How can we improve Azure API Management?

← API Management

We would like to have OWASP security features as part of API Management rather than using API gateway/WAF.

We would like to have OWASP security features as part of API Management rather than using API gateway/WAF.

139 votes

Jayesh Sonawane shared this idea · Sep 2, 2018 · Flag idea as inappropriate… · Admin →

triaged · Sep 27, 2019

5 comments

An error occurred while saving the comment

Henriquez, Hernan commented · April 20, 2020 6:23 AM · Flag as inappropriate

Any update on this, pretty basic expectation and long waiting?

Submitting...
Chad commented · March 26, 2020 1:42 PM · Flag as inappropriate

More security rules? Country block - now in preview for app gateway: https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/geomatch-custom-rules

Submitting...
Henriquez, Hernan commented · January 22, 2020 5:50 AM · Flag as inappropriate

Having threat protection out of the box policies is basic expectations of an API Management, solution is there any plan in azure APIM for this?

Submitting...
Chad commented · July 11, 2019 11:04 AM · Flag as inappropriate

Consider adding built in policy definitions similar to apigee:

https://docs.apigee.com/api-platform/reference/policies/xml-threat-protection-policy
https://docs.apigee.com/api-platform/reference/policies/json-threat-protection-policy
https://docs.apigee.com/api-platform/reference/policies/regular-expression-protection

Submitting...
Chad commented · July 9, 2019 11:37 PM · Flag as inappropriate

This is especially critical for a native azure solution since you cannot put an App Gateway in front of APIM and still support Mutual Authentication with certificate checks.

Submitting...

API Management: Security

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 6,687 ideas
- Additional Services 326 ideas
- Analytics Platform System 20 ideas
- API Apps 0 ideas
- API Management 639 ideas
- Automation 523 ideas
- Azure Active Directory 5,071 ideas
- Azure Active Directory Application Requests 275 ideas
- Azure Advisor 33 ideas
- Azure Analysis Services 187 ideas
- Azure API for FHIR 13 ideas
- Azure App Configuration 45 ideas
- Azure Arc 27 ideas
- Azure Automanage 4 ideas
- Azure Backup 550 ideas
- Azure Blockchain Service 11 ideas
- Azure Bot Service 35 ideas
- Azure Certified Device 15 ideas
- Azure Cloud Shell 367 ideas
- Azure Cognitive Services 46 ideas
- Azure Confidential Compute 1 idea
- Azure Container Instances 166 ideas
- Azure Container Registry 97 ideas
- Azure Cosmos DB 279 ideas
- Azure CycleCloud 6 ideas
- Azure Data Explorer 210 ideas
- Azure Data Share 11 ideas
- Azure Database for MariaDB 18 ideas
- Azure Database for MySQL 70 ideas
- Azure Database for PostgreSQL 155 ideas
- Azure Database Migration Service 78 ideas
- Azure Databricks 273 ideas
- Azure Dev Spaces 10 ideas
- Azure Digital Twins 20 ideas
- Azure Event Grid 67 ideas
- Azure FarmBeats 12 ideas
- Azure Functions 236 ideas
- Azure FXT Edge Filer 1 idea
- Azure Governance 197 ideas
- Azure HPC Cache 0 ideas
- Azure IoT (Hub, DPS, SDKs) 328 ideas
- Azure IoT Central 153 ideas
- Azure IoT Edge 89 ideas
- Azure IoT Security 0 ideas
- Azure IoT Solution Accelerators 45 ideas
- Azure Key Vault 173 ideas
- Azure Kinect DK 69 ideas
- Azure Kubernetes Service (AKS) 297 ideas
- Azure Lighthouse 31 ideas
- Azure Management Groups 23 ideas
- Azure Maps 74 ideas
- Azure Marketplace 457 ideas
- Azure Media Services 257 ideas
- Azure Migrate 62 ideas
- Azure mobile app 361 ideas
- Azure Monitor 253 ideas
- Azure Monitor- Alert Management 157 ideas
- Azure Monitor-Application Insights 796 ideas
- Azure Monitor-Log Analytics 999 ideas
- Azure NetApp Files (ANF) 31 ideas
- Azure Pack 297 ideas
- Azure portal 2,198 ideas
- Azure Purview 162 ideas
- Azure Quantum 0 ideas
- Azure Red Hat OpenShift 12 ideas
- Azure Remote Rendering 10 ideas
- Azure Reservations 185 ideas
- Azure Resource Manager 558 ideas
- Azure Search 292 ideas
- Azure Security Center 311 ideas
- Azure Sentinel 122 ideas
- Azure Service Health 41 ideas
- Azure SignalR Service 17 ideas
- Azure Spatial Anchors 31 ideas
- Azure Sphere 81 ideas
- Azure Spring Cloud 3 ideas
- Azure Stack HCI 7 ideas
- Azure Stack Hub 203 ideas
- Azure Synapse Analytics 462 ideas
- Azure TCO Calculator 30 ideas
- Azure Time Series Insights 30 ideas
- Batch 37 ideas
- Batch AI 10 ideas
- Biztalk Services 14 ideas
- Blockchain 55 ideas
- Cache 42 ideas
- Change Tracking 12 ideas
- Cloud Services (Web and Worker Role) 273 ideas
- Cost Management 344 ideas
- Cross region move for Azure resources 11 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 178 ideas
- Data Factory 1,225 ideas
- Data Lake 355 ideas
- Data Science VM 24 ideas
- Diagnostics and Monitoring 202 ideas
- Event Hubs 42 ideas
- Global Infrastructure 44 ideas
- HDInsight 133 ideas
- Lab Services 374 ideas
- Logic Apps 1,837 ideas
- Machine Learning 232 ideas
- Mobile Engagement 19 ideas
- Networking 1,445 ideas
- Notification Hubs 36 ideas
- Project Bonsai 30 ideas
- Scheduler 43 ideas
- Scripting and Command Line Tools 102 ideas
- SDK and Tools 148 ideas
- Security and Compliance 105 ideas
- Service Bus 206 ideas
- Service Fabric 304 ideas
- Signup and Billing 1,784 ideas
- Site Recovery 297 ideas
- SQL Data Sync 68 ideas
- SQL Database 879 ideas
- SQL Managed Instance 153 ideas
- SQL Server 10,695 ideas
- SQL Server - Big Data Clusters 47 ideas
- Storage 1,014 ideas
- StorSimple 26 ideas
- Stream Analytics 271 ideas
- Support Feedback 276 ideas
- System Center Data Protection Manager 152 ideas
- Update Management 188 ideas
- Virtual Machines 1,695 ideas
- Web Apps 633 ideas
Microsoft Azure