API Management

Microsoft Azure API Management is a turnkey solution for publishing APIs to external and internal consumers. Quickly create consistent and modern API gateways for existing backend services hosted anywhere, secure and protect them from abuse and overuse, and gain insights into usage and health. Plus, automate and scale developer onboarding to help get your API program up and running in no time.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support in "produces" section the Accept-Header from OpenAPI specification

    The produces/consumes is MIME type.
    1. The “consumes” specify the format that the API can accept. So “consumes” only affects operations with a request body, such as POST, PUT and PATCH.
    And is sent via “Content-Type” header
    2. The “produces” specify the format that the API can return.
    And I sent via “Accept” header

    Using the “Accept” header the user can select needed API response MIME type (e.g. "text/plain", "application/octet-stream", "/").

    When sending a request with SwaggerUI, We can selecte "application/octet-stream" Response Content Type.
    The request was sent by Swagger UI with the “Accept” header value filled "application/octet-stream".

    51 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  2. Support for multiple APIM Custom domains without paying extra $700 for Premium Tier

    Right now if we wanted multiple custom domains on APIM we need to upgrade to Premium because Developer, Basic, Standard doesn't support this. This becomes very pricey for a simple feature.

    50 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  3. Visual Studio Integration for Policy Editing and Testing

    The policy editor in the publisher portal is terrible. A VS plugin that would allow intelisense, code completion, syntax checking and policy debugging would be extremely helpful

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  4. Email notifications per API or Product

    Today, email notifications for a new registration or sub request are send to one or more email addresses. However, the configured email recipients get a notification for all APIs and all Products.

    We're having different back office people handling the workflow requests of different API Products, so it would be much easier that they would only get notifications for their API products.

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  5. Update the Developer Portal design and styling, it is outdated

    Update the design with more neutral styling as common on many developer portals out there, or simply make it more inline with the new Azure Portal. The center page layout does not fit with anything anymore.

    47 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Policy based on tags

    Allow applying tags to operations / apis / products and then applying policies to tags.

    The publisher would then be able to create a group of operations and apply a policy to all of them instead of having to group them in different products or apply the same policy to multiple operations. Tag policies should apply either before or after the product / api / operation level.

    Example use case would be an API that has several operations that some can be cached and some that cannot. The tag could be applied to the operations that could be cached and…

    46 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  7. SOAP import WSDL with external XSD

    All our SOAP services files use external XSD files that are imported into the WSDL. To import these in API Management, we need to merge the files into one big WSDL.

    It would be nice if we could import the WSDL and the imported XSD files without the need to create a "merged" WSDL

    46 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  4 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  8. Disable the Developer portal

    Could you please provide a feature to disable the Developer portal (a feature to hide the login page) for users who do not use the developer portal.
    -The feature to disable the Developer portal
    -The feature to restrict access to Developer portal by IP address
    etc.

    45 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  API management experience  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support for user-assigned managed identity

    At the moment it is not possible to deploy an APIM all-in-one with Keyvault references due to how the current MSI integration works. This would be resolved if APIM supported user-assigned managed identities as this would allow Keyvault permissions to be set up prior to APIM being deployed.

    45 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Multiple URL Template for a operation

    Having multiple URL Templates for a operation will make it easy to configure the optional parameters.

    45 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  11. Extend support for .net x509 in policies

    When working with certificates, it would be really useful to extend the .net api surface so to include X509Chain and related classes (so to control the validation policy) and also the System.Security.Cryptography.X509Certificates.X509NameType object so to extract easily a CN from a certificate (for example).

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  1 comment  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  12. Client certificate authentication in developer console

    If the front-end takes mutual certs, the console cannot provide a way for developers to test API.

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  13. Windows Authentication for Backends

    Windows Authentication for Backends

    It would be great to be able to impersonate Windows Credentials using API Mgmt for backend authentication?

    We use this code similar to this in other cases currently:
    client.ClientCredentials.Windows.ClientCredential = new NetworkCredential(xx.Identity, xx.Password, xx.Domain);

    relating to the doco:
    https://msdn.microsoft.com/en-us/library/system.servicemodel.security.windowsclientcredential.clientcredential%28v=vs.110%29.aspx?f=255&MSPPError=-2147217396

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. different endpoint for an operation based on product

    Would be nice to have the option to define a different endpoint to different products. This will allow to define a 'test' and 'live' products that works with different environments. While at the same time the developers keys, examples, etc are all in one place.

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  1 comment  ·  Defining APIs  ·  Flag idea as inappropriate…  ·  Admin →
  15. Support for multi-tenant user login delegation

    In a multi-tenant scenario, there is no option to delegate user login to multiple urls, the delegation section allows only one url.

    It would be great if it would allow one delegation endpoint per custom developer portal domain.

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  16. Ability to Secure New Developer Portal Pages

    In the new developer portal there is no way to secure pages from being viewed. If i want to add supplementary api documentation pages in the portal I cannot specify to only allow that page to show when the user is logged in. The only real security in the portal is that apis and products won't show based on whether the user is logged in.

    The only capability present is to hide them in the navigation menu. So if I add a page at /apis/project/order. I can place it in the menu and say whether it will show up there,…

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  17. Support expressions in calls attribute of rate-limit[-by-key] and quota[-by-key] policy of APIM

    If the quota value can be an expression and dynamic, then it will much easier to implement dynamic quota in a single product. I want to set a per-subscription quota without create separate products for each of the subscription. Sometimes, we have requirement to increase quota for just a single subscription which force us to create a new product just for that particular user. Another case is that we want to provide capability to allow users to customize the quota value for ip/client-id throttling.

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    need-feedback  ·  6 comments  ·  Policies  ·  Flag idea as inappropriate…  ·  Admin →
  18. How do I Publish developer portal changes from one apim instance to other?

    As per the new developer portal feature, you can make changes to APIM layout and publish to APIM repository, the same repository you can clone to your local machine using git clone but we don't have a feature where in we want to publish our developer portal changes to one API management instance to other API management instance.

    e.g.:
    I have 2 instance : dev-01-apim, tst-01-apim
    I am making changes to dev-01 instance of developer portal ..after all my changes now I want to move those changes to my test instance of pain.

    how do I do that ?.

    41 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Developer portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ability to assign public static IP address to public endpoint

    When the API consumer is adding firewall rules, the changes to public IP address causes maintenance churn. There are some instances where the API management is used under test and qa controlled by devops and the endpoint address changes every time the resource is recreated. Requesting the ability for API management to be treated like any other resource in the devops process.

    41 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Integration  ·  Flag idea as inappropriate…  ·  Admin →
  20. Support webhooks for notifications

    All API Management notifications are currently done via email.
    It would be great to add webhooks as a potential destination so we can automate certain process with services like Logic Apps.

    41 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    triaged  ·  1 comment  ·  Integration  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base