Announcing the availability of TLS 1.3 in Azure API Management in Preview
TLS 1.3 is the latest version of the internet’s most deployed security protocol, which encrypts data to provide a secure communication channel between two endpoints. TLS 1.3 support in Azure API Management is planned to rollout during the first week of February 2024. The rollout will happen in stages, this means some regions will get it first as we roll out globally.Announcement: Azure Logic Apps' New Data Mapper for Visual Studio Code (Preview)
We are excited to announce the public preview of Data Mapper, Azure Logic Apps' new data mapping extension available now in Visual Studio Code. This release offers a modern and unified experience for XSLT mapping and transformation in a singular tool.
Expose your data from Azure Cosmos DB or Azure SQL through a GraphQL API with Azure API Management
Today, we’re announcing the public preview of two GraphQL resolver types for Synthetic GraphQL in Azure API Management: Azure Cosmos DB and Azure SQL resolvers. If you ever faced the challenge of exposing your database through GraphQL, you’re aware of the complexities involved. It typically involves writing numerous lines of code, dealing with resolvers, and figuring out the nuances of database access. But is there a simpler way? Enter Azure Cosmos DB and Azure SQL data types in Synthetic GraphQL for Azure API Management. Upload your GraphQL schema and expose desired data using familiar database concepts – a seamless and straightforward process. In this blog post, I will walk you through the process of adding a GraphQL resolver for a Cosmos DB backend and demonstrate how to test it. An example: The To-do List Demo Let’s look at the to-do list application as an example. Every to-do item has an id, title, and status. I already have some of the items in Azure Cosmos DB, which has the following structure, and want to enable a list of simple CRUD operations on it. { "id": "1", "title": "Test1", "completed": false } Create a GraphQL Schema and a Synthetic GraphQL API I can model this to-do item application by creating the following GraphQL schema: type TodoItem { id: ID! title: String! completed: Boolean! } input CreateTodoItemInput { id: ID! title: String! completed: Boolean! } input ReplaceTodoItemInput { id: ID! title: String! completed: Boolean! } type Query { todoItems: [TodoItem] todoItem(id: ID!): TodoItem } type Mutation { createTodoItem(input: CreateTodoItemInput!): TodoItem! replaceTodoItem(input: ReplaceTodoItemInput!): TodoItem! deleteTodoItem(id: ID!): Boolean } To create this GraphQL API within the Azure API Management service: Open the Azure portal in your browser Select your existing Azure API Management service (or create a new one) Select the APIs blade Select GraphQL to create a new GraphQL API Fill in the form: Choose a Display name (Todo-GraphQL) The name field will auto-fill with a suitable name Select Synthetic GraphQL Select the file that contains the GraphQL Schema Choose an API URL suffix (todogql) Select Create to create the API Create a resolver With the addition of Azure Cosmos DB and Azure SQL, you can now select what data source you want to use when you’re configuring your resolvers – HTTP API, Azure SQL or Azure Cosmos DB. Let’s create a Cosmos DB resolver for a 'todoItem' query: Select the Resolvers tab and then select + Create Set the name for a resolver, type, and field to target for this resolver Select a data source type you want to use – Azure Cosmos DB When you choose a specific data source, the resolver policy editor gets a pre-populated XML document that defines how to query a database and retrieve the data we need. For the todoItem query I need to get an element by ID, so I create the following policy: <cosmosdb-data-source> <connection-info> <connection-string>”replace-cosmos-db-connection-string”</connection-string> <database-name>tododemo</database-name> <container-name>todo</container-name> </connection-info> <read-request> <id>@(context.GraphQL.Arguments["id"].ToString())</id> <partition-key>@(context.GraphQL.Arguments["id"].ToString())</partition-key> </read-request> </cosmosdb-data-source> Note: For simplicity, I put a connection string directly into the policy. However, you should not store secrets as plain text. Instead, you should use Named Values connected to a secret in a Key Vault. This is a relatively simple resolver. I specified my connection information for an Azure Cosmos DB including connection string, database name and a container name. In the following <read-request> section I take an id argument from the GraphQL request context and use it to perform a query against the database. You can use read, write, and delete requests, which hide some of the complexity of interacting with the database, but you can also write your own queries with the <query-request /> policy section. Test the API Now when I uploaded the schema and created a resolver for a query, I can test it in a built-in GraphQL test console: Select the Test tab Modify the GraphQL query Select Send to send a request Having successfully obtained the necessary data from Azure Cosmos DB using a GraphQL API, we can now generate additional resolvers – one for each query and mutation following the same process that we used before. Check out the documentation for more information. Next steps Azure Cosmos DB and Azure SQL resolvers are in public preview, give it a try and let us know what you think in the comments below!Introducing gRPC API Support in Azure API Management Self-Hosted Gateway
We’re excited to announce the public preview of gRPC support in Azure API Management in the self-hosted gateway. This new feature allows customers to manage their gRPC services as APIs in Azure API Management. What is gRPC? gRPC is a modern, high-performance framework that enables seamless communication between services. Leveraging HTTP/2 for transport and Protocol Buffers (protobuf) as the interface description language, gRPC facilitates lightweight, efficient communication perfect for microservices architecture. What the Preview Includes Full gRPC support. Perform unary, client streaming, server streaming, and bidirectional streaming calls. First-Class Schema Support. Import and manage gRPC services using their protobuf definitions and have Azure API Management handle the rest. Security and Compliance. Implement standard Azure API Management policies to protect your gRPC services. Unified Management. Manage gRPC APIs alongside other API in a single Azure API Management service instance. Deployment Flexibility. Securely and efficiently manage APIs on-premises, Azure, and other clouds from an API Management service instance by deploying self-hosted gateway near your backend services. Getting Started Ensure you have an active Azure subscription. If not, sign up for a free account today. Navigate to the Azure portal and create a new API Management service instance or use an existing one. Deploy a self-hosted gateway to the environment of your choice. Import your gRPC service’s protobuf definition into Azure API Management. Configure policies, monitor performance, and secure your gRPC services just like you would with any other API. For more information on using gRPC with Azure API Management, check out our documentation. We also encourage you to share your feedback using the comments below.Author API Management policies using Microsoft Copilot for Azure
