Blog Post

Azure Integration Services Blog
2 MIN READ

Announcing open public preview of inbound private endpoint for Standard v2 tier of API Management

Sreekanth_Thirthala's avatar
Sreekanth_Thirthala
Icon for Microsoft rankMicrosoft
Apr 09, 2025

Today, we are excited to announce the open public preview of inbound private endpoint for Azure API management Standard v2 tier.

Standard v2 was announced in general availability on April 1st, 2024. Customers can now configure an inbound private endpoint (preview) for your API Management Standard v2 instance to allow clients in your private network to securely access the API Management gateway over Azure Private Link.

The private endpoint uses an IP address from an Azure virtual network in which it's hosted. Network traffic between a client on your private network and API Management traverses over the virtual network and a Private Link on the Microsoft backbone network, eliminating exposure from the public internet. Further, you can configure custom DNS settings or an Azure DNS private zone to map the API Management hostname to the endpoint's private IP address.

Inbound private endpoint

With a private endpoint and Private Link, you can:

  • Create multiple Private Link connections to an API Management instance.
  • Use the private endpoint to send inbound traffic on a secure connection.
  • Use policy to distinguish traffic that comes from the private endpoint.
  • Limit incoming traffic only to private endpoints, preventing data exfiltration.
  • Combine with outbound virtual network integration to provide end-to-end network isolation of your API Management clients and backend services.

Azure Front Door to Standard v2 private endpoint

You can also configure an Azure Front Door Premium to connect privately to your Azure API Management origin (API management classic v1 tiers and Standard v2) using Azure Private Link. Please follow the documentation link below to set this up.

Preview limitations

  • Only the API Management instance's Gateway endpoint supports inbound Private Link connections.
  • Each API Management instance supports at most 100 Private Link connections.
  • Connections aren't supported on the self-hosted gateway or on a workspace gateway.
  • In the classic API Management tiers, private endpoints aren't supported in instances injected in an internal or external virtual network.

Learn more

Published Apr 09, 2025
Version 1.0
api
api management
azure
enterprise integration
integration