API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. assign Internal IP to APIM

    We have an APIM with an InternalVnet configuration.

    Currently we are testing Disaster Recovery Solutions and one pain point is the automatic assigned internal IP address.

    Each time we redeploy the APIM to test the DRS we need to create a change for the DNS and have more dependencies than needed to recover our solution

    Please make the Internal IP adjustable to enable fixed values assigned by us

    81 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add Self-hosted API Management gateway to Basic and Standard pricing tiers

    Please consider adding the self hosted API Management gateways to the basic and standard tiers. At a minimum at least three instances for HA purposes.

    The argument for this is that you will drive up the adoption of Azure APIM and generate considerable Azure consumption through the take up.

    Alternatively please consider a per gateway pricing option to cover any additional overheads.

    83 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  3. How do I Publish developer portal changes from one apim instance to other?

    As per the new developer portal feature, you can make changes to APIM layout and publish to APIM repository, the same repository you can clone to your local machine using git clone but we don't have a feature where in we want to publish our developer portal changes to one API management instance to other API management instance.

    e.g.:
    I have 2 instance : dev-01-apim, tst-01-apim
    I am making changes to dev-01 instance of developer portal ..after all my changes now I want to move those changes to my test instance of pain.

    how do I do that ?.

    41 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow same API URL suffix across different APIs and API products

    We are facing the problem that we have multiple microservices developed by multiple teams which have independent delivery pipelines to publish their APIs.

    Dependent on the service functionality certain APIs shall only be usable/visible for specific uder groups. Hence, we have to publish them in different API products.

    In general, we want to design the overall API surface across API products in a REST-ful way with a consistent terminology.

    Currently this is not possible because we are facing conflicts between APIs and API products when the REST-ful notion would suggest functionality to be exposed under the same API URL suffix…

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  5. I would like to receive a notification when my APIM instance is updated

    Using https://azure.microsoft.com/en-us/updates/azure-api-management-update-june-2020/ as an example, I would like to receive a notification when my APIM instance has been updated instead of blindly checking in the days/weeks after the update has been released.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow longer URLs and Query parameters

    Currently URLs in the Consumption Tier are limited to a length of 4096 bytes with a maximum length for query parameters of 2048 bytes (source: https://github.com/MicrosoftDocs/azure-docs/blob/master/includes/api-management-service-limits.md). As there is no maximum size defined in the URL standard, the API Management shouldn't constrain the length of URLs and Query Params either (or should have a much higher limit which does not restrict realistic use cases). This would e.g. allow the transmission of data-URLs, Authentication information in the Query Parameter or signed URLs.

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  7. Export variables reporting throttling information from rate-limit policy

    There are ongoing RFC to give clients the capability to throttle calls rate to avoid hitting the capping imposed by rate-limit policies.

    A possible way to implement this is to return in the response header 4 variables containing:


    • The current limit set by the policy

    • Amount of remaining calls before hitting the limit

    • Number of seconds to wait before getting the limit reset to the maximum

    • Number of seconds to wait before retrying (only when calls are blocked)

    119 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add support for "virtual" creation of API's based of existing Operations

    Context


    • It's normal in big companies that API surfaces are very large with a massive number of operations


    • It's frequent that there is a need to pick and choose some operations only to give access to a partner or department


    -It's common that Swagger definitions are generated by engines for all the API surface


    • Most of the times a small team is managing a big API that as grown throw years of developing with few resources to spend on API management or custom tailor of swagger files

    Proposal


    • Add the option for creating Virtual API by pick and choosing Operations…

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow developers to upload API Management code samples

    We have started using new developer portal and realized there is no way to add new language samples and edit existing templates. Could you please add a feature to add new language templates and update existing items.

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  10. Analytics - Usage for OAuth clients

    The current Analytics to show user data works only based on the API key construct. However, our APIs use OAuth (integrated with AAD clients) for authentication. Since API keys are not used, the usage for users/clients shows up as "Anonymous" since it is not possible to set the userID.
    Our business requirements mandate that we do not burden customers with multiple forms of authentication (API key in addition to OAuth Access tokens).

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add Developer Portal to Consumption Tier

    Please add the developer portal to the consumption tier.

    It's currently very confusing in the management portal as to what is supported and what isn't when using the consumption tier. For instance, it is possible to publish products, or define definition's for responses, yet this seems to only be for publishing in the developer portal.

