API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Schema validation in APIM

    When an actual request comes, we need to validate the schema of the request and while sending back the respose, the schema should be validated. Similar to validate feature of API connect (IBM).

    http://www.ibm.com/support/knowledgecenter/SSFS6T/com.ibm.apic.toolkit.doc/rapimrefootb_policyschemaval.html

    510 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  15 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  2. apim should allow more than 260 characters for URL path segments

    API definitions which have an ID as one path segment can have path segments which are larger than 260 characters (which is a windows limitation). Unfortunately this limitation is also part of the apim service and can be inceased by the product team on request. Why not setting it to a larger value as default or let me set an option like (windows compatible path length) when creating the instance?

    This problem is very critical if you face it because the apim service itself will block the request and you cannot handle/modify/forward the request to something else which can handle…

    210 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  3. Expose API Management Events

    Expose events from API Management.

    Example would be, a user registers. Currently we get an email. It would be nice if it was an event we could subscribe to (WebHook or API Call or Service Bus message.. etc) so that we could use the user registration as the start of a workflow.
    Another example would be if a user requests a Product, having an event we could leverage things like PowerApp/Flow/Logic App to start an approval process or setup their development environment.

    Simple Event list that would have the most value:
    -User Created
    -User Requested Subscription
    -Issue Created

    71 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    triaged  ·  6 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  4. API Management more control with mail sending

    Currently there are very few options to set, when it comes to mailing about API Management events (new subscriptions, new developers, etc.).
    It would be great, if following could be included for e-mail configuration (some of these things help avoid e-mail being recognized as spam by some spam filters, as in our case):
    - optionally removing "on behalf of" when sending e-mail
    - including text/plain representation in sent e-mails (besides default text/html)
    - using SendGrid as a e-mail sender (as in other Azure services)
    - using custom reply address (instead of "on behalf of")

    Any maybe some other things that…

    68 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  5. http2

    Enable http2 for the API Management

    59 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add support for IPV6

    Due to new Apple requirements (all apps must works over IPV6) we need to reach our Azure API Management through this protocol. Actually the AAAA is not present for any endpoint.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Expose IntegrationModuleBitsVersion and IntegrationModuleVersion via ARM API

    I have noticed over time that when MS rolls out out an update to a tenant that properties in configuration.json may change: specifically IntegrationModuleBitsVersion and maybe IntegrationModuleVersion

    This is not exposed through the ARM API capabilities. Make the properties readable from ARM or even the legacy API or some other way that may be automated. I would like to check the values periodically and get a heads up to do wider regression testing when I detect a change there.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add a "Subscription Required" checkbox during APIM API creation.

    Currently when creating an APIM service in Azure and adding a new API, there is no option to remove the "Subscription Required" parameter until after the API's creation. After creation this can be managed under the API's settings, however it would be very beneficial to be able to access this during creation.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    triaged  ·  0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability to read certificate stored under secrets in APIM

    Ability to read certificates stored under secrets in APIM is required. If Certificate is created using App Service Certificate, certificate is getting stored under secrets. APIM in ability to read certificate under secrets of Key vault is becoming bottleneck for us.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  10. A powershell script to enable application insights logs per API

    When an API is imported, it is possible to do so via powershell and apply several settings to that API. However, I would like to see that the settings regarding logging to application insights could also be managed via a powershell cmd.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  1 comment  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow CORS headers for Management API

    In order to invoke Management REST API endpoint (like ***.management.azure-api.net/apis?api-version=vvv) from browser's JS code, CORS headers should be enabled there. Moreover, full Management REST API endpoint configuration (thru Azure portal) is very welcomed addition.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Can we have anything built into APIM to ping backend or Alert when there are sporadic errors connecting to backend?

    Can we have anything built into APIM to ping backend or Alert when there are sporadic errors connecting to backend?

    This way i will either know when the backend is not reachable or when there are other issues connecting to the backend..

