How can we improve Azure API Management?

← API Management

We would like to have OWASP security features as part of API Management rather than using API gateway/WAF.

We would like to have OWASP security features as part of API Management rather than using API gateway/WAF.

117 votes

Vote

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

You have left! (?) (thinking…)

Jayesh Sonawane shared this idea · September 02, 2018 · Flag idea as inappropriate… · Admin →

triaged · September 27, 2019

5 comments

Add a comment…

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

Submitting...

An error occurred while saving the comment

Henriquez, Hernan commented · April 20, 2020 06:23 · Flag as inappropriate

Any update on this, pretty basic expectation and long waiting?

Submitting...
Chad commented · March 26, 2020 13:42 · Flag as inappropriate

More security rules? Country block - now in preview for app gateway: https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/geomatch-custom-rules

Submitting...
Henriquez, Hernan commented · January 22, 2020 05:50 · Flag as inappropriate

Having threat protection out of the box policies is basic expectations of an API Management, solution is there any plan in azure APIM for this?

Submitting...
Chad commented · July 11, 2019 11:04 · Flag as inappropriate

Consider adding built in policy definitions similar to apigee:

https://docs.apigee.com/api-platform/reference/policies/xml-threat-protection-policy
https://docs.apigee.com/api-platform/reference/policies/json-threat-protection-policy
https://docs.apigee.com/api-platform/reference/policies/regular-expression-protection

Submitting...
Chad commented · July 09, 2019 23:37 · Flag as inappropriate

This is especially critical for a native azure solution since you cannot put an App Gateway in front of APIM and still support Mutual Authentication with certificate checks.

Submitting...

API Management: Security

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 5,046 ideas
- ACE Tools 61 ideas
- Additional Services 319 ideas
- Analytics Platform System 14 ideas
- API Apps 2 ideas
- API Management 546 ideas
- Automation 482 ideas
- Azure Active Directory 4,208 ideas
- Azure Active Directory Application Requests 260 ideas
- Azure Advisor 27 ideas
- Azure Analysis Services 165 ideas
- Azure API for FHIR 9 ideas
- Azure App Configuration 32 ideas
- Azure Arc 18 ideas
- Azure Backup 460 ideas
- Azure Blockchain Service 8 ideas
- Azure Bot Service 74 ideas
- Azure Cloud Shell 364 ideas
- Azure Confidential Compute 2 ideas
- Azure Container Instances 130 ideas
- Azure Container Registry 78 ideas
- Azure Cosmos DB 222 ideas
- Azure CycleCloud 3 ideas
- Azure Data Explorer 121 ideas
- Azure Data Share 9 ideas
- Azure Database for MariaDB 14 ideas
- Azure Database for MySQL 50 ideas
- Azure Database for PostgreSQL 112 ideas
- Azure Database Migration Service 64 ideas
- Azure Databricks 144 ideas
- Azure Dev Spaces 9 ideas
- Azure Digital Twins 30 ideas
- Azure Event Grid 52 ideas
- Azure FarmBeats 8 ideas
- Azure Functions 206 ideas
- Azure FXT Edge Filer 0 ideas
- Azure Governance 171 ideas
- Azure HPC Cache 0 ideas
- Azure IoT 290 ideas
- Azure IoT Central 141 ideas
- Azure IoT Device Catalog 13 ideas
- Azure IoT Edge 76 ideas
- Azure IoT Security 0 ideas
- Azure IoT Solution Accelerators 43 ideas
- Azure Key Vault 164 ideas
- Azure Kinect DK 53 ideas
- Azure Kubernetes Service (AKS) 233 ideas
- Azure Lighthouse 23 ideas
- Azure Management Groups 25 ideas
- Azure Maps 48 ideas
- Azure Marketplace 413 ideas
- Azure Media Services 228 ideas
- Azure Migrate 48 ideas
- Azure mobile app 248 ideas
- Azure Monitor 182 ideas
- Azure Monitor- Alert Management 136 ideas
- Azure Monitor-Application Insights 693 ideas
- Azure Monitor-Log Analytics 950 ideas
- Azure NetApp Files (ANF) 19 ideas
- Azure Pack 319 ideas
- Azure portal 2,043 ideas
- Azure Red Hat OpenShift 12 ideas
- Azure Remote Rendering 3 ideas
- Azure Reservations 189 ideas
- Azure Resource Manager 507 ideas
- Azure Search 260 ideas
- Azure Security Center 245 ideas
- Azure Sentinel 98 ideas
- Azure Service Health 33 ideas
- Azure SignalR Service 14 ideas
- Azure Spatial Anchors 24 ideas
- Azure Sphere 73 ideas
- Azure Spring Cloud 0 ideas
- Azure Stack 186 ideas
- Azure Synapse Analytics 315 ideas
- Azure TCO Calculator 29 ideas
- Azure Time Series Insights 19 ideas
- Batch 33 ideas
- Batch AI 10 ideas
- Biztalk Services 14 ideas
- Blockchain 52 ideas
- Cache 31 ideas
- Change Tracking 11 ideas
- Cloud Services (Web and Worker Role) 273 ideas
- Cost Management 259 ideas
- Cross region move for Azure resources 11 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 2 ideas
- Data Catalog 162 ideas
- Data Factory 910 ideas
- Data Lake 351 ideas
- Data Science VM 23 ideas
- Diagnostics and Monitoring 194 ideas
- Event Hubs 35 ideas
- Global Infrastructure 44 ideas
- HDInsight 129 ideas
- Lab Services 310 ideas
- Logic Apps 1,638 ideas
- Machine Learning 167 ideas
- Mobile Engagement 19 ideas
- Networking 1,281 ideas
- Notification Hubs 35 ideas
- Project Bonsai 18 ideas
- Scheduler 42 ideas
- Scripting and Command Line Tools 101 ideas
- SDK and Tools 137 ideas
- Security and Compliance 91 ideas
- Service Bus 192 ideas
- Service Fabric 297 ideas
- Signup and Billing 1,670 ideas
- Site Recovery 275 ideas
- SQL Data Sync 65 ideas
- SQL Database 794 ideas
- SQL Managed Instance 137 ideas
- SQL Server 10,167 ideas
- SQL Server - Big Data Clusters 31 ideas
- Storage 944 ideas
- StorSimple 26 ideas
- Stream Analytics 253 ideas
- Support Feedback 268 ideas
- System Center Data Protection Manager 142 ideas
- Update Management 158 ideas
- Virtual Machines 1,611 ideas
- Web Apps 522 ideas
Microsoft Azure