API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. support template parameters in the version id

    support template parameters in the version id.

    We should support template parameters in versionId so that APIM API url doesn't have to end with version name every time.

    For example, the usage URL can look like http://harryapimanagement.azure-api.net/api/v1.0/content instead of http://harryapimanagement.azure-api.net/api/content/v1.0

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  2. Improve APIM --> Function integration

    store the function name that was imported and what end point operations where checked when imported. Then when a new version of the API is created, you can change the function name (would refresh end point operations), and then add/remove (if needed) operations by checkbox. Finally, if a new version of a function is uploaded, an event would fire off to rebuild all the API interfaces that have operations are pointing to it (like when importing) so it can keep in sync with the back end.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    need-feedback  ·  0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add "API" to Import and Export on APIM Gateway context menu

    I did not realize that Import/Export is for APIs. This is not intuitive. And when you click on that option, the title says “Import API” and ”Export API”. Can I make a strong recommendation to add “API” to the end of “Import” and “Export” on that context menu?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Increase password strength for basic user accounts

    Basic user accounts can be created via;
    1. Admin portal (minimum password length=6)
    2. Self registration page (minimum password length=8).
    No other rule applies i.e. very poor password strength.

    When possible, we definitely use AAD.
    For cases where we can not use AAD the Azure PaaS Developer Support Team has recommended us to use Facebook, Google, Microsoft or Twitter accounts...

    Please, provide UI page where Admin can design password policy by choosing;
    - Minimum password length. [Default=8?].
    - English upper case letters (e.g., A, B, C, ...Z). [Checkbox True|False].
    - English lower case letters (e.g., a, b, c, ...z). [Checkbox…

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    need-feedback  ·  0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow the creation of custom API templates with predefined policies

    Allow custom templates to be created, and made available for selection via the API creation page (see attached), with predefined policies. This will improve the user experience where the requirement is to have several API's based on the same boiler plate policies. Product policies could be used but require all API's to be assigned to the same product which does not give flexibility in restricting access to the API's

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  6. Increase renewal period limit of 'rate-limit-by-key'

    Increase the upper limit on' renewal period' attribute of 'rate-limit-by-key' policy. Currently it accepts maximum 300 seconds.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  7. named values git

    Add Named Values information to the Git integration feature

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  8. change machine hosts file

    we publish a set of API exposed through internal services on AKS. Instead of using internal IP Address it would be great to use a sort of hosts file or point API management to a custom dns server so I can publish APIs with hostname and not the IP address.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow creating network traces for API Management instances

    It should be possible to create a packet capture containing all traffic to/from API Management

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Open Id Connect - add required scopes in Developer Portal

    Currently it is not possible to add required scopes (or any additional URL or body parameters) to authorize requests.
    I think it is possible for OAuth0 integration.
    It might be worthwhile to add such possibility.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow import only changes for existing Azure Functions API

    Partners should be able to only import changes when importing APIs into a project that already has Azure Functions APIs.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow control over publisher notifications

    There currently is no control over publisher notifications. Developer notification functionality could be replicated for publisher notifications. A small example is in Organization Name, this can be changed for developer notifications but not for publisher notifications.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Can you add System.Security.Cryptography.X509Certificates into whitelist. So it can be used to verify certificates.

    System.Security.Cryptography.X509Certificates is required to verify if a certificate is revoked or not and also validate the certificate chain.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Sorting API by "API URL Suffix"

    Hi,
    It will be really interesting to a kind of a tree view that shows us all the api url suffix and the api in it
    e.g:

    /
    /clients/

     >API Name 
    
    >> List of operations

    /employees/

     >API Name 
    
    >> List of operations

    Regards

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  15. Authentication with HMAC

    Currently, my project is using Hmac-SHA256 to do the authorization. We are struggle with how to generate, transmit and store the secret key between client side and ours. is there any secure way to do this?

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Search API across entire site

    It would be very useful to have the search button functionality on entire site. For example, when searching an API by a word to display all related results from all available pages.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  17. stop forced display of Request Headers

    Hello.
    When adding the "CONTENT TYPE" of Request Body's Representations in the publisher portal, Request Headers is forcibly displayed as "Content-Type (optional)" on the developer portal, so it is in a state that it can not be deleted or edited.
    I want you to stop forced display of Request Headers or make it editable.
    Thank you.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ability for Product Group Admins to have access to see the Publisher "Analytics" for their APIs/Products

    We require the ability for specific admin users (Product Group Owners) from different groups to get access to see only their APIs/Products analytics via the Azure Portal/Publisher Portal Analytics section.

    Currently the APIM Admin has visibility to all the APIs/Products Analytics (Publisher Portal) and is required to provide reports back to the specific Product owner.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  19. Import API to new revision

    Currently you can import a OpenAPI specification to either a new API, replace the existing API or append it to the existing API.
    It'd be useful to be able to create new revision off the newly imported rather then the currently available options.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow custom identity provider portal account creation/login

    This is the same issue as as this 'completed' one: https://feedback.azure.com/forums/248703-api-management/suggestions/5947766-custom-identity-provider-for-the-developer-portal. That is only completed if you can use Azure B2C. We want to use a different identity provider (OAuth 2.0 based) to enable SSO between multiple web applications. We are currently using delegation, but that requires some integration that could go away if we could use a custom identity provider. Since there is already support for other OAuth based providers, it seems like this would be a 'easy win' for the platform.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base