A security flaw in Microsoft Azure API Management’s Developer Portal allows attackers to register accounts across tenants, bypassing admin controls that turn off user signups.
Even when administrators hide the signup form via the Azure Portal, the backend API endpoint stays active.
This issue affects instances with Basic Authentication enabled and remains exploitable as of early December 2025, with Microsoft labeling it “by design.”
How Attackers Exploit The Flaw
Attackers need two APIM instances: one with signup enabled for capturing a legitimate request, and a target with signup “disabled” but Basic Auth active.
Using tools like Burp Suite, they intercept the POST request to the /signup endpoint during signup on their instance.
They then modify the Host header to the target’s domain, such as changing “attacker-apim.developer.azure-api.net” to “target-apim.developer.azure-api.net”.
The request payload includes JSON containing the email, password, and CAPTCHA challenge data.
Without tenant validation, the endpoint processes the request based on the Host header alone, creating the account on the target.
Vulnerable setups show Developer Portal enabled (properties.developerPortalStatus: “Enabled”), non-Consumption SKU (Developer, Basic, Standard, Premium), and a “basic” identity provider resource present.
Disabling UI signup sets portalsettings/signup.properties.enabled to false, but the API still treats it as accurate.
Azure Resource Graph queries help spot risks: filter for microsoft.apimanagement/service with enabled portals and list identity providers ending in “/basic”.
Potential Impact and Fixes
Attackers gain access to API docs, products, and possibly subscription keys, exposing sensitive info. Internal portals face the highest risk from unauthorized registrations.
To fix, thoroughly remove the Basic Authentication provider under Developer Portal > Identities do not just turn off signup.
Switch to Azure AD only for tenant enforcement. Audit accounts using the Azure CLI: run az apim identity-provider list and check the logs.
Tools like the Python apim_vuln_checker.py or the Nuclei template azure-apim-signup-bypass.yaml verify exposure.
Disclosure began September 30, 2025; Microsoft closed the reports on October 30 and November 20 as non-issues.
Public reveal came on November 26 via GHSA-vcwf-73jp-r7mv (CVSS 6.5, CWE-284). Orgs must audit now, as no patch exists.
