API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

How can we improve Azure API Management?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

When an admin closes an idea you've voted on, you'll get your votes back from that idea.
You can remove your votes from an open idea you support.
To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".

Enter your idea

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

Schema validation in APIM

When an actual request comes, we need to validate the schema of the request and while sending back the respose, the schema should be validated. Similar to validate feature of API connect (IBM).

http://www.ibm.com/support/knowledgecenter/SSFS6T/com.ibm.apic.toolkit.doc/rapim_ref_ootb_policyschemaval.html

267 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

under review · 7 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →
http2

Enable http2 for the API Management

48 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

planned · 0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →
Expose API Management Events

Expose events from API Management.

Example would be, a user registers. Currently we get an email. It would be nice if it was an event we could subscribe to (WebHook or API Call or Service Bus message.. etc) so that we could use the user registration as the start of a workflow.
Another example would be if a user requests a Product, having an event we could leverage things like PowerApp/Flow/Logic App to start an approval process or setup their development environment.

Simple Event list that would have the most value:
-User Created
-User Requested Subscription
-Issue Created

30 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

planned · 6 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →
apim should allow more than 260 characters for URL path segments

API definitions which have an ID as one path segment can have path segments which are larger than 260 characters (which is a windows limitation). Unfortunately this limitation is also part of the apim service and can be inceased by the product team on request. Why not setting it to a larger value as default or let me set an option like (windows compatible path length) when creating the instance?

This problem is very critical if you face it because the apim service itself will block the request and you cannot handle/modify/forward the request to something else which can handle such requests. (only solution is to have another resource infront of your apim...)

An example of an invalid API: https://<yourapim>.azure-api.net/<yourapi>/635f3756574947646a666f3a415041393162457967646b716b78445f64707358526c4c6c7a313835655371527746644c467931587053614273583763584377644e6367356c62694a78466f6176565f7944764c2d63413164484e4b5a36413455714d52454b6e4e51384f4c687a687a6c654c553537374a467566534b6e636b46534d3

API definitions which have an ID as one path segment can have path segments which are larger than 260 characters (which is a windows limitation). Unfortunately this limitation is also part of the apim service and can be inceased by the product team on request. Why not setting it to a larger value as default or let me set an option like (windows compatible path length) when creating the instance?

This problem is very critical if you face it because the apim service itself will block the request and you cannot handle/modify/forward the request to something else which can handle…

22 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

1 comment · Service management · Flag idea as inappropriate… · Delete… · Admin →
Expose IntegrationModuleBitsVersion and IntegrationModuleVersion via ARM API

I have noticed over time that when MS rolls out out an update to a tenant that properties in configuration.json may change: specifically IntegrationModuleBitsVersion and maybe IntegrationModuleVersion

This is not exposed through the ARM API capabilities. Make the properties readable from ARM or even the legacy API or some other way that may be automated. I would like to check the values periodically and get a heads up to do wider regression testing when I detect a change there.

18 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

under review · 0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →
Add support for IPV6

Due to new Apple requirements (all apps must works over IPV6) we need to reach our Azure API Management through this protocol. Actually the AAAA is not present for any endpoint.

12 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

2 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →

planned · AdminAzure API Management Team (none of your business, Microsoft Azure) responded

API Management will support IPv6 with the rest of Azure. I believe that Apple simply requires apps to work on IPv6 only networks. IPv4 support is not going away any time soon. Please check with Apple to be sure, of course.
REST APIs through APIM backed by internal oData services

We would like to provide REST APIs through APIM backed by internal oData services. The REST APIs will provide a subset of what the oData services provide. We would like to do this with no or minimal coding and we don't believe that this is possible today. We are requesting subsetting an oData service and lightweight transformations.

10 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →
Allow CORS headers for Management API

In order to invoke Management REST API endpoint (like ***.management.azure-api.net/apis?api-version=vvv) from browser's JS code, CORS headers should be enabled there. Moreover, full Management REST API endpoint configuration (thru Azure portal) is very welcomed addition.

10 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →

need-feedback · AdminAzure API Management Team (none of your business, Microsoft Azure) responded

Thanks for the feedback. Can you provide more details on the scenario, e.g., why do you need to call the management API from js code in browser.

Also, you can put the management API behind the gateway and add a CORS policy.
A powershell script to enable application insights logs per API

When an API is imported, it is possible to do so via powershell and apply several settings to that API. However, I would like to see that the settings regarding logging to application insights could also be managed via a powershell cmd.

10 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

planned · 0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →
Option to disable or purge cache

Option to disable or purge cache (by single API or entire service)

9 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

1 comment · Service management · Flag idea as inappropriate… · Delete… · Admin →
Can we have anything built into APIM to ping backend or Alert when there are sporadic errors connecting to backend?

