API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. By adding documentation for REST Interface , Multi Client and self signed Certificate authentication

    Documentation for REST Interface is very confusing as;
    1) ARM specific operations and urls are mixed together with APIM service instance specific endpoints and operations.
    2) PUT operations are titled as "Create or Update" operation while PATCH operation are marked as "Update" operation. This is confusing and costed us an outage; "Update" operation should be named as "Partial update" or "PATCH" operation in title. example:
    https://docs.microsoft.com/en-us/rest/api/apimanagement/2019-12-01/apimanagementservice/createorupdate

    Usually,
    POST operation is create operation
    PUT is update
    PATCH is partial update

    3) also the documentation should explain all the possible values of property attribute like
    "virtualNetworkType": "None". //in documentation
    "virtualNetworkType": "External" //not…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  2. Fix the terminology

    Our team just spent a whole day looking for ways to update Named Values programatically. In the end we found the way to do it with management APIs. The reason it was so hard to find, because it's not called Named Values in the management API, it is called properties. Now this is confusing, because the GUI for APIM also has a section named properties that has nothing to do with named values.
    It would help a lot if your GUI and management API would use the same terminology.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ability to reset developer portal style.

    Add the ability to reset developer portal style to default style.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  4. Fix: Autogenerated "name" in new operation doesn't strip invalid characters

    add this as displayname:

    /path/routePath/{parameter}

    This gets auto-generated as name

    path-routepath-{parameter}

    But that auto-generated name is invalid because of the brackets. The auto-generation process already changes slashes to dashes, so why not also make it strip out invalid characters?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  5. Use valid xml to configure policies.

    In your examples one can find lines like this one:

    <set-variable name="isMobile" value="@(context.Request.Headers["User-Agent"].Contains("iPad") || context.Request.Headers["User-Agent"].Contains("iPhone"))" />

    If you try to validate this xml, you will find out that those double quotes inside of the value attribute are not allowed.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add support for evaluating jsonpath expressions against request bodies within a policy and conditionally invoking an external request

    I'd like the ability to use a jsonpath expression to query a json request body and send the results to an external endpoint for validation. This is intended to implement a form of request spoofing prevention

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  1 comment  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  7. Provide a callback or REST API to check if changes made through management operations have been picked by Proxy

    Posting on behalf of customer:

    Per current API Management design/implementation, management operations are async and Proxy could take few sec to a minute to pickup the changes made through management APIs.
    The delay is indeterministic as there're multiple factors which could impact the time for Proxy to pickup the changes like Number of proxies involved, load on the proxy when control plane operations were made.

    As there's no deterministic way currently to confirm when Proxy has picked up the changes, we're not able to confirm if API is ready to take handle workload relying on changes.

    So, we request to…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Provide a configurable timeout for password reset link in API Management

    Currently, when resetting a users password in the Azure API Management portal, the email link expires after ~30 mins.

    Ideally, the timeout value should be configurable as we have processes that require a longer period. Customer in other countries are often not immediately available to follow the link.

    Provide a configurable timeout for password reset link in API Management.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  9. Automate selection of API's for Self-hosted Gateway

    We would like to automate the selection of API's for a given APIM Gateway, to avoid manual steps when adding a new API to the APIM that should be included in the Gateway.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  10. Use valid xml to configure policies.

    In your examples one can find lines like this one:

    <set-variable name="isMobile" value="@(context.Request.Headers["User-Agent"].Contains("iPad") || context.Request.Headers["User-Agent"].Contains("iPhone"))" />

    If you try to validate this xml, you will find out that those double quotes inside of the value attribute are not allowed.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  11. Subscription key

    Hey, how about making it simple and clear on how to get a subscription key for using an API. I finally gave up on using Azure due to this.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow import only changes for existing Azure Functions API

    Partners should be able to only import changes when importing APIs into a project that already has Azure Functions APIs.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  13. Ability to store secrets in named values so they cannot be retrieved by contributors

    Currently Secrets can be stored in APIM named values, however a contributor can click on the secret in the portal and retrieve its contents, while this makes sense in some cases, where we are storing secrets like service principal keys the behaviour exhibited in the rest of Azure (i.e. you can copy the secret once at creation but after that point is is never available again).

    This is a particular issue for us, as we have different teams contributing to individual API's in APIM, as it stands any user who is an APIM contributor for any API can uncover the…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. *********** Test: Developer Portal (Legacy) AutoComplete Not Disabled (Ways to Disable/Enable)

    Ways to restrict AutoComplete on Password field of legacy developer portal?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  15. List incremental of entities

    Hi, team
    For now, we pull our apim instances entities every day from API management service. But we can only get 1 day snap shot.
    Is it possible to get incremental values of these entities(user/operation/api/product/subscription ect.) from API management services? For example, we can get data filtered by update time?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Stop APIM from falling out of Internal VNET when making minor changes

    Currently when applying new tags to an API Management Instance or updating a proxy hostname certificate when in Internal mode the APIM instance comes out of the internal VNET.
    Ideally any minor change to an APIM instance that is in Internal mode should stay in Internal mode after the configuration has been applied.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  17. More detailed metrics for Azure API Management service.

    Currently the 'Capacity' metric for the Azure API Management service only supports an aggregation type of of 'Average'.

    WIth the ability to calculate the capacity to a percentage, it would be very beneficial to have an alternate metric or second aggregation type for 'Maximum' for the capacity metric to show at a glance what remaining availability is.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Support expandGroups=true on the single-product GET endpoint

    The GET /products operation (in both original and ARM management REST API) supports an optional query parameter named expandGroups=true that will return groups along with each product returned.

    It would be useful to have this same query parameter available for the GET /products/{pid} endpoint when getting a specific product.

    When delegation is enabled (for product subscriptions), the delegation endpoint may need to fetch details about the product, including the groups with visibility. Currently, to get the groups for the product within the delegation endpoint, we have to make 2 service calls to the Mangement REST API. Supporting expandGroups = true…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add a sitemap to developer portal.

    Need a way to publish a sitemap. It would be great if it would auto create one and update but I will settle for a simple way of adding it.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  20. Subscriptions with an expiration timespan

    Allow subscriptions to have a lifetime, and specify an expiration date. We are looking into monetization of our API's and one of the issues we are facing is that we would like to revoke access to an API based on the billing model (e.g. 3 month license).

    To minimize the custom implementation for monetization, we would like to be able to specify an expiration date.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Lifecycle  ·  Flag idea as inappropriate…  ·  Admin →
1 2 24 25 26 28 Next →
  • Don't see your idea?

Feedback and Knowledge Base