How can we improve Azure API Management?

More flexible subscriptions in Azure API Management

Present model for providing access to APIs is based on product subscriptions owned by a user. Each subscription includes a few properties and a pair of API keys. We are working on expanding this model to allow subscriptions and keys to be owned by a group of users or not be associated with any users at all. This will allow customers the flexibility of creating an ad-hoc set of key or having keys shared by a team of users without worrying about their ownership when members leave or are added to the team.

137 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    AdminAzure API Management Team (Admin, Microsoft Azure) shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    10 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Oliver Tomlinson commented  ·   ·  Flag as inappropriate

        +1 for "organisational subscriptions"

        This is needed badly when trying to create B2B APIs.

        Typically the "user" aka a developer, of an integration, is not the "owner" of that integration, the "owner" of that integration is the "customer" aka the business who consumes your API.

        A "customer" has 1 or more "users" aka developers.
        A "customer" has 1 or more set of subscriptions.
        A "user" has access to one or more subscriptions that belong to the customer.

      • Carles Guitart commented  ·   ·  Flag as inappropriate

        Will this also cover the "organizational subscription" topic that was present in the previous Trello board? If not, please let me know and I will post a new feedback item.

        Having "organizational subscriptions" will be also a very interesting functionality.

      • Jason Kohlhoff commented  ·   ·  Flag as inappropriate

        Allowing subscriptions and keys to *not* be associated with any users or groups at all is an important scenario. We would like to programmatically create subscriptions and keys, and display the keys in another web application that is acting as a frontend to API Management. Users of the frontend will ideally have no knowledge that we're using API Management on the backend.

      • Andreas commented  ·   ·  Flag as inappropriate

        Would be great to have that flexibility as soon as possible, since this is a requirement for us.

      • Christof Van Geendertaelen commented  ·   ·  Flag as inappropriate

        It would be great if custom rbac roles can be used in the scope of a management group as well. Therefore, management groups should be able to be added to the AssignableScopes in the json definition file of a role.

      Feedback and Knowledge Base