Microsoft Copilot for Azure, now in public preview, introduces policy authoring capabilities for Azure API Management, empowering API developers and administrators to leverage AI assistance to seamlessly author, maintain, and understand API Management policies. With Microsoft Copilot for Azure, you can ask questions directly from the API Management policy editing UI in the Azure portal. Whether it’s a question about writing a policy for authentication, rate-limiting, or custom transformations or even a request to describe a complex policy that’s already been written, Microsoft Copilot for Azure delivers prompt, contextually relevant responses. This new capability benefits new users, who can begin writing policies without studying documentation, and can boost the productivity of experienced users. Authoring policies After you’ve registered for the Copilot preview, you can access the Microsoft Copilot for Azure through a chat interface within the policy editing experience within Azure portal. Ask about the specific policy you intend to construct, no matter if you’re seeking recommendations or complete policy implementations. Microsoft Copilot for Azure generates a policy to remove ‘X-AspNet-Version’ header from the API response. Explaining policies Get insight into existing policies by requesting descriptions and explanations. This assistance proves invaluable in navigating the intricacies of pre-existing policies, particularly those created by former colleagues, as Microsoft Copilot for Azure untangles the complexity and provides clarity. Microsoft Copilot for Azure explains the section with a policy for validating JWT. Converting policies Many enterprises employ multiple API management offerings from different vendors. Microsoft Copilot for Azure can help such customers translate API management policies from one offering to another, simplifying managing and migrating APIs across diverse set of solutions. Microsoft Copilot for Azure converts Apigee policy into Azure API Management policy. How to get started? Click here to sign up for Microsoft Copilot for Azure preview and check out the documentation for authoring API Management policies with Microsoft Copilot. Your input is crucial for our ongoing improvement, and we invite you to share your feedback using the upvote/downvote buttons found in the Microsoft Copilot for Azure’s chat interface.
🚀 New in Azure API Management: MCP in v2 SKUs + external MCP-compliant server support
Your APIs are becoming tools. Your users are becoming agents. Your platform needs to adapt. Azure API Management is becoming the secure, scalable control plane for connecting agents, tools, and APIs — with governance built in. -------------------------------------------------------------------------------------------------------------------------------------------------------------------- Today, we’re announcing two major updates to bring the power of the Model Context Protocol (MCP) in Azure API Management to more environments and scenarios: MCP support in v2 SKUs — now in public preview Expose existing MCP-compliant servers through API Management These features make it easier than ever to connect APIs and agents with enterprise-grade control—without rewriting your backends. Why MCP? MCP is an open protocol that enables AI agents—like GitHub Copilot, ChatGPT, and Azure OpenAI—to discover and invoke APIs as tools. It turns traditional REST APIs into structured, secure tools that agents can call during execution — powering real-time, context-aware workflows. Why API Management for MCP? Azure API Management is the single, secure control plane for exposing and governing MCP capabilities — whether from your REST APIs, Azure-hosted services, or external MCP-compliant runtimes. With built-in support for: Security using OAuth 2.1, Microsoft Entra ID, API keys, IP filtering, and rate limiting. Outbound token injection via Credential Manager with policy-based routing. Monitoring and diagnostics using Azure Monitor, Logs, and Application Insights. Discovery and reuse with Azure API Center integration. Comprehensive policy engine for request/response transformation, caching, validation, header manipulation, throttling, and more. …you get end-to-end governance for both inbound and outbound agent interactions — with no new infrastructure or code rewrites. ✅ What’s New? 1. MCP support in v2 SKUs Previously available only in classic tiers (Basic, Standard, Premium), MCP support is now in public preview for v2 SKUs — Basic v2, Standard v2, and Premium v2 — with no pre-requisites or manual enablement required. You can now: Expose any REST API as an MCP server in v2 SKUs Protect it with Microsoft Entra ID, keys or tokens Register tools in Azure API Center 2. Expose existing MCP-compliant servers (pass-through scenario) Already using tools hosted in Logic Apps, Azure Functions, LangChain or custom runtimes? Now you can govern those external tool servers by exposing them through API Management. Use API Management to: Secure external MCP servers with OAuth, rate limits, and Credential Manager Monitor and log usage with Azure Monitor and Application Insights Unify discovery with internal tools via Azure API Center 🔗 You bring the tools. API Management brings the governance. 🧭 What’s Next We’re actively expanding MCP capabilities in API Management: Tool-level access policies for granular governance Support for MCP resources and prompts to expand beyond tools 📚 Get Started 📘 Expose APIs as MCP servers 🌐 Connect external MCP servers 🔐 Secure access to MCP servers 🔎 Discover tools in API Center Summary Azure API Management is your single control plane for agents, tools and APIs — whether you're building internal copilots or connecting external toolchains. This preview unlocks more flexibility, less friction, and a secure foundation for the next wave of agent-powered applications. No new infrastructure. Secure by default. Built for the future.
