API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ability to specify notification email proxy

    We use an external API to generate, style and send all our systems' emails. To replicate those email templates in APIM requires a copy/paste in several different template fields. It would be great to specify some endpoint that we can POST/GET to send the APIM email values to a service. We can model the service endpoints to match whatever APIM sends.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  2. Richer import for azure functions

    At the moment when importing an azure function limited metadata about the operation is captured in to the swagger.

    It would be useful if the import process could interrogate the use of attributes such as ProducesResponseType, Produces, Consumes etc.. to correctly generate the operation definition with models, content types etc..

    This could be rich enough to allow enums to be annotated with x-ms-enum, even if it required special APIM attributes to be used.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    need-feedback  ·  0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  3. Integration with azure data catalog and event hubs - enable swagger definitions to be inherited by data stores and pipelines

    Integration with azure data catalog and event hubs - enable swagger definitions to be inherited by data stores and pipelines

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Integration  ·  Flag idea as inappropriate…  ·  Admin →
  4. Support AAD JWT token validation more directly using AAD metadata

    There is currently a way to validate JWT tokens in the policies. This is great. However, it could be done better in the case the JWT tokens are issued by AAD. In that case one would like to give the tenant ID of AAD and the Application ID that is assigned to the API. This way the policy would automatically extract the valid certificate from AAD metadata (something like https://login.microsoftonline.com/38cda3b4-71fa-4748-a48e-e50ef1ebfe00/federationmetadata/2007-06/federationmetadata.xml).
    That would prevent us from having to do this manually each time the global AAD certificate changes (next one is before mar 2019). It would be more in the…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add "API" to Import and Export on APIM Gateway context menu

    I did not realize that Import/Export is for APIs. This is not intuitive. And when you click on that option, the title says “Import API” and ”Export API”. Can I make a strong recommendation to add “API” to the end of “Import” and “Export” on that context menu?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Reset password captcha breaks when the placeholder contains a single quote

    In javascript console I get:

    Bindings value: { hipUrl: .... placeholder: 'Immettere l'immagine CAPTCHA qui' } -> Message: Unexpected identifier

    as the placeholder is not escaped and contains a single quote.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow backend call details in "context" interface

    It would be very usefull to have access to backend call details via a new context "backend" interface so we could have access to "status code", backend url, call duration...
    In fact all that could be usefull to analyse "backend calls" in outbound policies.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  8. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  9. Describe what a member is and must have

    Describe what restrictions are put on members. Must member be users with accounts in some local active directory? Are members just strings so any name can be entered?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  10. support template parameters in the version id

    support template parameters in the version id.

    We should support template parameters in versionId so that APIM API url doesn't have to end with version name every time.

    For example, the usage URL can look like http://harryapimanagement.azure-api.net/api/v1.0/content instead of http://harryapimanagement.azure-api.net/api/content/v1.0

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  11. Pull API URL Suffix from basepath as default value while allowing user to change it

    Pull API URL Suffix from basepath as default value while allowing user to change it

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Enterprise participation encouraged

    During creation process inhibit creation of duplicate company API Pub and Sub instances. Suggest duplicates to get access to the company API Pub Sub instance.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  13. stop forced display of Request Headers

    Hello.
    When adding the "CONTENT TYPE" of Request Body's Representations in the publisher portal, Request Headers is forcibly displayed as "Content-Type (optional)" on the developer portal, so it is in a state that it can not be deleted or edited.
    I want you to stop forced display of Request Headers or make it editable.
    Thank you.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  14. Open Id Connect - add required scopes in Developer Portal

    Currently it is not possible to add required scopes (or any additional URL or body parameters) to authorize requests.
    I think it is possible for OAuth0 integration.
    It might be worthwhile to add such possibility.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  15. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  16. Use wildcard url in backend entity

    Could you support wildcard in the url of backend entity?

    Take following backend for example, we would like to use https://*.contoso.com/ instead of https://abc.contoso.com/.

    {
    "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/backends/proxybackend",
    "type": "Microsoft.ApiManagement/service/backends",
    "name": "proxybackend",
    "properties": {
    "description": "description5308",
    "url": "https://abc.contoso.com/",
    "protocol": "http",
    "credentials": {},
    "header": {},
    "authorization": {
    "scheme": "Basic",
    "parameter": "opensesma"
    }
    },
    "proxy": {},
    "tls": {
    "validateCertificateChain": false,
    "validateCertificateName": false
    }
    }
    }

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  17. When clicking "load more" in API operation list, it should load more (add to the list) and not replace the currently visible operations

    When clicking "load more" in API operation list in the Azure management portal, it should load more (add to the list) and not replace the currently visible operations. Lets say you have 25 operations for the selected API, and the first 20 are displayed by default and there is a "load more" button at the bottom of the operation list. and you click it. Currently, it removes the first 20 and only shows the last 5. If you want to see the first 20 again, you have to then click and select a different API and then go back to…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  18. Try it page not handling optional route parameters

    I have this operation in my API

    "/get/{*path}": {
    "get": {
    "summary": "Get",
    "description": "Gets a single file or a collection of files and folders in a ZIP archive.",
    "operationId": "get",
    "parameters": [
    {
    "name": "path",
    "in": "path",
    "required": true,
    "schema": {
    "type": ""
    }
    },
    {
    "name": "recurse",
    "in": "query",
    "description": "Retrieve files recursively or from the {path} directory only.",
    "schema": {
    "enum": [
    "true",
    "false"
    ],
    "type": "boolean"
    }
    },
    {
    "name": "pattern",
    "in": "query",
    "description": "An expression supporting asterisks as wildcards for filtering results.",
    "schema": {
    "type": "string"
    }
    }
    ],
    "requestBody": {
    "content": {}
    },
    "responses":…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ability for Product Group Admins to have access to see the Publisher "Analytics" for their APIs/Products

    We require the ability for specific admin users (Product Group Owners) from different groups to get access to see only their APIs/Products analytics via the Azure Portal/Publisher Portal Analytics section.

    Currently the APIM Admin has visibility to all the APIs/Products Analytics (Publisher Portal) and is required to provide reports back to the specific Product owner.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  20. Can you add System.Security.Cryptography.X509Certificates into whitelist. So it can be used to verify certificates.

    System.Security.Cryptography.X509Certificates is required to verify if a certificate is revoked or not and also validate the certificate chain.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base