API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. developer portal host problem

    Documentation generated from swagger is showing double slash at the end of the domain name like this:
    Request
    https://api.aq-fes.com//eCommerce/resource/documents/{Id}

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  2. Bulk Delete & Duplicate Detecttion for API Operations

    When importing API endpoints form a function app if the endpoint already exists do not import it.

    If duplicates are imported please provide an easy way to bulk delete operations. Its pretty painful to cleanup after someone bulk imports duplicates.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Support for multi-tenant user login delegation

    In a multi-tenant scenario, there is no option to delegate user login to multiple urls, the delegation section allows only one url.

    It would be great if it would allow one delegation endpoint per custom developer portal domain.

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  4. By adding documentation for REST Interface , Multi Client and self signed Certificate authentication

    Documentation for REST Interface is very confusing as;
    1) ARM specific operations and urls are mixed together with APIM service instance specific endpoints and operations.
    2) PUT operations are titled as "Create or Update" operation while PATCH operation are marked as "Update" operation. This is confusing and costed us an outage; "Update" operation should be named as "Partial update" or "PATCH" operation in title. example:
    https://docs.microsoft.com/en-us/rest/api/apimanagement/2019-12-01/apimanagementservice/createorupdate

    Usually,
    POST operation is create operation
    PUT is update
    PATCH is partial update

    3) also the documentation should explain all the possible values of property attribute like
    "virtualNetworkType": "None". //in documentation
    "virtualNetworkType": "External" //not…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  5. Support deep links to DevPortal pages even if redirect to signin page is activated

    We plan to provide more information in the DevPortal such as articles in wiki style. It shall be possible to share knowledge effectively with colleagues by sending a deep link to a dedicated page (article) or API details page that are relevant in a dedicated context.
    The deep link should work even when the redirect setting to the sign-in page has been activated!

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  6. Ability to reset developer portal style.

    Add the ability to reset developer portal style to default style.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  7. API Data Streaming while calling backend

    We have a need to call a backend document API which may return large documents (200 - 500 MB). Can we have a feature of data streaming enabled. Also, this can run longer than the current timeout limit of 240 seconds.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  8. OData URIs case insensitive

    OData URIs are managed in a case sensitive way, we have an operation with this URL /api/Companies({id}) and the only way we can invoke it is using the resource name in lowercase: /api/companies('424324')

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  9. Limit call rate by key in the Consumption tier

    The rate-limit-by-key policy prevents API usage spikes on a per key basis by limiting the call rate to a specified number per a specified time period. This is really important feature of api managament and it's not available in Consumption tier.

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support for HTTP/2 for APIM connecting to backend services

    HTTP/2 is supported for APIM client side facing communications, it will be great to support HTTP/2 also for backend side facing communications so that the entire request chain can be HTTP/2 enabled.

    69 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  11. Set proxy configuration for “send-request” policy

    I can found “Set HTTP proxy” policy. And I tried this policy on APIM. But this HTTP proxy setting effected only <forward-request>. All requests by <send-request> were not bypassed via proxy.

    Set HTTP proxy
    https://docs.microsoft.com/en-us/azure/api-management/api-management-advanced-policies#SetHttpProxy

    I hope to add new proxy configuration for “send-request” policy

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  12. GatewayUrl in Azure Portal UI and REST Api differ

    We have decided to go all in when it comes to ARM Templating, and our goal is to depend on as few parameters as possible and instead retrieve as may information from the system settings as possible.

    While creating ARM Templates for Api Management I discovered that what i did see on my Azure Portal in Api Management Service in the Gateway Url property was not the value to be found when retrieving it using my ARM Template. Trying to figure out what happens i did a REST Api lookup and to my big surprise GatewayUrl via REST Api and…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  13. add access policy that supports managed identity validation

    similar to how azure key vault is secured with access policies tied back to the system-managed identities of azure resources accessing the key vault, create a similar mechanisim in APIM that allows an API to be secured. For example, if I want an API to be accessed only by a specific azure app service(s), create a way to set access policies to allow that resource's managed identity when the specific API is called.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Use DDoS Protection Standard with VNET integrated API Management gateway

    We would like to use DDoS Protection Standard for our VNET integrated API Management Service. A possible solution could be to have self-signed public ip's for the public endpoint.

    P.S. We cannot put a Application Gateway v2 in front of API gateway because of the requirement of Client Certificate Authentication.

    52 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Automatically provision AD app registration for an API Management instance

    When we expose APIs through API Management, we often want to secure them using JWT validation. For fine-grained control, we would want to validate claims in the JWT to verify that the caller is allowed access to that particular API. Setting up and keeping in sync the app registration to allow this is tedious for the directory administrator particularly when the development environment is highly active.

    I suggest that you enable a way to automatically provision and keep in sync an app registration in the AD tenant whose app roles mirror the APIs offered in the API Management instance

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Support for user-assigned managed identity

    At the moment it is not possible to deploy an APIM all-in-one with Keyvault references due to how the current MSI integration works. This would be resolved if APIM supported user-assigned managed identities as this would allow Keyvault permissions to be set up prior to APIM being deployed.

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Azure AD B2C Sign in and Sign up button in Developer portal

    Azure AD B2C Sign in and sign up buttons should be added in the portal so that we can use it anywhere such as in custom pages or menubar of the developer portal.
    Currently, Azure AD B2C sign in button is only available for in-built Sign in page.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  18. New Portal - Ability to expand 'object' and 'object[]' to see nested fields

    With the currently developer portal when you're viewing an API endpoint, you are only seeing the parent fields, so if something is nested or an array, you're only seeing the top level. See the attached screenshot.
    We would like to be able to expand the object or array to see the fields contained within as well.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. Programmatically Import Azure Function into APIM

    I've created an Azure DevOps release pipeline to update APIM API by importing a swagger file via PowerShell. The swagger file was exported from APIM Dev instance, and the release pipeline imports it into QA APIM instance. However, backend is wrong, and there are missing keys that prevent QA APIM API from calling QA Az Function API.

    It all works if I manually import the QA Az Func API into QA APIM API via APIM UI... and keys are automagically generated for Az Func & APIM.

    So I need a way to setup DevOps release pipeline to deploy a QA…

    106 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Integration  ·  Flag idea as inappropriate…  ·  Admin →
  20. Adding custom parameters for Notification Templates

    Provide an option to add custom parameters inside the notification templates.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base