API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

How can we improve Azure API Management?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. List incremental of entities

    Hi, team
    For now, we pull our apim instances entities every day from API management service. But we can only get 1 day snap shot.
    Is it possible to get incremental values of these entities(user/operation/api/product/subscription ect.) from API management services? For example, we can get data filtered by update time?

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
    • Add OAuth 2.0 as a proxy authentication

      Currently Proxy Authentication supports HTTP Basic and Client Certificates. In an effort to make a unified OAuth 2.0 Gateway, we have some services using other OAuth 2.0 providers for the security in the backend and would like to use something like Client Credentials flow or the On Behalf Of flow to call the existing service keeping the front with only one OAuth implementation.

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
      • GraphQL introspective support within API Management

        Like swagger documents which describe REST endpoints, we would like to surface graphql queries and mutable schemas and types through the Developer portal.

        6 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
        • Update the Developer Portal design and styling, it is outdated

          Update the design with more neutral styling as common on many developer portals out there, or simply make it more inline with the new Azure Portal. The center page layout does not fit with anything anymore.

          2 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • 3 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
            • Ability to route/exclude requests form APIM, based on url, due to bandwidth cost

              We have a few API methods that transfer ~50TB of bandwidth monthly, need to be able to exclude these from API Management, based on path/query of the request url. The host name on the request must stay the same so DNS routing is not an option. Currently this makes API Managment not feasible for us because of the added bandwidth cost.

              I understand that APIM decrypts the SSL request before any routing, so processing still occurs, but perhaps there is some room to optimize for specific bandwidth intensive requests?

              3 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Flag idea as inappropriate…  ·  Admin →
              • Support API Mgmt features also for Azure Function Apps

                A logical "merge" of API Mgmt features and Azure Function Apps seems a logical evolution of API Mgtm. It would be great to see: Developer Portal, Subscriptions, APIs + Products, API Policies and Expressions, Versioning and Revisions, Developer Authentication via AAD, WSDEL, etc. also available integrated into Azure Functions which support...User Authentication, Hybrid connections, Git Deployment, Deployment Slots, etc.

                6 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                • New structure for API Mgmt pricing

                  Please separate APIM FEATURES (MultiRegion, VPN, Developer Portal, Products and API Subscriptions,...) from USAGE and numbers of API calls in a more flexible pricing model. Some want to use API Mgmt but do not want to "monetize" yet - therefore need no "subscriptions" and no developer portals (like us and we now switch to Azure Functions and Functions Proxies because of that), some need VPN support but have limited calls, etc. If you want to start "small" then you also need a "Consumption Plan" pricing like Azure Functions have, simply pay what you use. It would be nice to be…

                  2 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Pricing  ·  Flag idea as inappropriate…  ·  Admin →
                  • Implement integration with Azure Functions for the PUT,POST and DELETE verbs

                    API Owner should easily map PUT, POST and DELETE requests to the available Azure Functions through the management portal

                    6 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      1 comment  ·  Integration  ·  Flag idea as inappropriate…  ·  Admin →
                    • Implement APIM EventHub channel for POST and PUT verbs

                      Integrate EventHub/ServiceBus channel similar to Azure Function outputs for post, put , delete verbs. ( do not confuse with eventhub logger policy ) It also similar to Heroku protocol conversion and request routing patterns

                      3 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Integration  ·  Flag idea as inappropriate…  ·  Admin →
                      • Support expressions in openid-config url of validate-jwt policy to support multiple OpenID vendors with one policy

                        It would / should support e.g. an expression that combines

                        "https://"

                        plus the base path of the configuration document coming from some logic like

                        URL-Param or header attribute "openid-type"... if

                        "openid-type"=1 then "accounts.google.com" --Google
                        "openid-type"=2 then "login.microsoftonline.com/common/v2.0" --AAD
                        "openid-type"=3 then "login.microsoftonline.com/common/v2.0" --- AAD B2C
                        etc.

                        plus the standard path defined in the openid specs

                        "/.well-known/openid-configuration"

                        plus parameters for example for AAD B2C

                        if "openid-type"=3 then "?p=b2c_1_sign_in"

                        3 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                        • Support the trace switch (currently only in the header) also as a URL parameter

                          Support a URL switch e.g.

                          api-trace=true

                          like the trace switch in the header.

                          3 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • Do not deploy echo-api when deploying via the SDK or ARM template.

                            If I create a new Microsoft.ApiManagement/service resource and I do not have any Microsoft.ApiManagement/service/apis defined I would not expect a "example api" to be included.

                            The SDK and ARM templates are for people to automate their deployments, adding a API to show someone how to use the APIM service on ALL new deployments does not make sense in a scripted environment.

                            If when creating a new APIM from the web portal causes it to add a extra api to show the usage of APIM, that is fine, I world totally understand that behavior. But adding un-asked for apis during a…

                            12 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              2 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
                            • Display imported request body/response representations in the administrator portal

                              When importing an API from Swagger (and possibly also other sources) the request body/response representations are visible in the developer portal, but not in the administrator portal.
                              In the admin portal all representations are present, but empty.

                              This is
                              1. Very confusing as it looks like something went wrong with the import, since none of the example data seems to be present, and the schema info is also missing
                              2. Very inconvenient when one wants to make changes to the example data/schema documentation (e.g. adjust indentation to improve display in the developer console).

                              3 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
                              • announcements

                                I don't see anything in the new Azure portal about the announcements (blog) component. I also don't see any mention of it on the Azure API Management roadmap site. What is the plan for this? And will it eventually be migrated to the new Azure portal?

                                1 vote
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
                                • Register app with Azure AD through developer portal

                                  Given that there are already integrations with Azure AD, it would be developer friendly if you could register and manage your apps with Azure AD through the developer console.

                                  That way you would need just one portal to deal with things like client ids, secrets etc

                                  1 vote
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Allow to link css and javascript files to the HTML head segment.

                                    Allow to link css and javascript files to the HTML head segment.

                                    3 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
                                    • API Management Swagger Definition does not give model details.

                                      I have imported swagger definiton file into APIM Publisher portal. It shows different actions but there is no info about navigation property from an entity which is specified in the Entity Framework model. I would want to publish that information on developer portal as well. See the attached picture.

                                      5 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Allow System.Linq.IGrouping within expressions

                                        The GroupBy operator is a pretty common LINQ operator incredibly useful in doing transformations of data.
                                        It would be tremendous if this was available within policy expressions.

                                        3 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Allow OAuth2.0/OpenID Connect Authentication when testing APIs through the Azure Portal.

                                          Whenever an API requires OAuth2.0 or OpenID Connection authentication, through the Developer Portal you can authenticate at the defined STS. Yet, in the Azure Management Portal, when testing your API, this 'button' or feature is missing. To me, this renders the Test option useless, because all our APIs require OAuth...

                                          2 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 12 13
                                          • Don't see your idea?

                                          Feedback and Knowledge Base