API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Import and append api's to an existing api through arm deployments

    In the azure portal it is possible to append multiple backends behind one logical api endpoint. I want to have the same functionality via ARM. Every repo uses the apim devops resource kit to get the swashbuckle generated openapi spec and generates based on this the ARM that registers the API in APIM. Currenlty when you have 2 ARM templates that target an api with the same ID this api is replaced. It should be possible to append and postfix the operations in case of conflicts. So basically the same as the azure portal does but this time via arm…

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  2. Support Array Parameters

    Current: There's no way to designate a query parameter as an "array" parameter (which indicates more than one instance of that parameter may appear in the query string)

    Desired: Add an option to designate a query parameter to be an array parameter, such that when the API is serialized into an OpenAPI format, its status of an array parameter is captured. (See "schema vs content" on this page to see how array parameters are represented in OpenAPI: https://swagger.io/docs/specification/describing-parameters/)

    This is important for us because our APIM API needs to map to our backend API Controllers, which define some parameters…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  3. Describe what a member is and must have

    Describe what restrictions are put on members. Must member be users with accounts in some local active directory? Are members just strings so any name can be entered?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow to filter/select operations when adding a new API from a OpenAPI spec

    Currently, if you need to create/update an API from an OpenAPI spec with only a small subset of the whole list of operations supported by your backend, you will need to edit the generated spec to remove all the operations/types not required which is boring and error prone, or import all of them and remove all the undesired ones one-by-one, which makes our lives sad and miserable..
    A simple UI which allows to filter/select the specific operations we need to import/update would be awesome!!

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  5. Import mandatory query parameters as query rather than in the URL template

    When an API is imported into API-M using Swagger, mandatory query parameters are imported into the URL template rather than as query parameters.

    The effect of this is when a parameter is missing API-M returns a 404. The correct behaviour should be to return a 400 Bad Request with a validation error, or pass the request to the back-end API to return an appropriate error.

    I suggest adding an option to import mandatory query parameters from Swagger as query parameters.

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  6. Support swagger resusable parameters

    Support swagger resusable parameters.

    Support the root parameters of OpenAPI Spec.
    Currently import/update and portal schema editor, transforms reused parameters under each operation.

    We have API's that have a heavy use of reuseable parameters, and this bloats the swagger documentation quite alot.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  7. When clicking "load more" in API operation list, it should load more (add to the list) and not replace the currently visible operations

    When clicking "load more" in API operation list in the Azure management portal, it should load more (add to the list) and not replace the currently visible operations. Lets say you have 25 operations for the selected API, and the first 20 are displayed by default and there is a "load more" button at the bottom of the operation list. and you click it. Currently, it removes the first 20 and only shows the last 5. If you want to see the first 20 again, you have to then click and select a different API and then go back to…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  8. 2nd Import and Append of swagge docs loses definitions

    When I import XY swagger (Open Api 2) into Api Manager, the model definitions are there and all looks great. Now i am to import a different AB swagger (different api), it imports, but loses model definitions in the process, big issue if we want to use NSwag or generators

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  9. Consumption Plan DevOps

    Currently consumption plan services are not discoverable via resource explorer this will impact the ability to automate the deployment of apis between API Management instances

    This is important if the consumption plan is to be used a lead into higher level SKUs especially as there is no upgrade option from consumption to higher level skus.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  10. add ability to mark a header or parameter value as private

    We have additional credentials that are configured to be passed as additional headers. It would be nice to be able to mark these as "private" in the configuration so in the "try it" page the values that are typed in are handled like the subscription key and they appear as dots when typed. Right now when we're doing a screen share demonstration, people watching the demonstration have full view of the username and password being entered. Sure, we can go through special means to have dummy accounts or dummy systems, or change the credentials as soon as the demo is…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    need-feedback  ·  0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  11. Richer import for azure functions

    At the moment when importing an azure function limited metadata about the operation is captured in to the swagger.

    It would be useful if the import process could interrogate the use of attributes such as ProducesResponseType, Produces, Consumes etc.. to correctly generate the operation definition with models, content types etc..

    This could be rich enough to allow enums to be annotated with x-ms-enum, even if it required special APIM attributes to be used.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    need-feedback  ·  0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  12. support template parameters in the version id

    support template parameters in the version id.

    We should support template parameters in versionId so that APIM API url doesn't have to end with version name every time.

    For example, the usage URL can look like http://harryapimanagement.azure-api.net/api/v1.0/content instead of http://harryapimanagement.azure-api.net/api/content/v1.0

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  13. Enable Swagger CollectionFormat = multi

    It does not appear that the swagger parameters with collectionformat = multi works in the test view. The list of options should be visible in a select list (at least) but allowing users to select multiple items would be best.

    example openapi:

    parameters: [
    {
    name: "status",
    in: "query",
    description: "Status values that need to be considered for filter",
    required: true,
    type: "array",
    items: {
    type: "string",
    enum: [
    "available",
    "pending",
    "sold"
    ],
    default: "available"
    },
    collectionFormat: "multi"
    }
    ],

    See the pet store example:
    http://petstore.swagger.io/v2/swagger.json
    /pet/findbystatus example.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add support for optional "format" property to Open API import and export

    API Management supports the Type parameter property and standard JSON types as its values but doesn't support the optional modifier Format property - Format property translates to a description and doesn't round trip on export. Format property is used by some code generators and it's important to have it represented in the model and supported in OpenAPI import and export.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  15. Do not deploy echo-api when deploying via the SDK or ARM template.

    If I create a new Microsoft.ApiManagement/service resource and I do not have any Microsoft.ApiManagement/service/apis defined I would not expect a "example api" to be included.

    The SDK and ARM templates are for people to automate their deployments, adding a API to show someone how to use the APIM service on ALL new deployments does not make sense in a scripted environment.

    If when creating a new APIM from the web portal causes it to add a extra api to show the usage of APIM, that is fine, I world totally understand that behavior. But adding un-asked for apis during a…

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow different publisher teams to edit only their API's

    We have different product teams surfacing API's for their products that we present in our company's APIM instance, however the ability to edit an API (or view the contents of secret variables) in APIM from a permissions standpoint is currently an all or nothing proposition, an extension of RBAC (or similar) to restrict privileged access to individual API's / associated secrets would allow us to delegate responsibility for keeping API's current to the product teams rather than needing to manage the APIM centrally with product teems needing to submit requests for change to the central team.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  17. Import API to new revision

    Currently you can import a OpenAPI specification to either a new API, replace the existing API or append it to the existing API.
    It'd be useful to be able to create new revision off the newly imported rather then the currently available options.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  18. Hiding operations in developer portal

    This is a duplicate but the original suggestion was closed as Completed.

    I would like to hide operations in the developer portal but still expose them through the proxy.

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow SOAP services with complex WSDL to be manually built

    My organization has a large number of legacy SOAP services that have large complex WSDL based on external XSDs. Currently the APIM product is not able to manage the service operations given the complexity. Allow for the type structures to be manually created so that the management tools can function.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  20. Improved mutual certificate authentication for front-end / public endpoint

    The current method of verifying client certificates is by hard-coding the certificate thumbprint into a conditional in the policy.

    A better solution would be to be able to match the incoming thumbprint to ALL thumbprints in the uploaded SSL key stores. As described in the last paragraph here:
    https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-mutual-certificates-for-clients

    However, currently only the private certificates are exposed in the context variable (context.Deployment.Certificates) rendering the aforementioned code non-working.

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base