Blog Post

Azure Integration Services Blog
2 MIN READ

Announcing the Public Preview of the Applications feature in Azure API management

Sreekanth_Thirthala's avatar
Sreekanth_Thirthala
Icon for Microsoft rankMicrosoft
May 21, 2025

We’re excited to announce the public preview of the Applications feature which enables OAuth-based access to your APIs and products.

API Management now supports built-in OAuth 2.0 application-based access to product APIs using the client credentials flow. This feature allows API managers to register Microsoft Entra ID applications, streamlining secure API access for developers through OAuth 2.0 authorization.

API publishers and developers can now more effectively manage client identity, access, and authorization flows.

With this feature:

  • API managers can identify which products require OAuth authorization by setting a product property to enable application-based access
  • API managers can create and manage client applications and assign them access to specific products. 
  • Developers can see their registered applications in API management developer portal and use OAuth tokens to securely call APIs and products
  • OAuth tokens presented in API requests are validated by the API Management gateway to authorize access to the product's APIs.

This feature simplifies identity and access management in API programs, enabling a more secure and scalable approach to API consumption.

Enable OAuth authorization 

API managers can now identify specific products which are protected by Microsoft Entra identity by enabling "Application based access". This ensures that only valid client applications which have a secure OAuth token from Microsoft Entra identity can access the APIs associated with this product. An application is created in Microsoft Entra corresponding to the product, with appropriate app role.

Register client applications and assign products

API managers can register client applications, identify specific developers as owners of these applications and assign products to these applications. This creates a new application in Microsoft Entra and assigns API permissions to access the product.

Securely access the API using client applications

Developers can login into API management developer portal and see the appropriate applications assigned to them. They can retrieve the application credentials and call Microsoft Entra to get an OAuth token, use this token to call APIM gateway and securely access the product/API.

 

Preview limitations

The public preview of the Applications is a limited-access feature. To participate in the preview and enable Applications in your APIM service instance, you must complete a request form. The Azure API Management team will review your request and respond via email within five business days. 

 

Learn more

Updated May 21, 2025
Version 2.0
api
api management
azure
enterprise integration
hybrid integration

2 Comments

Sort By
  • mistaPeeta's avatar
    mistaPeeta
    Copper Contributor
    Jun 03, 2025

    Hi, what I seem to be missing in this part is that applications, or api management consumers, are also external companies, and this is not allowing those consumers to work with oauth without building custom secret management outside of the api management developer portal. Are you considering any integratoin of secret management in the developer portal, so that:

    1. we don't have to manually provide client ids and secrets to our external partners
    2. the consumer has a portal to renew and rotate the secret by himself

     

  • KMDTerry's avatar
    KMDTerry
    Copper Contributor
    May 22, 2025

    Are there plans to add support for this in the APIM Connector in Logic Apps Standard?