Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

How can we improve Azure API Management?

← API Management

We would like to have OWASP security features as part of API Management rather than using API gateway/WAF.

We would like to have OWASP security features as part of API Management rather than using API gateway/WAF.

146 votes

Jayesh Sonawane shared this idea · September 02, 2018 · Flag idea as inappropriate… · Admin →

triaged · September 27, 2019

5 comments

An error occurred while saving the comment

Henriquez, Hernan commented · April 20, 2020 06:23 · Flag as inappropriate

Any update on this, pretty basic expectation and long waiting?

Submitting...
Chad commented · March 26, 2020 13:42 · Flag as inappropriate

More security rules? Country block - now in preview for app gateway: https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/geomatch-custom-rules

Submitting...
Henriquez, Hernan commented · January 22, 2020 05:50 · Flag as inappropriate

Having threat protection out of the box policies is basic expectations of an API Management, solution is there any plan in azure APIM for this?

Submitting...
Chad commented · July 11, 2019 11:04 · Flag as inappropriate

Consider adding built in policy definitions similar to apigee:

https://docs.apigee.com/api-platform/reference/policies/xml-threat-protection-policy
https://docs.apigee.com/api-platform/reference/policies/json-threat-protection-policy
https://docs.apigee.com/api-platform/reference/policies/regular-expression-protection

Submitting...
Chad commented · July 09, 2019 23:37 · Flag as inappropriate

This is especially critical for a native azure solution since you cannot put an App Gateway in front of APIM and still support Mutual Authentication with certificate checks.

Submitting...

API Management: Security

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 7,568 ideas
- Additional Services 331 ideas
- Analytics Platform System 20 ideas
- API Apps 0 ideas
- API Management 682 ideas
- Automation 544 ideas
- Azure Active Directory 5,696 ideas
- Azure Active Directory Application Requests 293 ideas
- Azure Advisor 38 ideas
- Azure Analysis Services 190 ideas
- Azure API for FHIR 15 ideas
- Azure App Configuration 50 ideas
- Azure Arc 27 ideas
- Azure Automanage 4 ideas
- Azure Backup 679 ideas
- Azure Blockchain Service 12 ideas
- Azure Bot Service 35 ideas
- Azure Certified Device 16 ideas
- Azure Cloud Shell 370 ideas
- Azure Cognitive Services 87 ideas
- Azure Communication Services 32 ideas
- Azure Confidential Compute 2 ideas
- Azure Container Instances 173 ideas
- Azure Container Registry 102 ideas
- Azure Cosmos DB 299 ideas
- Azure CycleCloud 6 ideas
- Azure Data Explorer 235 ideas
- Azure Data Share 13 ideas
- Azure Database for MariaDB 19 ideas
- Azure Database for MySQL 78 ideas
- Azure Database for PostgreSQL 167 ideas
- Azure Database Migration Service 82 ideas
- Azure Databricks 314 ideas
- Azure Dev Spaces 11 ideas
- Azure Digital Twins 22 ideas
- Azure Event Grid 71 ideas
- Azure FarmBeats 14 ideas
- Azure Functions 249 ideas
- Azure FXT Edge Filer 1 idea
- Azure Governance 209 ideas
- Azure HPC Cache 0 ideas
- Azure IoT (Hub, DPS, SDKs) 338 ideas
- Azure IoT Central 163 ideas
- Azure IoT Edge 99 ideas
- Azure IoT Security 0 ideas
- Azure IoT Solution Accelerators 45 ideas
- Azure Key Vault 178 ideas
- Azure Kinect DK 72 ideas
- Azure Kubernetes Service (AKS) 323 ideas
- Azure Lighthouse 32 ideas
- Azure Management Groups 25 ideas
- Azure Maps 78 ideas
- Azure Marketplace 465 ideas
- Azure Media Services 263 ideas
- Azure Migrate 85 ideas
- Azure mobile app 373 ideas
- Azure Monitor 274 ideas
- Azure Monitor- Alert Management 163 ideas
- Azure Monitor-Application Insights 832 ideas
- Azure Monitor-Log Analytics 1,022 ideas
- Azure NetApp Files (ANF) 36 ideas
- Azure Object Anchors 0 ideas
- Azure Pack 298 ideas
- Azure Portal 2,266 ideas
- Azure Purview 202 ideas
- Azure Quantum 0 ideas
- Azure Red Hat OpenShift 14 ideas
- Azure Remote Rendering 10 ideas
- Azure Reservations 192 ideas
- Azure Resource Manager 571 ideas
- Azure Search 308 ideas
- Azure Security Center 334 ideas
- Azure Sentinel 127 ideas
- Azure Service Health 47 ideas
- Azure SignalR Service 18 ideas
- Azure Spatial Anchors 31 ideas
- Azure Sphere 81 ideas
- Azure Spring Cloud 3 ideas
- Azure Stack HCI 8 ideas
- Azure Stack Hub 206 ideas
- Azure Synapse Analytics 530 ideas
- Azure TCO Calculator 30 ideas
- Azure Time Series Insights 35 ideas
- Azure Web PubSub service 3 ideas
- Batch 42 ideas
- Batch AI 10 ideas
- Biztalk Services 14 ideas
- Blockchain 57 ideas
- Cache 44 ideas
- Change Tracking 14 ideas
- Cloud Services (Web and Worker Role) 276 ideas
- Cost Management 372 ideas
- Cross region move for Azure resources 11 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 1 idea
- Data Catalog 181 ideas
- Data Factory 1,357 ideas
- Data Lake 356 ideas
- Data Science VM 24 ideas
- Diagnostics and Monitoring 205 ideas
- Event Hubs 47 ideas
- Global Infrastructure 44 ideas
- HDInsight 138 ideas
- Lab Services 392 ideas
- Logic Apps 1,969 ideas
- Machine Learning 249 ideas
- Mobile Engagement 19 ideas
- Networking 1,520 ideas
- Notification Hubs 37 ideas
- Project Bonsai 31 ideas
- Scheduler 43 ideas
- Scripting and Command Line Tools 104 ideas
- SDK and Tools 154 ideas
- Security and Compliance 110 ideas
- Service Bus 212 ideas
- Service Fabric 305 ideas
- Signup and Billing 1,822 ideas
- Site Recovery 304 ideas
- SQL Data Sync 69 ideas
- SQL Database 913 ideas
- SQL Managed Instance 160 ideas
- SQL Server 10,890 ideas
- SQL Server - Big Data Clusters 49 ideas
- Storage 1,062 ideas
- StorSimple 26 ideas
- Stream Analytics 277 ideas
- Support Feedback 279 ideas
- System Center Data Protection Manager 152 ideas
- Update Management 189 ideas
- Virtual Machines 1,733 ideas
- Web Apps 690 ideas
Microsoft Azure