API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Self-hosted API Management gateway

    To expand support for hybrid use cases and enable more efficient on-premises-to-on-premises call patterns for internal-only and internal/external APIs, we will provide an option for customers to self-host a containerized version of the API Management gateway component (fully equivalent to the gateway in the cloud, not a “micro-gateway”) on-premises or other environment e.g. other public clouds. Self-hosted gateway will require and will be managed from a cloud-based Azure API Management instance.

    897 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    started  ·  30 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  2. Support for HTTP/2 for APIM connecting to backend services

    HTTP/2 is supported for APIM client side facing communications, it will be great to support HTTP/2 also for backend side facing communications so that the entire request chain can be HTTP/2 enabled.

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  3. Support backendTlsVersion logging

    As multiple organizations and teams start enforcing TLS 1.2, it's always better to have this log to understand the TLS versions used by backend APIs. This will help teams strategize push for TLS 1.2 and make informed decisions.

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  4. Remove standardized Azure URL from Swagger / WSDL file

    We are using custom domains in our Azure API Management instances. Unfortunately when uploading a Swagger file, APIM automatically adds the standardized URL. Here's an example:

    "x-servers": [
    {
    "url": "https://gateway.api.qas.custom.com"
    },
    {
    "url": "https://azurestandardname-northeurope-01.regional.azure-api.net"
    }

    This keeps confusing our customers when they download the description through the Dev Portal.

    Please add an option to prevent the standard URL from being added to the API descriptiion (Swagger and WSDL)

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  3 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  5. Block HTTP and/or force HTTPS

    Is there a way to disable the HTTP listener on the APIM service so that no responses occur for any requests to port 80.

    We'd like to see a feature where we can disable the listener at port 80, or configure that listener to automatically force a redirect to HTTPS and port 443.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  6. MTOM support

    I got a use case to set up interface with SAP ARIBA which is requesting MTOM support . based on the documentation I got I saw the following MTOM - Services using MTOM may work. Official support is not offered at this time.. it was in September 2017 . it should be great to support this feature as ARIBA is becoming a main player in Marketplace area.
    Thanks

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  7. change machine hosts file

    we publish a set of API exposed through internal services on AKS. Instead of using internal IP Address it would be great to use a sort of hosts file or point API management to a custom dns server so I can publish APIs with hostname and not the IP address.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  8. Blue/Green Deployments using Versions

    I was trying to implement Blue / Green deployments, which APIM doesn't really seem to support out of the box.

    What we were planning to do was to (ab)use the versioning to create a "Green" and a "Blue" version of the API. We were going to use revisions to do our actual versioning since our versioning requirements are relatively simple.


    I set up the versioning scheme to be Header Based, and I was using a "X-Colour" header to redirect to the correct version. This way, Testing could override the header for canary testing.

    My global policy looked something like this:

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  9. fix erroneous catching of protocol violation errors

    When an API (wrongly) return a response body and a "204 No content" return code, a "500 protocol violation error" should be raised by APIM instance.
    In fact it is the case, but the protocol violation error is raised as a response on the call folowing the erroneous "204" API, not the erroneous API itself. The error is raised only the following call (whatever API it is) that is implemented on the same backend of the "204" API AND if the folowing call is made in the same HTTP session (I mean during the http "keep alive" timeout).
    This bug…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  10. Missing of test to check the configuration with Application Gateway

    This documentation is very good. However, I feeling missing of a test set cast to valid the configuration with Application Gateway.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  11. Improve APIM --> Function integration

    store the function name that was imported and what end point operations where checked when imported. Then when a new version of the API is created, you can change the function name (would refresh end point operations), and then add/remove (if needed) operations by checkbox. Finally, if a new version of a function is uploaded, an event would fire off to rebuild all the API interfaces that have operations are pointing to it (like when importing) so it can keep in sync with the back end.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    need-feedback  ·  0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add "display name" properties of API & operations in Log Analytics"

    Add "display names" properties (of APIs and operations) in Azure Diagnostics log entries. It would permit to make dashboards with a more signifiants labels rather than Ids that were chosed at creation (and that can't be changed after).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  1 comment  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow Server Side Events (SSE) to be consumed by client as text/event-stream and not as application/json

    We created a microservice using Spring WebFlux (will produce Server Side Events) to expose an API that will publish data as an event stream which is consumed by the client as EventSource. However, the Azure API Gateway is preventing the data to be consumed as text/event-stream.

    A similar concern is seen here: https://community.apigee.com/questions/61225/apigee-to-create-a-reactive-rest-api-for-continuou.html

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base