API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow disabling/stopping of API Management during evaluation to preserve subscription credits

    I am evaluating API Management using Visual Studio Subscription credits. The credits are depleted even when I am not testing API Management and are likely to be exhausted before I have completed evaluation. This is both frustrating and prevents me from completing my evaluation. Other API Management providers such as apigee provide a superior evaluation experience.

    This issue has already been raised before and the answer is not satisfactory
    https://social.msdn.microsoft.com/Forums/en-US/f4522315-fd3b-4129-b758-e74b22d74145/how-can-i-quotdisablequot-but-not-delete-an-api-management-service?forum=azureapimgmt

    69 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Pricing  ·  Flag idea as inappropriate…  ·  Admin →
  2. Import mandatory query parameters as query rather than in the URL template

    When an API is imported into API-M using Swagger, mandatory query parameters are imported into the URL template rather than as query parameters.

    The effect of this is when a parameter is missing API-M returns a 404. The correct behaviour should be to return a 400 Bad Request with a validation error, or pass the request to the back-end API to return an appropriate error.

    I suggest adding an option to import mandatory query parameters from Swagger as query parameters.

    65 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  3. 64 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  4 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  4. Multiple Environment per Instance

    If you want your users to see the documentation in production, but "Try It" in your staging environment we'd have to deploy a separate APIM instance and manage content in both.

    Below is a brain dump of how I imagine this feature could be used in various aspects of the APIM solution.

    apiminstance.azure-api.net < this would be the primary
    environment.apiminstance.azure-api.net < this would be the environment specific or a custom domain per environment

    There would be no environment.apiminstance.portal.azure-api.net site

    Also if we could set the default environment to use for the Try It button that'd be fantastic.

    Each environment should…

    61 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  4 comments  ·  Lifecycle  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add support for key vault stored SSL certificates in API Management service

    Add ability to use SSL certificates bought through Azure and stored in key vault with API Management instance.

    57 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. API Management more control with mail sending

    Currently there are very few options to set, when it comes to mailing about API Management events (new subscriptions, new developers, etc.).
    It would be great, if following could be included for e-mail configuration (some of these things help avoid e-mail being recognized as spam by some spam filters, as in our case):
    - optionally removing "on behalf of" when sending e-mail
    - including text/plain representation in sent e-mails (besides default text/html)
    - using SendGrid as a e-mail sender (as in other Azure services)
    - using custom reply address (instead of "on behalf of")

    Any maybe some other things that…

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  7. http2

    Enable http2 for the API Management

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Ability to manage Subscription Keys for a Group of users

    Allow the assignment of a subscription key that applies to a group of users. The idea is to create one shared subscription key that is tied to the group so as members of the group swap in/out they can use that key.

    Think of a large company of developers, rather than creating a shared login the group of developers could be put into the group and then have access to that applications subscription keys.

    The idea is really to treat the key as an entity that isn't a person but needs to be managed by several people, like give this…

    55 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  9. Manual order/grouping of operations

    It'd be great to be able to manually order and/or group operations within an API for easier usage.

    55 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  Miao Jiang responded

    Thanks for the feedback. Can you please provide a little more details on how you want this to work? Do you want this feature on developer portal or admin portal or both? Thanks!

  10. Deploy APIM in Azure Emulator to allow for local testing of configurations

    Add APIM to the Azure emulator to allow testing of routing and policies.

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  11. Do not deploy echo-api when deploying via the SDK or ARM template.

    If I create a new Microsoft.ApiManagement/service resource and I do not have any Microsoft.ApiManagement/service/apis defined I would not expect a "example api" to be included.

    The SDK and ARM templates are for people to automate their deployments, adding a API to show someone how to use the APIM service on ALL new deployments does not make sense in a scripted environment.

    If when creating a new APIM from the web portal causes it to add a extra api to show the usage of APIM, that is fine, I world totally understand that behavior. But adding un-asked for apis during a…

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  12. Support for HTTP/2 for APIM connecting to backend services

    HTTP/2 is supported for APIM client side facing communications, it will be great to support HTTP/2 also for backend side facing communications so that the entire request chain can be HTTP/2 enabled.

    51 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  13. Developer Portal displays IIS Yellow Page

    https://****.portal.azure-api.net/

    A security team observes that the developer portal application reveals the server information in terms of IIS error page (Yellow Page).

    System should have ability to configure "Default IIS error page".

    Try accesing any developer portal URL by expanding "/C:/test" to actual URL.

    51 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Support in "produces" section the Accept-Header from OpenAPI specification

    The produces/consumes is MIME type.
    1. The “consumes” specify the format that the API can accept. So “consumes” only affects operations with a request body, such as POST, PUT and PATCH.
    And is sent via “Content-Type” header
    2. The “produces” specify the format that the API can return.
    And I sent via “Accept” header

    Using the “Accept” header the user can select needed API response MIME type (e.g. "text/plain", "application/octet-stream", "/").

    When sending a request with SwaggerUI, We can selecte "application/octet-stream" Response Content Type.
    The request was sent by Swagger UI with the “Accept” header value filled "application/octet-stream".

    51 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  15. Programmatically Import Azure Function into APIM

    I've created an Azure DevOps release pipeline to update APIM API by importing a swagger file via PowerShell. The swagger file was exported from APIM Dev instance, and the release pipeline imports it into QA APIM instance. However, backend is wrong, and there are missing keys that prevent QA APIM API from calling QA Az Function API.

    It all works if I manually import the QA Az Func API into QA APIM API via APIM UI... and keys are automagically generated for Az Func & APIM.

    So I need a way to setup DevOps release pipeline to deploy a QA…

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Integration  ·  Flag idea as inappropriate…  ·  Admin →
  16. AAD integration for all Teirs

    Just because we want a good API interface does not mean we are doing the next Facebook. APIM at Standard level would be, by far, the most expensive component of my entire end to end IoT data platform and includes far more bandwidth than I will likely require. But now you expect me to pay over 4 times as much just to integrate AD for a handful of users?

    I will either keep to Developer tier or if that is not sufficient the internal developers can use personal Microsoft accounts. On the bright side, it does eliminate a tie in…

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  5 comments  ·  Pricing  ·  Flag idea as inappropriate…  ·  Admin →
  17. Use DDoS Protection Standard with VNET integrated API Management gateway

    We would like to use DDoS Protection Standard for our VNET integrated API Management Service. A possible solution could be to have self-signed public ip's for the public endpoint.

    P.S. We cannot put a Application Gateway v2 in front of API gateway because of the requirement of Client Certificate Authentication.

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Visual Studio Integration for Policy Editing and Testing

    The policy editor in the publisher portal is terrible. A VS plugin that would allow intelisense, code completion, syntax checking and policy debugging would be extremely helpful

    47 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  19. Update the Developer Portal design and styling, it is outdated

    Update the design with more neutral styling as common on many developer portals out there, or simply make it more inline with the new Azure Portal. The center page layout does not fit with anything anymore.

    47 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Multiple URL Template for a operation

    Having multiple URL Templates for a operation will make it easy to configure the optional parameters.

    45 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base