API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

How can we improve Azure API Management?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Customize redirection from signin/signup page to Home page instead of profile

    Currently when a user signs up from the Developer Portal and then signs in, the user is taken to the Profile page. It would be more presentable and better user experience if there is an option to redirect the user to the Home page upon log in than to the Profile page.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow custom identity provider portal account creation/login

    This is the same issue as as this 'completed' one: https://feedback.azure.com/forums/248703-api-management/suggestions/5947766-custom-identity-provider-for-the-developer-portal. That is only completed if you can use Azure B2C. We want to use a different identity provider (OAuth 2.0 based) to enable SSO between multiple web applications. We are currently using delegation, but that requires some integration that could go away if we could use a custom identity provider. Since there is already support for other OAuth based providers, it seems like this would be a 'easy win' for the platform.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  3. Automation of subscription request

    After an account is created and verified, the user has to go back to the developer page, click on products and then subscribe for the product.

    We hope that the subscription request can be automated, that when an account is generated, a subscription request is automatically generated for the account.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  4. Get user subscription keys programmatically

    It would be nice if as a developer I would be able to get my subscriptions keys (primary key and secondary key) programmatically. By programmatically I mean, for example, authenticate to a REST endpoint with my username and password developer portal, and then with another REST endpoint get only my keys. (similar to the management rest API but, without the ability to view or modify other users' information nor perform administrator tasks)

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  5. Group, filter, and sort Products

    I propose to support Product grouping, filtering and sorting like APIs. One way that this can be implemented is by populating the tags of the products and make them available in the portal models (Views).
    Currently the available tags property is empty regardless of the attached to the products tags.
    The assignment of tags to products should also be supported in the relative Product edit interface of the azure portal.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    need-feedback  ·  0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add AD Rules to Users and Groups Management

    When new users authenticate in the Developer portal they are automatically added to the system group - Developers. But for product visibility purposes, we have additional user defined groups: Internal and External (I'm sure there are other use cases, that's just ours). We move those users who authenticate by AD into the Internal group and those who don't into External. This is a manual process. If we could add an 'AD like' rule to the Developers group memberships on add that automatically (based on authentication method and(or) other criteria) add the new users to a custom group then we wouldn't…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  7. Change authenticaion cookie domain for username/password authentication

    When working with delegated authentication and the developer portal of the API manager, you will often be working with multiple websites. E.g. developers.example.com for the developer portal and site.example.com for the rest of your site. The issue is that we cannot reliably log a user out from the site.example.com side, because we cannot remove the '.AspNet.AuthenticationCookie' from that site. If that was a cookie at the domain '.example.com' the site.example.com application could manage it to make sure a user is signed out both sites.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  8. Support OpenID Connect Hybrid Flow

    Currently only Implicit and Authorization Code flows are supported by the OpenID Connect provider in Azure APIM. The Implicit flow is being deprecated as vulnerable and a lot of applications are using Hybrid Flow (code id_token).

    Can you please add support for this flow?

    http://docs.identityserver.io/en/latest/topics/grant_types.html#hybrid

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  9. Recover deleted blog posts and blogs from Git or by using Management API

    Recover deleted blog posts and blogs from Git or by using Management API

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  10. Improvide rendering of API specification

    Todays presentation of an API is limited to the operations, sample request/response and schema. It be very useful if (for OpenAPI specifications) the Developer Portal could render the API with the Model datatypes, restrictions etc similar to what swagger-ui/ReDoc does.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  11. Improve C# code sample template for PATCH operations

    Currently, the C# code sample template doesn't have a case for PATCH operations (other Http methods are listed). Would be good to fix this gap in the interest of completeness.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  12. Render placeholders for request headers in sample code templates

    The code samples in the developer portal (curl, c#, java, etc.) do not render a placeholder value for request header parameters, aside from a few special ones like subscription key, authorization, content-type, etc. I can fix this in the Liquid template, but this might be a good improvement for APIM out of the box.

    For example, if I have the following required header parameter defined in my OpenApi definition for a PATCH request:
    {
    "name": "If-Match",
    "in": "header",
    "description": " ETag of the entity",
    "required": true,
    "type": "string"
    }

    The Curl code sample renders this header without any {placeholder} value…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  13. allow developer/management portal access from region close to developer.

    For a premium tier multi region setup, allow developer/management portal access from region close to developer. Or allow to make other unit as primary so that developers can still access portals in case they have issues accessing primary unit which hosts all portals

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow for R Code Samples

    It would be beneficial for researchers and developers to include a Code Sample for APIs in R.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    unplanned  ·  0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  15. Developer Portal is behind competitors and is a real pain to customize...

    The people deserve a better developer portal management experience.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  16. Authorize latest DNS domains to create accounts on the developer portal

    Customer with "original" email addresses ( for example .garden, .paris, .fish... ) cannot create an account on the developer portal using the "Username and password" identity provider.

    They have an "Invalid email" error even though the email address exists.

    Would it be possible to authorize all the existing domains listed here for example : https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains

    Thanks

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  17. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  18. Authentication failure signing in the Developer Portal using Azure AD

    After correctly configuring Azure AD integration (as specified here https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-aad) we experienced authentication failures when Azure Active Directory sign-in was selected.

    The problem happened to be with custom domain hostname for the Portal. Unless all lowercase letters are used in custom domain hostname, Azure AD sign-in doesn't work and shows message: "Authentication Failed".

    The simple solution would be to force all lower case when configuring custom domains either by converting user entered host names to lowercase or preventing users from entering caps.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. stop forced display of Request Headers

    Hello.
    When adding the "CONTENT TYPE" of Request Body's Representations in the publisher portal, Request Headers is forcibly displayed as "Content-Type (optional)" on the developer portal, so it is in a state that it can not be deleted or edited.
    I want you to stop forced display of Request Headers or make it editable.
    Thank you.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  20. Open Id Connect - add required scopes in Developer Portal

    Currently it is not possible to add required scopes (or any additional URL or body parameters) to authorize requests.
    I think it is possible for OAuth0 integration.
    It might be worthwhile to add such possibility.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

API Management

Feedback and Knowledge Base