How can we improve Azure API Management?

← API Management

We would like to have OWASP security features as part of API Management rather than using API gateway/WAF.

We would like to have OWASP security features as part of API Management rather than using API gateway/WAF.

79 votes

Vote

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

You have left! (?) (thinking…)

Jayesh Sonawane shared this idea · September 02, 2018 · Flag idea as inappropriate… · Admin →

triaged · September 27, 2019

2 comments

Add a comment…

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

Submitting...

An error occurred while saving the comment

Chad commented · July 11, 2019 11:04 · Flag as inappropriate

Consider adding built in policy definitions similar to apigee:

https://docs.apigee.com/api-platform/reference/policies/xml-threat-protection-policy
https://docs.apigee.com/api-platform/reference/policies/json-threat-protection-policy
https://docs.apigee.com/api-platform/reference/policies/regular-expression-protection

Submitting...
Chad commented · July 09, 2019 23:37 · Flag as inappropriate

This is especially critical for a native azure solution since you cannot put an App Gateway in front of APIM and still support Mutual Authentication with certificate checks.

Submitting...

API Management: Security

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 3,741 ideas
- ACE Tools 39 ideas
- Additional Services 323 ideas
- Analytics Platform System 12 ideas
- API Apps 7 ideas
- API Management 474 ideas
- Automation 444 ideas
- Azure Active Directory 3,893 ideas
- Azure Active Directory Application Requests 223 ideas
- Azure Advisor 20 ideas
- Azure Analysis Services 150 ideas
- Azure API for FHIR 4 ideas
- Azure App Configuration 22 ideas
- Azure Arc 6 ideas
- Azure Backup 480 ideas
- Azure Blockchain Service 6 ideas
- Azure Bot Service 64 ideas
- Azure Cloud Shell 329 ideas
- Azure Confidential Compute 1 idea
- Azure Container Instances 101 ideas
- Azure Container Registry 66 ideas
- Azure Cosmos DB 238 ideas
- Azure CycleCloud 2 ideas
- Azure Data Explorer 58 ideas
- Azure Data Share (Public Preview) 5 ideas
- Azure Database for MariaDB 11 ideas
- Azure Database for MySQL 58 ideas
- Azure Database for PostgreSQL 97 ideas
- Azure Database Migration Service 54 ideas
- Azure Databricks 74 ideas
- Azure Dev Spaces 8 ideas
- Azure Digital Twins 27 ideas
- Azure Event Grid 59 ideas
- Azure FarmBeats 5 ideas
- Azure Functions 170 ideas
- Azure FXT Edge Filer 0 ideas
- Azure Governance 118 ideas
- Azure Government 88 ideas
- Azure HPC Cache 0 ideas
- Azure IoT 267 ideas
- Azure IoT Central 115 ideas
- Azure IoT Device Catalog 10 ideas
- Azure IoT Edge 61 ideas
- Azure IoT Solution Accelerators 35 ideas
- Azure Key Vault 132 ideas
- Azure Kinect DK 41 ideas
- Azure Kubernetes Service (AKS) 173 ideas
- Azure Lighthouse 14 ideas
- Azure Management Groups 26 ideas
- Azure Maps 43 ideas
- Azure Marketplace 398 ideas
- Azure Media Services 211 ideas
- Azure Migrate 38 ideas
- Azure mobile app 217 ideas
- Azure Monitor 120 ideas
- Azure Monitor- Alert Management 119 ideas
- Azure Monitor-Application Insights 581 ideas
- Azure Monitor-Log Analytics 920 ideas
- Azure NetApp Files (ANF) 3 ideas
- Azure Pack 326 ideas
- Azure portal 1,920 ideas
- Azure Red Hat OpenShift 12 ideas
- Azure Reservations 184 ideas
- Azure Resource Manager 474 ideas
- Azure Search 249 ideas
- Azure Security Center 221 ideas
- Azure Sentinel 56 ideas
- Azure Service Health 23 ideas
- Azure SignalR Service 10 ideas
- Azure Spatial Anchors 19 ideas
- Azure Sphere 63 ideas
- Azure Spring Cloud 0 ideas
- Azure Stack 170 ideas
- Azure Synapse Analytics 265 ideas
- Azure TCO Calculator 29 ideas
- Azure Time Series Insights 11 ideas
- Batch 47 ideas
- Batch AI 9 ideas
- Biztalk Services 23 ideas
- Blockchain 45 ideas
- Cache 53 ideas
- Change Tracking 9 ideas
- Cloud Services (Web and Worker Role) 286 ideas
- Cost Management 194 ideas
- Cross region move for Azure resources 11 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 135 ideas
- Data Factory 771 ideas
- Data Lake 341 ideas
- Data Science VM 21 ideas
- Diagnostics and Monitoring 195 ideas
- Event Hubs 28 ideas
- Global Infrastructure 45 ideas
- HDInsight 130 ideas
- Lab Services 272 ideas
- Logic Apps 1,454 ideas
- Machine Learning 117 ideas
- Mobile Engagement 19 ideas
- Networking 1,030 ideas
- Notification Hubs 33 ideas
- Scheduler 47 ideas
- Scripting and Command Line Tools 109 ideas
- SDK and Tools 142 ideas
- Security and Compliance 90 ideas
- Service Bus 197 ideas
- Service Fabric 291 ideas
- Signup and Billing 1,546 ideas
- Site Recovery 255 ideas
- SQL Data Sync 70 ideas
- SQL Database 706 ideas
- SQL Managed Instance 109 ideas
- SQL Server 10,227 ideas
- Storage 834 ideas
- StorSimple 46 ideas
- Stream Analytics 242 ideas
- Support Feedback 271 ideas
- System Center Data Protection Manager 116 ideas
- Update Management 123 ideas
- Virtual Machines 1,479 ideas
- Web Apps 432 ideas
Microsoft Azure