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Custom approval for subscription requests based on product ownership

    Currently only admins can approve product subscription requests in APIM. Usually an admin should not be bothered with the approval of subscription requests. Instead this tasks should be handled by an API owner within APIM. The RBAC of APIM should be more precise to have more flexibility for companies needs. It should be possible to define a custom role API Owner and assign the approval process for subscription to this role.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Backup support for Consumption tier

    Please, enable Backup support for Consumption tier. Here is the current situation when trying to backup our consumption instance:

    Backup-AzApiManagement: Operation returned an invalid status code 'BadRequest'
    Activity log:
    Operation name: Backup API Management Service
    Error code: NotSupported
    Message: Operation Microsoft.ApiManagement/service/backup/action on Consumption SKU is not supported.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Use wildcard url in backend entity

    Could you support wildcard in the url of backend entity?

    Take following backend for example, we would like to use https://*.contoso.com/ instead of https://abc.contoso.com/.

    {
    "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/backends/proxybackend",
    "type": "Microsoft.ApiManagement/service/backends",
    "name": "proxybackend",
    "properties": {

    "description": "description5308",
    
    &quot;url&quot;: &quot;<a rel="nofollow noreferrer" href="https://abc.contoso.com/&quot;">https://abc.contoso.com/&quot;</a>,
    &quot;protocol&quot;: &quot;http&quot;,
    &quot;credentials&quot;: {},
    &quot;header&quot;: {},
    &quot;authorization&quot;: {
    &quot;scheme&quot;: &quot;Basic&quot;,
    &quot;parameter&quot;: &quot;opensesma&quot;
    }
    },
    &quot;proxy&quot;: {},
    &quot;tls&quot;: {
    &quot;validateCertificateChain&quot;: false,
    &quot;validateCertificateName&quot;: false
    }

    }
    }

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  16. 4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Enable the use of SSH protocol for authentication to APIM Git repos

    Current: Interacting with our APIM git repos requires the use of username/password credentials, with the password being generated on the "Access credentials" section of APIM on Portal. This password is valid for 30 days, max: https://docs.microsoft.com/en-us/azure/api-management/api-management-configuration-repository-git#to-clone-the-repository-to-your-local-machine

    Desired: Allow users to upload public ssh keys to the APIM tenant, so that users, remote servers, and services can connect to the repo using the SSH protocol. Github currently allows this: https://help.github.com/en/articles/about-ssh

    This is especially important for our CLI configuration. We have our APIM git repo loaded as a submodule for our project, as we have integration tests that compare our backend controllers…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Extend billing API to consider fair use of reservations

    My company uses a mix of reserved instances and pay-as-you go instances. I want a convenient way to evaluate how much it cost in a given month to operate a virtual machine. This convenient way should fairly distribute reserved instance usage among eligible machines.

    Details:

    With pay-as-you-go instances, you can pull monthly data that shows how much an instance cost to operate this month. The costs are a direct function of the delivered value. With reserved instances, you pay in advance and you may (or may not) use the reservation over the course of the years. Value stream (usage) and…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Enable tracing in the Manager

    The trace capability is really useful but has to be enabled currently in the client by setting an additional HTTP header.

    If I have a production issue I can't amend code to do this and I may have many clients so would like to be able to turn this on in API Management with a simple checkbox or policy change at an API operation level

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Update Resource Navigation Links in VNET Subnet to point to connected API Management instance

    Hi,

    Currently when a VNET Subnet is associated to API Management instance through virtual network configuration, a resource navigation link is created inside that Subnet and we cannot use that subnet for any other Resources.

    In case of a subnet with /29 CIDR, only one API management instance can be created and while enforcing virtual network configuration, there is no way to tell which subnet is linked to which API Management instance which becomes a blocker.

    An Example scenario:
    A subnet is associated to APIM in external configuration, when changing it to Internal Mode as part of compliance, we will…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base