API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

How can we improve Azure API Management?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support AAD JWT token validation more directly using AAD metadata

    There is currently a way to validate JWT tokens in the policies. This is great. However, it could be done better in the case the JWT tokens are issued by AAD. In that case one would like to give the tenant ID of AAD and the Application ID that is assigned to the API. This way the policy would automatically extract the valid certificate from AAD metadata (something like https://login.microsoftonline.com/38cda3b4-71fa-4748-a48e-e50ef1ebfe00/federationmetadata/2007-06/federationmetadata.xml).
    That would prevent us from having to do this manually each time the global AAD certificate changes (next one is before mar 2019). It would be more in the…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add "API" to Import and Export on APIM Gateway context menu

    I did not realize that Import/Export is for APIs. This is not intuitive. And when you click on that option, the title says “Import API” and ”Export API”. Can I make a strong recommendation to add “API” to the end of “Import” and “Export” on that context menu?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Reset password captcha breaks when the placeholder contains a single quote

    In javascript console I get:

    Bindings value: { hipUrl: .... placeholder: 'Immettere l'immagine CAPTCHA qui' } -> Message: Unexpected identifier

    as the placeholder is not escaped and contains a single quote.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow backend call details in "context" interface

    It would be very usefull to have access to backend call details via a new context "backend" interface so we could have access to "status code", backend url, call duration...
    In fact all that could be usefull to analyse "backend calls" in outbound policies.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  5. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  6. support template parameters in the version id

    support template parameters in the version id.

    We should support template parameters in versionId so that APIM API url doesn't have to end with version name every time.

    For example, the usage URL can look like http://harryapimanagement.azure-api.net/api/v1.0/content instead of http://harryapimanagement.azure-api.net/api/content/v1.0

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  7. Enterprise participation encouraged

    During creation process inhibit creation of duplicate company API Pub and Sub instances. Suggest duplicates to get access to the company API Pub Sub instance.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  8. stop forced display of Request Headers

    Hello.
    When adding the "CONTENT TYPE" of Request Body's Representations in the publisher portal, Request Headers is forcibly displayed as "Content-Type (optional)" on the developer portal, so it is in a state that it can not be deleted or edited.
    I want you to stop forced display of Request Headers or make it editable.
    Thank you.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  9. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  10. Use wildcard url in backend entity

    Could you support wildcard in the url of backend entity?

    Take following backend for example, we would like to use https://*.contoso.com/ instead of https://abc.contoso.com/.

    {
    "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/backends/proxybackend",
    "type": "Microsoft.ApiManagement/service/backends",
    "name": "proxybackend",
    "properties": {
    "description": "description5308",
    "url": "https://abc.contoso.com/",
    "protocol": "http",
    "credentials": {},
    "header": {},
    "authorization": {
    "scheme": "Basic",
    "parameter": "opensesma"
    }
    },
    "proxy": {},
    "tls": {
    "validateCertificateChain": false,
    "validateCertificateName": false
    }
    }
    }

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  11. When clicking "load more" in API operation list, it should load more (add to the list) and not replace the currently visible operations

    When clicking "load more" in API operation list in the Azure management portal, it should load more (add to the list) and not replace the currently visible operations. Lets say you have 25 operations for the selected API, and the first 20 are displayed by default and there is a "load more" button at the bottom of the operation list. and you click it. Currently, it removes the first 20 and only shows the last 5. If you want to see the first 20 again, you have to then click and select a different API and then go back to…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  12. Try it page not handling optional route parameters

    I have this operation in my API

    "/get/{*path}": {
    "get": {
    "summary": "Get",
    "description": "Gets a single file or a collection of files and folders in a ZIP archive.",
    "operationId": "get",
    "parameters": [
    {
    "name": "path",
    "in": "path",
    "required": true,
    "schema": {
    "type": ""
    }
    },
    {
    "name": "recurse",
    "in": "query",
    "description": "Retrieve files recursively or from the {path} directory only.",
    "schema": {
    "enum": [
    "true",
    "false"
    ],
    "type": "boolean"
    }
    },
    {
    "name": "pattern",
    "in": "query",
    "description": "An expression supporting asterisks as wildcards for filtering results.",
    "schema": {
    "type": "string"
    }
    }
    ],
    "requestBody": {
    "content": {}
    },
    "responses":…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  13. Ability for Product Group Admins to have access to see the Publisher "Analytics" for their APIs/Products

    We require the ability for specific admin users (Product Group Owners) from different groups to get access to see only their APIs/Products analytics via the Azure Portal/Publisher Portal Analytics section.

    Currently the APIM Admin has visibility to all the APIs/Products Analytics (Publisher Portal) and is required to provide reports back to the specific Product owner.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  14. Can you add System.Security.Cryptography.X509Certificates into whitelist. So it can be used to verify certificates.

    System.Security.Cryptography.X509Certificates is required to verify if a certificate is revoked or not and also validate the certificate chain.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow control over publisher notifications

    There currently is no control over publisher notifications. Developer notification functionality could be replicated for publisher notifications. A small example is in Organization Name, this can be changed for developer notifications but not for publisher notifications.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. add ability to mark a header or parameter value as private

    We have additional credentials that are configured to be passed as additional headers. It would be nice to be able to mark these as "private" in the configuration so in the "try it" page the values that are typed in are handled like the subscription key and they appear as dots when typed. Right now when we're doing a screen share demonstration, people watching the demonstration have full view of the username and password being entered. Sure, we can go through special means to have dummy accounts or dummy systems, or change the credentials as soon as the demo is…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    need-feedback  ·  0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  17. Subscription key

    Hey, how about making it simple and clear on how to get a subscription key for using an API. I finally gave up on using Azure due to this.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow import only changes for existing Azure Functions API

    Partners should be able to only import changes when importing APIs into a project that already has Azure Functions APIs.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
1 3 Next →
  • Don't see your idea?

API Management

Feedback and Knowledge Base