Azure API Management

Inside scoop from the API Management team

Azure API Management Release notes – May 11, 2018

On May 11, 2018, we started a regular service update. We upgrade service instances in batches, and it takes about a week for the update to reach every active service instance.

New functionality

  • API revision numbers are now included in the Azure Monitor diagnostics logs.
  • We added the following capabilities to the Azure portal UI:
    • Configure transport layer security setting on both sides of the gateway on the SSL page in the Properties section.
    • Turn MSI on and off on the Managed service identity page in the Properties section.
    • Specify rejection reason when declining subscription request on the Products page in the API Management section.
    • Designate sign in AAD tenant on the Identities page in the Security section.
    • View Git repository status in the Essentials panel.
    • View most recent Git repository status message on the Repository page in the Security section.
    • Manage issues on the Issues page in the API Management section.

Changes and fixes

  • We fixed a bug affecting service instances configured with wildcard custom domain (e.g. *.constoso.com) that caused Azure portal Test console to ignore user-provided subdomain value.
  • WSDL and WADL exports now include version number in base path.
  • Liquid templates now correctly render empty JSON arrays.
  • Git save is now substantially better at handling large number of changes.
  • Grouped by tag view now shows descriptions for versioned APIs.
  • AsJwt() extension method now properly parses tokens in the form of “Bearer token-value”.
  • We made Developer portal sign-in process more robust by explicitly providing a return URL in the redirect_uri query parameter when redirecting users to Azure AD.
  • We now enforce policy size limits when global, product, API, or operation policies are provided via URL.
  • Operations and schemas are now remain intact on API updates.
  • We added more rigor to operation path template uniqueness validation – see details below.

Path template validation changes

For gateway to properly match incoming requests to API operations, path templates of operations must be unique within an API. In this release we improved deduplication logic that is applied when operations are created or updated by adding the following normalization steps prior to checking for uniqueness:

  • If path template contains query string all segments after ‘?’ delimited with ‘&’ character are sorted in alphabetical, case-insensitive order (without any special handling for ‘=’ character).
  • All template parameter names are replaced with zero-based positional indexes. Leading ‘*’ is preserved for wildcard parameters.

Examples:

/foo/{bar} => /foo/{0}
/{foo}/{bar}/{*buzz} => /{0}/{1}/{*2}
/foo/{bar}?b={bar}&a={buzz}&{quix} => /foo/{0}?a={1}&b={2}&{3}