API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Stats about cache usage

    It would be a great feature to have the option to see how much of the cache is used, it could be divided into areas like

    Total for the instance it self (all api's)
    pr. api
    pr. api/operation
    etc.

    today it's a blackbox so any insights would be great.

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  2. Deploy APIM in Azure Emulator to allow for local testing of configurations

    Add APIM to the Azure emulator to allow testing of routing and policies.

    86 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ability to manage Subscription Keys for a Group of users

    Allow the assignment of a subscription key that applies to a group of users. The idea is to create one shared subscription key that is tied to the group so as members of the group swap in/out they can use that key.

    Think of a large company of developers, rather than creating a shared login the group of developers could be put into the group and then have access to that applications subscription keys.

    The idea is really to treat the key as an entity that isn't a person but needs to be managed by several people, like give this…

    60 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add support for Reserved IPs

    At present API Management instance VIPs are static for the lifetime of that service instance with some exceptions, for example adding or removing a VNET (see http://aka.ms/apimfaq). Reserved IPs on the other hand are absolutely immutable and transcend service instance lifetime. They have an extra benefit of being used when accessing other Azure resources, e.g. storage, within the same region. See https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-reserved-public-ip/ for more information on Reserved IPs.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow tagging/categorization of APIs, operations, policies

    Either a single hierarchical category field or use flat tags where multiple can be applied to the same resource.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  3 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add ARM support for deployment of the operations, etc.

    Support to deploy all the configuration via ARM what now possible is via GIT.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  7. Expose a way to modify the APIM idle timeout or tcp keep alive settings

    I have several legacy, long-running, synchronous API operations (10+ mins) that never get a response when I route them through APIM. This is because APIM does not maintain that TCP connection long enough for the backend server to compile the response.

    A quick response is to make them asynchronous, which I would have done from the beginning had I designed and developed this product, but as I said this is a legacy application with many existing clients and to change the architecture of this now is not really feasible.

    I have worked with Todd Foust from Micorsoft support to determine…

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  8. Provide Rich Text Editor in API/Operation Descriptions

    For the API and Operation description (or any other that supports HTML, e.g. response descriptions) fields, instead of having to input HTML, a basic WYSIWYG editor would be nice so simple things like bold/emphasis/underline/lists/etc... can be created easily by people not strong in HTML and then having to save/view to test what it may look like.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability to turn off notifications, not just edit templates

    We need the ability to turn off notifications through the workflow. We are setting up accounts for clients and don't want most of the notifications that come out. We are having to enter fake email addresses just to prevent the notifications.

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  3 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add ability to turn off the Register Application Button in Profile

    We are utilizing the portal for API's which my company is publishing. We don't want the user to be able to add their own application. How can I turn off the register application button on a developers profile?

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  11. Improve the documentation on how Security Works

    Currently some of the security documentation is downright wrong.
    Some of it is at best confusing
    Some if it is incomplete - providing a singleton example and not explaining the options

    And worst of all, its in a video. Which means its
    --> Not searchable
    --> Not easily usable as a reference
    --> extremely time consuming to follow (I can't read at MY pace I have to follow the video's pace)
    --> Does not give me concrete examples I can try

    Since Security is a critical aspect of what Azure API Management provides - it really needs to be documented…

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  12. Support both OAuth and OpenID Connect at the same time

    API supports both OAuth and OpenID Connect at the same time. Need to let user pick one in dev portal.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add monetization ability of API

    It is a common practice for API service developers to link the resource counts or product plans to pricing. The preference is for either integration ability to 3rd party services (ex. Braintree) or direct implementation so API developers can collect payment for services.

    728 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  26 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add missing Issues features

    The Issues section of API Management seems really lacking. To just name a few of the current shortcomings:


    • Inability to edit/delete a comment (I hope no one every makes typos)

    • Inability to delete a resolved issue.

    • Inability to search issues.

    • Inability to tag issues.

    • Inability to control the view of issues (order by date, status, etc)

    The API Management has many great features, but unfortunately Issues isn't one of them, and is an important part of our API management strategy

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  15. Ping endpoint

    To facilitate the management of a given instance of APIM, I’d like to see a lightweight authorized “Ping” endpoint exposed in the APIM REST API (ex: HEAD /ping). This endpoint would allow a Publisher (me) to ensure that he’s able to communicate with the Management REST API (i.e., the URL and credentials being used are correct).

    I will be driving the provisioning/management/monitoring of my instance of APIM using the REST API from within my company’s Operations software (a mixture of System Center and other internal software). So I would encode into my monitoring software a periodic call to the Ping…

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  16. Email notifications per API or Product

    Today, email notifications for a new registration or sub request are send to one or more email addresses. However, the configured email recipients get a notification for all APIs and all Products.

    We're having different back office people handling the workflow requests of different API Products, so it would be much easier that they would only get notifications for their API products.

    51 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  17. Purge cache from external system

    To control caching time of API-returned items aggressively and issue a command to purge cache when from external system that is aware when items are refreshed. Refresh cycle is not periodic, and can vary.

    132 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  5 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  18. Provide a configurable timeout for password reset link in API Management

    Currently, when resetting a users password in the Azure API Management portal, the email link expires after ~30 mins.

    Ideally, the timeout value should be configurable as we have processes that require a longer period. Customer in other countries are often not immediately available to follow the link.

    Provide a configurable timeout for password reset link in API Management.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow user to manage API when primary location is down

    When a new API Management Service is created, we need to choose an Azure location (say, Australia Southeast).

    Afterwards, we can scale the API Management Services to a second Azure location (say, Australia East).

    When Australia Southeast region has an outage, API can still be accessed via Australia East region. However, we cannot "manage" (e.g. add a new API or update API backend URL) the API Management Service during the "primary location" (Australia Southeast in the example) outage.

    It will be great if user can still manage the API Management Service when the "primary location" is down.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  20. API managment test UI gives a misleading error message when invoking long-running backend api calls that takes more than 1 min.

    API managment testing UI throws "Could not complete your request. Please try again" while testing with Post man returns OK.

    Two options:
    1. Make it clear why it stops and what alternatives developers have in the error message. For example, it may says that you may try to run Postman to run your long-running api call.


    1. Provide the option in testing UI to override the default and allows the developer to run long-running api calls.

    Attached is the screenshot I captured.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base