API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Fix: Autogenerated "name" in new operation doesn't strip invalid characters

    add this as displayname:

    /path/routePath/{parameter}

    This gets auto-generated as name

    path-routepath-{parameter}

    But that auto-generated name is invalid because of the brackets. The auto-generation process already changes slashes to dashes, so why not also make it strip out invalid characters?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  2. Use valid xml to configure policies.

    In your examples one can find lines like this one:

    <set-variable name="isMobile" value="@(context.Request.Headers["User-Agent"].Contains("iPad") || context.Request.Headers["User-Agent"].Contains("iPhone"))" />

    If you try to validate this xml, you will find out that those double quotes inside of the value attribute are not allowed.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add a loop policy

    Add a policy that allows a loop, e.g. a for, while, do or foreach loop construct.

    Concrete case: for each item in an array in the input, the CountryCode needs to be translated to a Country by calling our CountryCode-to-Country api and while you can loop in a C# code block, you can't make HTTP-requests from a C# code block and while you can make those request using a Policy, you can't loop with a Policy, so you're stuck.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add support for evaluating jsonpath expressions against request bodies within a policy and conditionally invoking an external request

    I'd like the ability to use a jsonpath expression to query a json request body and send the results to an external endpoint for validation. This is intended to implement a form of request spoofing prevention

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  1 comment  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  5. azure apim developer portal timeout settings

    Unable to change request timeout settings in azure developer portal . Default timeout setting is 1 minute. Unable to use developer portal if api takes more than a minute to get response from backend service.

    Forward request time out settings works fine when call made from postman or other client call.

    The same api works fine in Postman as timeout settings are configurable.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  6. Provide a callback or REST API to check if changes made through management operations have been picked by Proxy

    Posting on behalf of customer:

    Per current API Management design/implementation, management operations are async and Proxy could take few sec to a minute to pickup the changes made through management APIs.
    The delay is indeterministic as there're multiple factors which could impact the time for Proxy to pickup the changes like Number of proxies involved, load on the proxy when control plane operations were made.

    As there's no deterministic way currently to confirm when Proxy has picked up the changes, we're not able to confirm if API is ready to take handle workload relying on changes.

    So, we request to…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Provide a configurable timeout for password reset link in API Management

    Currently, when resetting a users password in the Azure API Management portal, the email link expires after ~30 mins.

    Ideally, the timeout value should be configurable as we have processes that require a longer period. Customer in other countries are often not immediately available to follow the link.

    Provide a configurable timeout for password reset link in API Management.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  8. Automate selection of API's for Self-hosted Gateway

    We would like to automate the selection of API's for a given APIM Gateway, to avoid manual steps when adding a new API to the APIM that should be included in the Gateway.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  9. Use valid xml to configure policies.

    In your examples one can find lines like this one:

    <set-variable name="isMobile" value="@(context.Request.Headers["User-Agent"].Contains("iPad") || context.Request.Headers["User-Agent"].Contains("iPhone"))" />

    If you try to validate this xml, you will find out that those double quotes inside of the value attribute are not allowed.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  10. Subscription key

    Hey, how about making it simple and clear on how to get a subscription key for using an API. I finally gave up on using Azure due to this.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow import only changes for existing Azure Functions API

    Partners should be able to only import changes when importing APIs into a project that already has Azure Functions APIs.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  12. Provide linking Azure Function App with API Management capability through Azure CLI/Powershell scripts

    Hi,

    Over the portal, there is an option to link Function App with API Management. This seamlessly imports function app into APIM. However to achieve the same in Azure CLI, lot of work to be done using az apim api commands (create api, create operations etc.). Instead, provide an import capable commands which does the same we do over portal.

    Related discussion is captured here:
    https://docs.microsoft.com/en-us/answers/questions/226573/link-existing-function-app-with-apim-using-azure-c.html

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  13. Ability to store secrets in named values so they cannot be retrieved by contributors

    Currently Secrets can be stored in APIM named values, however a contributor can click on the secret in the portal and retrieve its contents, while this makes sense in some cases, where we are storing secrets like service principal keys the behaviour exhibited in the rest of Azure (i.e. you can copy the secret once at creation but after that point is is never available again).

    This is a particular issue for us, as we have different teams contributing to individual API's in APIM, as it stands any user who is an APIM contributor for any API can uncover the…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow to import OpenAPI document with remote references

    As per currently known API importing issues, $ref pointers from the OpenAPI specification can't reference external files. However, it could be a crucial feature to standardize APIs across an organization. As is we can certainly make it a local reference but it enforces duplication and becomes difficult to manage length OpenAPI documents. Hence please allow to import OpenAPI documents with remote references.

    Known import issue reference: https://docs.microsoft.com/en-us/azure/api-management/api-management-api-import-restrictions

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  15. List incremental of entities

    Hi, team
    For now, we pull our apim instances entities every day from API management service. But we can only get 1 day snap shot.
    Is it possible to get incremental values of these entities(user/operation/api/product/subscription ect.) from API management services? For example, we can get data filtered by update time?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  16. More detailed metrics for Azure API Management service.

    Currently the 'Capacity' metric for the Azure API Management service only supports an aggregation type of of 'Average'.

    WIth the ability to calculate the capacity to a percentage, it would be very beneficial to have an alternate metric or second aggregation type for 'Maximum' for the capacity metric to show at a glance what remaining availability is.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Support expandGroups=true on the single-product GET endpoint

    The GET /products operation (in both original and ARM management REST API) supports an optional query parameter named expandGroups=true that will return groups along with each product returned.

    It would be useful to have this same query parameter available for the GET /products/{pid} endpoint when getting a specific product.

    When delegation is enabled (for product subscriptions), the delegation endpoint may need to fetch details about the product, including the groups with visibility. Currently, to get the groups for the product within the delegation endpoint, we have to make 2 service calls to the Mangement REST API. Supporting expandGroups = true…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  0 comments  ·  Service management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add a sitemap to developer portal.

    Need a way to publish a sitemap. It would be great if it would auto create one and update but I will settle for a simple way of adding it.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. Subscriptions with an expiration timespan

    Allow subscriptions to have a lifetime, and specify an expiration date. We are looking into monetization of our API's and one of the issues we are facing is that we would like to revoke access to an API based on the billing model (e.g. 3 month license).

    To minimize the custom implementation for monetization, we would like to be able to specify an expiration date.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Lifecycle  ·  Flag idea as inappropriate…  ·  Admin →
  20. Provide linking Azure Function App with API Management through Azure CLI/Powershell scripts

    Hi,

    Over the portal, there is an option to link Function App with API Management. This seamlessly imports function app into APIM. However to achieve the same in Azure CLI, lot of work to be done using az apim api commands (create api, create operations etc.). Instead, provide an import capable commands which does the same we do over portal.

    Related discussion is captured here:
    https://docs.microsoft.com/en-us/answers/questions/226573/link-existing-function-app-with-apim-using-azure-c.html

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
1 2 27 28 29 31 Next →
  • Don't see your idea?

Feedback and Knowledge Base