Can we have anything built into APIM to ping backend or Alert when there are sporadic errors connecting to backend?

This way i will either know when the backend is not reachable or when there are other issues connecting to the backend..

6 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

planned · 0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →
Add a "Subscription Required" checkbox during APIM API creation.

Currently when creating an APIM service in Azure and adding a new API, there is no option to remove the "Subscription Required" parameter until after the API's creation. After creation this can be managed under the API's settings, however it would be very beneficial to be able to access this during creation.

6 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →
Speed up backup and restore time

4 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →

triaged · AdminAzure API Management Team (none of your business, Microsoft Azure) responded

Thank you for the feedback! We added this suggestion to the backlog and will update the item when we prioritize it for implementation.
Extend billing API to consider fair use of reservations

My company uses a mix of reserved instances and pay-as-you go instances. I want a convenient way to evaluate how much it cost in a given month to operate a virtual machine. This convenient way should fairly distribute reserved instance usage among eligible machines.

Details:

With pay-as-you-go instances, you can pull monthly data that shows how much an instance cost to operate this month. The costs are a direct function of the delivered value. With reserved instances, you pay in advance and you may (or may not) use the reservation over the course of the years. Value stream (usage) and money stream (pre-payment) are decoupled from each other.

To evaluate how much it really costs to operate a given machine, I am interested in the value stream. This should be the sum of pay-as-you-go costs plus pro-rated reservation costs for a given machine.

The current APIs offer this functionality easy enough. However, there are a few issues:
* You have to use multiple data sources (usage details or reservation details for usage hours, reservation charges for initial charges) to derive the reservation value stream
* Reservation APIs hide data of expired reservations - no cost control in the past - very annoying
* The APIs have no concept of fair share.

To illustrate the last point, consider the situations where you have 1 reservation for an E16_v3 machine, but you use 2 E16_v3 machines. The pro-rated reservation cost is 350$ per month, while the pay-as-you-go cost is 650$ per month. Depending on the constellation of planets, the reservation will be consumed by both E16_v3 machines in undefined fractions. One machine could cost 350$ and the other 650$, or one could cost 575$ and the other 425$. Fair costs would be a stable 500$ for each machine month after month.

I want an API that gives me the fair share costs for each individual instance in a given month. These costs should be a mix of pay-as-you-go and pro-rated reservation charges. All machines that are eligible for a given reservation (i.e., matching region, virtual machine family, optionally subscription and specific virtual machine size) should benefit from the existing reservations in the same way. This also includes flexible instance sizing.

Currently, I do this by hand, and it is very painful to reimplement Azure's reservation usage rules.

My company uses a mix of reserved instances and pay-as-you go instances. I want a convenient way to evaluate how much it cost in a given month to operate a virtual machine. This convenient way should fairly distribute reserved instance usage among eligible machines.

Details:

With pay-as-you-go instances, you can pull monthly data that shows how much an instance cost to operate this month. The costs are a direct function of the delivered value. With reserved instances, you pay in advance and you may (or may not) use the reservation over the course of the years. Value stream (usage) and…

3 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →

triaged · Adminazurecxpuservoice (Product Manager, Microsoft Azure) responded

Valid feedback. Open for customer upvotes
Enable tracing in the Manager

The trace capability is really useful but has to be enabled currently in the client by setting an additional HTTP header.

If I have a production issue I can't amend code to do this and I may have many clients so would like to be able to turn this on in API Management with a simple checkbox or policy change at an API operation level

3 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

under review · 0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →
Ability to read certificate stored under secrets in APIM

Ability to read certificates stored under secrets in APIM is required. If Certificate is created using App Service Certificate, certificate is getting stored under secrets. APIM in ability to read certificate under secrets of Key vault is becoming bottleneck for us.

3 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →

need-feedback · AdminAzure API Management Team (none of your business, Microsoft Azure) responded

Thank you for the feedback. Are you referring to custom domain certificates stored in Azure Key Vault? If so, APIM can already use them.
Enable the use of SSH protocol for authentication to APIM Git repos

Current: Interacting with our APIM git repos requires the use of username/password credentials, with the password being generated on the "Access credentials" section of APIM on Portal. This password is valid for 30 days, max: https://docs.microsoft.com/en-us/azure/api-management/api-management-configuration-repository-git#to-clone-the-repository-to-your-local-machine

Desired: Allow users to upload public ssh keys to the APIM tenant, so that users, remote servers, and services can connect to the repo using the SSH protocol. Github currently allows this: https://help.github.com/en/articles/about-ssh

This is especially important for our CLI configuration. We have our APIM git repo loaded as a submodule for our project, as we have integration tests that compare our backend controllers against what we expose in APIM by examining the configuration files in our APIM git repos. Our CLI solution, Appveyor, recommends using SSH keys to allow it to update remote private submodules: https://www.appveyor.com/docs/how-to/private-git-sub-modules/

We have a secure work-around that uses username/password authorization instead, but this requires us to update our CLI configuration every 30 days, as that's the longest amount of time these passwords are valid.

