How can we improve Azure API Management?

← API Management

We would like to have OWASP security features as part of API Management rather than using API gateway/WAF.

We would like to have OWASP security features as part of API Management rather than using API gateway/WAF.

96 votes

Vote

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

You have left! (?) (thinking…)

Jayesh Sonawane shared this idea · September 02, 2018 · Flag idea as inappropriate… · Admin →

triaged · September 27, 2019

4 comments

Add a comment…

Sign in

(thinking…)

Sign in with:

Microsoft

Forgot password?

Create a password

Signed in as (Sign out)

Submitting...

An error occurred while saving the comment

Chad commented · March 26, 2020 13:42 · Flag as inappropriate

More security rules? Country block - now in preview for app gateway: https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/geomatch-custom-rules

Submitting...
Hernan commented · January 22, 2020 05:50 · Flag as inappropriate

Having threat protection out of the box policies is basic expectations of an API Management, solution is there any plan in azure APIM for this?

Submitting...
Chad commented · July 11, 2019 11:04 · Flag as inappropriate

Consider adding built in policy definitions similar to apigee:

https://docs.apigee.com/api-platform/reference/policies/xml-threat-protection-policy
https://docs.apigee.com/api-platform/reference/policies/json-threat-protection-policy
https://docs.apigee.com/api-platform/reference/policies/regular-expression-protection

Submitting...
Chad commented · July 09, 2019 23:37 · Flag as inappropriate

This is especially critical for a native azure solution since you cannot put an App Gateway in front of APIM and still support Mutual Authentication with certificate checks.

Submitting...

API Management: Security

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 4,251 ideas
- ACE Tools 42 ideas
- Additional Services 334 ideas
- Analytics Platform System 13 ideas
- API Apps 7 ideas
- API Management 518 ideas
- Automation 475 ideas
- Azure Active Directory 4,264 ideas
- Azure Active Directory Application Requests 237 ideas
- Azure Advisor 21 ideas
- Azure Analysis Services 161 ideas
- Azure API for FHIR 8 ideas
- Azure App Configuration 26 ideas
- Azure Arc 12 ideas
- Azure Backup 413 ideas
- Azure Blockchain Service 7 ideas
- Azure Bot Service 69 ideas
- Azure Cloud Shell 349 ideas
- Azure Confidential Compute 1 idea
- Azure Container Instances 116 ideas
- Azure Container Registry 72 ideas
- Azure Cosmos DB 212 ideas
- Azure CycleCloud 2 ideas
- Azure Data Explorer 82 ideas
- Azure Data Share 5 ideas
- Azure Database for MariaDB 11 ideas
- Azure Database for MySQL 39 ideas
- Azure Database for PostgreSQL 98 ideas
- Azure Database Migration Service 59 ideas
- Azure Databricks 98 ideas
- Azure Dev Spaces 8 ideas
- Azure Digital Twins 29 ideas
- Azure Event Grid 61 ideas
- Azure FarmBeats 6 ideas
- Azure Functions 170 ideas
- Azure FXT Edge Filer 0 ideas
- Azure Governance 149 ideas
- Azure Government 91 ideas
- Azure HPC Cache 0 ideas
- Azure IoT 276 ideas
- Azure IoT Central 127 ideas
- Azure IoT Device Catalog 12 ideas
- Azure IoT Edge 63 ideas
- Azure IoT Security 0 ideas
- Azure IoT Solution Accelerators 39 ideas
- Azure Key Vault 149 ideas
- Azure Kinect DK 43 ideas
- Azure Kubernetes Service (AKS) 201 ideas
- Azure Lighthouse 18 ideas
- Azure Management Groups 24 ideas
- Azure Maps 45 ideas
- Azure Marketplace 404 ideas
- Azure Media Services 214 ideas
- Azure Migrate 43 ideas
- Azure mobile app 217 ideas
- Azure Monitor 143 ideas
- Azure Monitor- Alert Management 127 ideas
- Azure Monitor-Application Insights 640 ideas
- Azure Monitor-Log Analytics 937 ideas
- Azure NetApp Files (ANF) 11 ideas
- Azure Pack 320 ideas
- Azure portal 1,981 ideas
- Azure Red Hat OpenShift 12 ideas
- Azure Remote Rendering 0 ideas
- Azure Reservations 186 ideas
- Azure Resource Manager 499 ideas
- Azure Search 254 ideas
- Azure Security Center 229 ideas
- Azure Sentinel 91 ideas
- Azure Service Health 27 ideas
- Azure SignalR Service 14 ideas
- Azure Spatial Anchors 21 ideas
- Azure Sphere 69 ideas
- Azure Spring Cloud 0 ideas
- Azure Stack 177 ideas
- Azure Synapse Analytics 287 ideas
- Azure TCO Calculator 29 ideas
- Azure Time Series Insights 15 ideas
- Batch 32 ideas
- Batch AI 10 ideas
- Biztalk Services 23 ideas
- Blockchain 48 ideas
- Cache 40 ideas
- Change Tracking 10 ideas
- Cloud Services (Web and Worker Role) 289 ideas
- Cost Management 230 ideas
- Cross region move for Azure resources 11 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 2 ideas
- Data Catalog 149 ideas
- Data Factory 826 ideas
- Data Lake 346 ideas
- Data Science VM 21 ideas
- Diagnostics and Monitoring 198 ideas
- Event Hubs 32 ideas
- Global Infrastructure 45 ideas
- HDInsight 136 ideas
- Lab Services 287 ideas
- Logic Apps 1,540 ideas
- Machine Learning 142 ideas
- Mobile Engagement 19 ideas
- Networking 1,189 ideas
- Notification Hubs 38 ideas
- Scheduler 42 ideas
- Scripting and Command Line Tools 107 ideas
- SDK and Tools 146 ideas
- Security and Compliance 93 ideas
- Service Bus 202 ideas
- Service Fabric 295 ideas
- Signup and Billing 1,638 ideas
- Site Recovery 265 ideas
- SQL Data Sync 63 ideas
- SQL Database 746 ideas
- SQL Managed Instance 120 ideas
- SQL Server 10,530 ideas
- SQL Server - Big Data Clusters 11 ideas
- Storage 885 ideas
- StorSimple 25 ideas
- Stream Analytics 249 ideas
- Support Feedback 271 ideas
- System Center Data Protection Manager 118 ideas
- Update Management 138 ideas
- Virtual Machines 1,558 ideas
- Web Apps 490 ideas
Microsoft Azure