API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. More flexible subscriptions in Azure API Management

    Present model for providing access to APIs is based on product subscriptions owned by a user. Each subscription includes a few properties and a pair of API keys. We are working on expanding this model to allow subscriptions and keys to be owned by a group of users or not be associated with any users at all. This will allow customers the flexibility of creating an ad-hoc set of key or having keys shared by a team of users without worrying about their ownership when members leave or are added to the team.

    214 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    started  ·  16 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  2. Better pricing structure for API Management

    We currently use 4 instances of APIM for duplicating our environments (Dev/UAT/Pre Prod and Production)

    We went with APIM as a solution for fronting some azure services and some internal services. Due to the VPN access only being available on Premium we are paying for over 32 Millions calls a day when we will barely generate a 1 Million. So we have 4 Premium APIM instances costing us £6000 a month purely for the VPN access. Forcing us to pay for a level we do not require just for a feature of the environment, it would be better if the…

    129 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    19 comments  ·  Pricing  ·  Flag idea as inappropriate…  ·  Admin →
  3. Export variables reporting throttling information from rate-limit policy

    There are ongoing RFC to give clients the capability to throttle calls rate to avoid hitting the capping imposed by rate-limit policies.

    A possible way to implement this is to return in the response header 4 variables containing:


    • The current limit set by the policy

    • Amount of remaining calls before hitting the limit

    • Number of seconds to wait before getting the limit reset to the maximum

    • Number of seconds to wait before retrying (only when calls are blocked)

    119 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  4. Support Swagger Documentation - Object representation with nested $ref issue

    Hi,

    There is an issue regarding Swagger file for complex objects which are using nested $ref, according to the program team, it's not supported yet by API Management although it works well in Swagger UI.

    This is for me a big issue as we can't manage documentation manually in case our object definition evolve. Furthermore, even if we put manually a json object example in APIM Publisher portal, we can't define the object model associated to it.

    Could you please make Swagger documentation work with nested $ref in APIM?

    Thanks.

    107 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Support better grouping & sorting of products & APIs

    Right now - everything is forced into alphabetical sorting. There are no grouping options. We plan to use this for our entire enterprise, and we expect to end up with hundreds of APIs and dozens of products. A simple "sort order" field will accomplish the sorting issues, may be cumbersome to maintain but we could manage. Not sure how grouping would work, but here is our example:

    Products:
    Business Unit A - Developer
    Business Unit A - Test
    Business Unit A - Production
    Business Unit A - Production Unlimited

    I may like to have a "bucket" named just "Business Unit…

    51 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  6. Reader roles should not be able to see subscription keys

    Currently, users assigned the "Reader" or "Monitoring Reader" role are able to reveal subscription keys in the API Management portal. As is the case with other Azure products, secrets should not be accessible to members of these roles.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    We will introduce a new version of the management API that would “hide” secrets from “reader” users. We will also introduce an explicit gesture to disable older versions of the API on a per API Management service instance basis.

  • Don't see your idea?

Feedback and Knowledge Base