Current: Interacting with our APIM git repos requires the use of username/password credentials, with the password being generated on the "Access credentials" section of APIM on Portal. This password is valid for 30 days, max: https://docs.microsoft.com/en-us/azure/api-management/api-management-configuration-repository-git#to-clone-the-repository-to-your-local-machine

Desired: Allow users to upload public ssh keys to the APIM tenant, so that users, remote servers, and services can connect to the repo using the SSH protocol. Github currently allows this: https://help.github.com/en/articles/about-ssh

This is especially important for our CLI configuration. We have our APIM git repo loaded as a submodule for our project, as we have integration tests that compare our backend controllers…

3 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

1 comment · Service management · Flag idea as inappropriate… · Edit… · Delete… · Admin →
API Management Consumption Static IP

Currently the use of API Management service means we don't have to implement security on our APP Service ourselves and leave it up to the management API.

But we then need to restrict APP SERVICE so that it isn't exposed. One way to do this is limit its access by IP restrictions currently available in Azure,

But the Consumption tier of API management doesn't have static IP addresses. so you would have to go up to the basic tier (£100 a month just for api management) to get a static IP.

This limits the use of API management service when on low usages instances.

Currently the use of API Management service means we don't have to implement security on our APP Service ourselves and leave it up to the management API.

But we then need to restrict APP SERVICE so that it isn't exposed. One way to do this is limit its access by IP restrictions currently available in Azure,

But the Consumption tier of API management doesn't have static IP addresses. so you would have to go up to the basic tier (£100 a month just for api management) to get a static IP.

This limits the use of API management service when…

2 votes

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →
Support additional filters on the GET /subscriptions endpoint

Currently, the GET /subscriptions endpoint in the Management API doesn't support OData filtering on the primary/secondary subscription key. This would make a nice enhancement.

For example:

https://myservice.management.azure-api.net/subscriptions?api-version=2014-02-14-preview&$filter=primaryKey eq '12345'

Current documentation for this endpoint:
https://docs.microsoft.com/en-us/rest/api/apimanagement/subscriptions#Subscriptions_ListByService

1 vote

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

1 comment · Service management · Flag idea as inappropriate… · Delete… · Admin →

under review · AdminAzure API Management Team (none of your business, Microsoft Azure) responded

Hi Ben, would you mind explaining the use case behind this request?
Add support for configuring SSL settings of APIM instance using Git repo or Powershell

We're trying to automate our deployment of APIM using the APIM git repositories. However, APIM currently doesn't support configuration for SSL settings of an APIM instance either using a git repository or Azure PowerShell cmdlets. We would like to have that support so that we can manage APIM completely through the git repository and powershell instead of having to change things in the Portal.

1 vote

Vote

Sign in
prestine

(thinking…)

Sign in with: Microsoft

Forgot password?

Create a password

I agree to the terms of service

Signed in as (Sign out)

Close

Close

You have left! (?) (thinking…)

0 comments · Service management · Flag idea as inappropriate… · Delete… · Admin →

unplanned · AdminAzure API Management Team (none of your business, Microsoft Azure) responded

Please see example #3 in https://docs.microsoft.com/en-us/powershell/module/azurerm.apimanagement/Set-AzureRmApiManagement?view=azurermps-6.5.0 that show how to deploy SSL certificate managed in Key Vault to API Management.

← Previous 1 2 Next →

Don't see your idea?

API Management

How can we improve Azure API Management?

There are two ways to get more votes:

Schema validation in APIM

http2

Expose API Management Events

apim should allow more than 260 characters for URL path segments

Expose IntegrationModuleBitsVersion and IntegrationModuleVersion via ARM API

Add support for IPV6

REST APIs through APIM backed by internal oData services

Allow CORS headers for Management API

A powershell script to enable application insights logs per API

Option to disable or purge cache

Can we have anything built into APIM to ping backend or Alert when there are sporadic errors connecting to backend?

Add a "Subscription Required" checkbox during APIM API creation.

Speed up backup and restore time

Extend billing API to consider fair use of reservations

Enable tracing in the Manager

Ability to read certificate stored under secrets in APIM

Enable the use of SSH protocol for authentication to APIM Git repos

API Management Consumption Static IP

Support additional filters on the GET /subscriptions endpoint

Add support for configuring SSL settings of APIM instance using Git repo or Powershell

Feedback

API Management

Feedback and Knowledge Base

Searching…

Give feedback

Microsoft Azure

Your password has been reset