API Collections - Onboard Azure Api Management Api

Onboard an Azure API Management API to Microsoft Defender for APIs. The system will start monitoring the operations within the Azure Management API for intrusive behaviors and provide alerts for attacks that have been detected.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections/{apiId}?api-version=2023-11-15

URI Parameters

Name In Required Type Description
apiId
path True

string

API revision identifier. Must be unique in the API Management service instance. Non-current revision has ;rev=n as a suffix where n is the revision number.

Regex pattern: ^[^*#&+:<>?]+$

resourceGroupName
path True

string

The name of the resource group. The name is case insensitive.

serviceName
path True

string

The name of the API Management service.

Regex pattern: ^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$

subscriptionId
path True

string

uuid

The ID of the target subscription. The value must be an UUID.

api-version
query True

string

The API version to use for this operation.

Responses

Name Type Description
200 OK

ApiCollection

This indicates a successful response for the create or update operation. The response contains the properties of the API collection.

201 Created

ApiCollection

This indicates a successful response for the create or update operation. The response contains the properties of the API collection.

Headers

Location: string

Other Status Codes

ErrorResponse

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Onboard an Azure API Management API to Microsoft Defender for APIs

Sample request

PUT https://management.azure.com/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api?api-version=2023-11-15

Sample response

{
  "id": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api",
  "name": "echo-api",
  "type": "Microsoft.Security/apiCollections",
  "properties": {
    "provisioningState": "Succeeded",
    "displayName": "Echo API",
    "discoveredVia": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1",
    "baseUrl": "https://apimservice1.azure-api.net/echo",
    "numberOfApiEndpoints": 6,
    "numberOfInactiveApiEndpoints": 3,
    "numberOfUnauthenticatedApiEndpoints": 1,
    "numberOfExternalApiEndpoints": 3,
    "numberOfApiEndpointsWithSensitiveDataExposed": 1,
    "sensitivityLabel": "Highly Confidential"
  }
}
Location: https://management.azure.com/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api?api-version=2023-11-15&$asyncScope=eyJydSI6NTM4MjczMzI4NDQ3MjA1NzY2fQ==
{
  "id": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api",
  "name": "echo-api",
  "type": "Microsoft.Security/apiCollections",
  "properties": {
    "provisioningState": "InProgress"
  }
}

Definitions

Name Description
ApiCollection

An API collection as represented by Microsoft Defender for APIs.

ErrorAdditionalInfo

The resource management error additional info.

ErrorDetail

The error detail.

ErrorResponse

Error response

ProvisioningState

Gets the provisioning state of the API collection.

ApiCollection

An API collection as represented by Microsoft Defender for APIs.

Name Type Description
id

string

Resource Id

name

string

Resource name

properties.baseUrl

string

The base URI for this API collection. All endpoints of this API collection extend this base URI.

properties.discoveredVia

string

The resource Id of the resource from where this API collection was discovered.

properties.displayName

string

The display name of the API collection.

properties.numberOfApiEndpoints

integer

The number of API endpoints discovered in this API collection.

properties.numberOfApiEndpointsWithSensitiveDataExposed

integer

The number of API endpoints in this API collection which are exposing sensitive data in their requests and/or responses.

properties.numberOfExternalApiEndpoints

integer

The number of API endpoints in this API collection for which API traffic from the internet was observed.

properties.numberOfInactiveApiEndpoints

integer

The number of API endpoints in this API collection that have not received any API traffic in the last 30 days.

properties.numberOfUnauthenticatedApiEndpoints

integer

The number of API endpoints in this API collection that are unauthenticated.

properties.provisioningState

ProvisioningState

Gets the provisioning state of the API collection.

properties.sensitivityLabel

string

The highest priority sensitivity label from Microsoft Purview in this API collection.

type

string

Resource type

ErrorAdditionalInfo

The resource management error additional info.

Name Type Description
info

object

The additional info.

type

string

The additional info type.

ErrorDetail

The error detail.

Name Type Description
additionalInfo

ErrorAdditionalInfo[]

The error additional info.

code

string

The error code.

details

ErrorDetail[]

The error details.

message

string

The error message.

target

string

The error target.

ErrorResponse

Error response

Name Type Description
error

ErrorDetail

The error object.

ProvisioningState

Gets the provisioning state of the API collection.

Name Type Description
Canceled

string

Failed

string

InProgress

string

Succeeded

string