Today, we are excited to announce the general availability of inbound private endpoint for Azure API management Standard v2 tier.
Standard v2 was announced in general availability on April 1st, 2024.
Customers can now configure an inbound private endpoint for their API Management Standard v2 instance to allow clients in your private network to securely access the API Management gateway over Azure Private Link.
The private endpoint uses an IP address from an Azure virtual network in which it's hosted. Network traffic between a client on your private network and API Management traverses over the virtual network and a Private Link on the Microsoft backbone network, eliminating exposure from the public internet. Further, you can configure custom DNS settings or an Azure DNS private zone to map the API Management hostname to the endpoint's private IP address.
Inbound private endpoint
With a private endpoint and Private Link, you can:
- Create multiple Private Link connections to an API Management instance.
- Use the private endpoint to send inbound traffic on a secure connection.
- Use policy to distinguish traffic that comes from the private endpoint.
- Limit incoming traffic only to private endpoints, preventing data exfiltration.
- Combine with outbound virtual network integration to provide end-to-end network isolation of your API Management clients and backend services.
Today, only the API Management instance’s Gateway endpoint supports inbound private link connections. In addition, each API management instance can support at most 100 private link connections.
Typical scenarios
You can use an inbound private endpoint to enable private-only access directly to the API Management gateway to limit exposure of sensitive data or backends.
Some of the common supported scenarios include:
- Pass client requests through a firewall and configure rules to route requests privately to the API Management gateway.
- Configure Azure Front Door (or Azure Front Door with Azure Application Gateway) to receive external traffic and then route traffic privately to the API Management gateway. For example, see Connect Azure Front Door Premium to an Azure API Management with Private Link.
Learn more
Published May 19, 2025
Version 1.0Sreekanth_Thirthala
Microsoft
Joined June 11, 2018
Azure Integration Services Blog
Follow this blog board to get notified when there's new activity