I have a different opinion on the best solution to the problem above. Instead of having to change APIM policies to point explicitly to localhost; azure application gateway can be used as suggested https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-troubleshoot-backend-traffic#cause-4-accessing-the-internal-load-balancer-frontend-from-the-participating-load-balancer-backend-pool-vm, which solves that problem and have other important benefits.
Regardless whether APIM is in internal or external mode, we found it important to map APIM custom domains to azure application gateway first (which supports both internal and external frontend IPs). This has the benefits of WAF (Web application firewall) when needed and will also deal with situations where you want to open up certain APIs externally, while keeping others private.