    This article: https://docs.microsoft.com/en-us/azure/azure-functions/functions-openapi-definition comes close to explaining how to set up at least an OpenAPI definition - but it dosen't appear possible to link multiple existing Azure functions to an existing API Management gateway.

    Is the developer portal feature (in all other tiers) going to…

    53 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  12. Disable or unpublish the new Developer portal

    Could you please provide a feature to disable (unpublish) the new Developer portal for users who do not want to publish the developer portal.
    - The feature to switch to disable the developer portal after publish the developer portal

    I think we cannot unpublish the new developer portal once we make it publish state.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  13. Ability to Secure New Developer Portal Pages

    In the new developer portal there is no way to secure pages from being viewed. If i want to add supplementary api documentation pages in the portal I cannot specify to only allow that page to show when the user is logged in. The only real security in the portal is that apis and products won't show based on whether the user is logged in.

    The only capability present is to hide them in the navigation menu. So if I add a page at /apis/project/order. I can place it in the menu and say whether it will show up there,…

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  14. Support gRPC in Azure API Manager

    Please add support for gRPC to Azure API Manager.
    I would like to expose gRPC services to clients.
    It would also be great if we can have REST services for clients that call backend gRPC services.

    270 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. API Management more control with mail sending

    Currently there are very few options to set, when it comes to mailing about API Management events (new subscriptions, new developers, etc.).
    It would be great, if following could be included for e-mail configuration (some of these things help avoid e-mail being recognized as spam by some spam filters, as in our case):
    - optionally removing "on behalf of" when sending e-mail
    - including text/plain representation in sent e-mails (besides default text/html)
    - using SendGrid as a e-mail sender (as in other Azure services)
    - using custom reply address (instead of "on behalf of")

    Any maybe some other things that…

    62 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Support renewal of certificates for API Management custom domain endpoint through ./well-known

    This applies to API Management instances with custom domain configured:
    https://docs.microsoft.com/bs-latn-ba/azure/api-management/configure-custom-domain

    We would like to use automatic renewal of the SSL certificate for the endpoint, but there currently is no acceptable method to support the proof of ownership required the certificate renewal provider of Azure: GoDaddy.

    Domain verification through DNS TXT record is not possible as it needs to be on root level of azure-api.net (which is owned by Microsoft and not the customer)

    HTML web page method is not possible as not possible to publish a page to .well-known/pki-validation/godaddy.html on the API Management endpoint.

    Email verification is a poor…

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Show APIM outbound IP in consumption tier

    Azure App Service shows outbound IP addresses in the Azure portal under properties blade. Since APIM at consumption SKU is hosted in Azure App Service, we can list out outbound IP addresses in consumption tier as well, which be feasible as we just need to call API in app service side.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  18. Support backendTlsVersion logging

    As multiple organizations and teams start enforcing TLS 1.2, it's always better to have this log to understand the TLS versions used by backend APIs. This will help teams strategize push for TLS 1.2 and make informed decisions.

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  19. Unique Business Model Benefits of Colocation AWS Direct Connect Available at Cloud Dedicated Interconnect Available at

    Unique Business Model
    Benefits of Colocation
    AWS Direct Connect Available at
    Cloud Dedicated Interconnect Available at
    Colocation
    Interconnection Services
    Telco Access
    Multi-Level Security
    Remote Technical SupportTIA-942 Rated 4 Fault Tolerance
    True Carrier Neutrality
    Uptime Institute Tier IV Fault Tolerance
    Extensive Business, Technical, & Operational ExperienceSECURITY & ACCESS
    Multi-level physical and electronic security
    24/7 security personnel patrols throughout the facility
    Multi-level physical identification checks before entry
    Controlled access to facility and colocation rooms through electronic access control system.
    Full digital IP camera coverage around the site with 24/7 continuous recording for 60 days.
    Controlled Access environment through strict access procedures
    CAI1-Specifications-SECURITY-min …

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Logic App backends in ARM Templates able to be selected like in Portal

    When setting up an APIM API and a backend in the portal, we are able to select a Logic App using an experience to find the logic app and the sub-resource. Then a radio button for Azure Logic App resource is selected with the name of the logic app and sub-resource. However, in an ARM template, this is impossible. Setting up the backend to point to the resourceId of the logic and deploying defaults this backend policy to HTTP and does not work unless fixed manually in the portal. Here is the snippet of the ARM template:

        {
    
    "type": "Microsoft.ApiManagement/service/backends",
    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 27 28
  • Don't see your idea?

Feedback and Knowledge Base