API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

How can we improve Azure API Management?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Self-hosted API Management gateway

    To expand support for hybrid use cases and enable more efficient on-premises-to-on-premises call patterns for internal-only and internal/external APIs, we will provide an option for customers to self-host a containerized version of the API Management gateway component (fully equivalent to the gateway in the cloud, not a “micro-gateway”) on-premises or other environment e.g. other public clouds. Self-hosted gateway will require and will be managed from a cloud-based Azure API Management instance.

    724 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    started  ·  23 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add monetization ability of API

    It is a common practice for API service developers to link the resource counts or product plans to pricing. The preference is for either integration ability to 3rd party services (ex. Braintree) or direct implementation so API developers can collect payment for services.

    625 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  25 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  3. Integrate WebHooks

    managing webhooks under api management will get us more control around who is allowed to do what: http://blogs.msdn.com/b/webdev/archive/2015/09/04/introducing-microsoft-asp-net-webhooks-preview.aspx

    581 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →

    Hi all – we could really use more information on the use cases you would like us to deliver with this feature. To quote Darrel’s post below:

    Are you looking for some kind of UI in the portal to enable developers to subscribe to webhooks exposed by APIs?
    Or are you looking for the additional security provided API Management to limit what events a user can subscribe to?
    Do you want to correlate the API Management subscription ID with registered webhooks?
    Any information you can give about the scenarios you would like help with would be great.

    Many thanks

  4. Socket (full-duplex) support in addition to HTTP

    Having the ability to regulate and monitor HTTP services with API Management is great. Wouldn't it also make sense to offer the same for web sockets (or SignalR hubs, etc.) so we can let devs hookup into stream of events (live-data) instead of polling with REST calls?

    549 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    15 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  5. Support for Let's Encrypt

    Allow publishers to easily use Let's Encrypt with the API management. https://letsencrypt.org/

    361 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Integration with Azure KeyVault

    Currently, we store sensitive information in API Portal - Properties and use them as {{key}}

    Provide integration of Azure KeyVault so that sensitive information can be stored in Azure KeyVault and allow using it inside API methods or policies like {{vault:key}}

    By this feature, we will be able to centralize all the keys in the Azure KeyVault and use Properties only for non-sensitive information.

    356 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  8 comments  ·  Integration  ·  Flag idea as inappropriate…  ·  Admin →
  7. New API Management developer portal

    We are working on a new, open-source developer portal offering in Azure API Management, based on our own fork of the Paperbits framework (paperbits.io). It has a modern default look and feel, and is optimized for:

    - Customization, styling, and authoring through a built-in visual editor

    - Programmatic access through APIs for automating development, management, and deployment

    - Extension of the provided core functionality

    348 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    started  ·  37 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  8. API / Operation visibility

    Make possible to manage the visibility not only at product level but also at API level (and even maybe at operation level)

    296 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  12 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  9. VPN/ExpressRoute support in Standard Tier

    If you must charge more for VPN make it a paid for add-on for Standard tier.

    Using the standard tier is already tough to justify for our low volume business case. Unfortunately the backend servers are in a private network so we need the ExpressRoute functionality.

    API Management was justified based on it also being the authentication gateway and firewall between the Internet and our internal APIs. The business case doesn't work if we still need to manage Internet facing reverse proxy servers or pay for Premium.

    270 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  13 comments  ·  Pricing  ·  Flag idea as inappropriate…  ·  Admin →
  10. GraphQL introspective support within API Management

    Like swagger documents which describe REST endpoints, we would like to surface graphql queries and mutable schemas and types through the Developer portal.

    245 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  3 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  11. Schema validation in APIM

    When an actual request comes, we need to validate the schema of the request and while sending back the respose, the schema should be validated. Similar to validate feature of API connect (IBM).

    http://www.ibm.com/support/knowledgecenter/SSFS6T/com.ibm.apic.toolkit.doc/rapim_ref_ootb_policyschemaval.html

    201 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  7 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  12. OData Import

    Support import of API definitions and metadata from OData $metadata.

    186 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  13. Use Azure Key Vault-managed client certificates in Azure API Management

    A while ago we enabled the use of Azure Key Vault-managed SSL certificates for custom domain names in API Management. We are working to expand this feature to certificates used for mutual certificate authentication between the gateway and a backend.

    184 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  2 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  14. Support VNET for Basic Tier of APIM

    Our APIs are deployed to Service Fabric cluster in a VNET. If we want to expose our APIs through APIM, we have to use the Premium Tier of APIM since that's the only tier where VNET support is included.

    Premium Tier of APIM has bunch of other features like AD authentication, Multi-region support, 4000 reqs/sec etc., which we don't need and don't care.

    Why are all those features clubbed together and provided as an all or nothing solution?

    Basic Tier fits our use case perfectly, if only we can deploy it in a VNET.

    Service Fabric integration with APIM is…

    164 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  13 comments  ·  Pricing  ·  Flag idea as inappropriate…  ·  Admin →
  15. On-board commands to Azure CLI 2.0

    See:
    https://github.com/Azure/azure-cli/issues/3614

    There is customer demand for this service to be support in Azure CLI 2.0 in order to develop cross-platform automation solutions.

    158 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. More flexible subscriptions in Azure API Management

    Present model for providing access to APIs is based on product subscriptions owned by a user. Each subscription includes a few properties and a pair of API keys. We are working on expanding this model to allow subscriptions and keys to be owned by a group of users or not be associated with any users at all. This will allow customers the flexibility of creating an ad-hoc set of key or having keys shared by a team of users without worrying about their ownership when members leave or are added to the team.

    153 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    started  ·  12 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  17. Restrict Portal Access by IP Address

    In some cases, Management Portal and Developer Portal should not be published into the Internet so that anonymous abusive users cannot attack the Portal, such as DDoS.
    If we can set a rule with IP address filtering like a firewall service, it would be very helpful to protect our API Management service.

    132 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  5 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Circuit Breaker policy

    It would be nice to have a policy that implements the Circuit Breaker pattern (https://msdn.microsoft.com/en-us/library/dn589784.aspx)

    130 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  19. API keys to be owned by AAD group as opposed to user

    Instead of have a subscription be tied to a user, have it be tied to a (AAD) group. This is useful when a team is sharing the keys.

    122 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Purge cache from external system

    To control caching time of API-returned items aggressively and issue a command to purge cache when from external system that is aware when items are refreshed. Refresh cycle is not periodic, and can vary.

    114 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 20 21
  • Don't see your idea?

API Management

Feedback and Knowledge Base