to go completely in and out of memory on lower priced tiers without “always-on.” Check out the tutorial below for the header names.
          https://docs.microsoft.com/en-us/azure/app-service-api/app-service-api-authentication

          We would like to have language specific auth functionality like this in the future. I am placing this item in “unplanned” to be used in future planning sessions.

          thanks for your feedback!
          Alex
          Azure App Service Team

        • API Apps with AllowAnonymous

          Have a mix of authentication levels for different endpoints in the underlying Web API?

          API App to have access level of 'Public (authenticated)' but one of the endpoints needs to be accessible as an anonymous user. Previously I would have just applied the AllowAnonymous attribute on the method, but the gateway still intercepts and returns an unauthenticated response.

          Would be great to mark a specific method as allowing anonymous and the default behaviour to respect the gateway authentication level.

          27 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            3 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

            Thank you for your feedback!

            Right now the workaround is to set your authentication/authorization option to enabled, but set the action for unauthenticated requests to “allow.” Then manually redirect unauthenticated requests to the secured endpoints to the authorization flow at /.auth/login/done.
            https://docs.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-how-to-configure-active-directory-authentication#optional-configure-a-native-client-application

            We would like to add more robust support for multiple auth levels in the future. I am placing this item in “unplanned” to be used in future planning sessions.

            Thanks!
            Alex
            Azure App Service Team

          • Programmatically associating a Hybrid Connection to an Azure App Service is not possible

            I believe that there should be a capability added to Azure App Services to allow for programmatically associating existing Hybrid Connections to an App Service instance. This can be done manually via the portal as shown in the attached image but cannot be done via Powershell, Azure CLI, or Azure REST API. Any upcoming features for this? Or is this already possible but I haven't yet been able to find out how? Thank you.

            21 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              3 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
            • Certificate Authentication

              From what I can see clients can only authenticate to API apps interactively. This, like others said, makes automated authentication difficult. It would be great to support certificate authentication, much like the Azure Management API does, i.e. https://msdn.microsoft.com/en-us/library/azure/ee460782.aspx#bk_cert

              20 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →

                Thank you for your feedback!

                For the time being you can use service principle auth to programmatically authenticate with an API if you are using AAD auth. https://docs.microsoft.com/en-us/azure/app-service-api/app-service-api-dotnet-service-principal-auth

                We would like to add general cert auth to App Service authentication/authorization in the future. I am placing this item in “unplanned” to be used in future planning sessions.

                Thanks!
                Alex
                Azure App Service Team

              • Accessing APIs of Azure App service with SSL in MobileServiceClient(Xamarin mobile app).

                Provide some option in MobileServiceClient (Xamarin mobile app, Android and iOS) to access APIs of Azure App service with SSL.

                4 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
                • Latest jetty version support

                  Please provide latest jetty server support having version 9.4.10.v20180503

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  API Apps  ·  Flag idea as inappropriate…  ·  Admin →
                  • Don't see your idea?

                  Web Apps

                  Feedback and Knowledge Base