Does anyone know how to ignore request to paths which do not exist on APIM?
If i run a scanner against APIM it will return 404 for APIs which don't exist. I would like to ignore (not respond with 404) when scans attempt to consume paths which have not corresponding API/Path on APIM.
e.g.
/api/v1/with-backing-service == Return from backing service (200, 401, 404, etc...)
/api/v1/without-backing-service === Terminates (No response)
Don't think that is possible. The HTTP request (basically a TCP request) would reach the server either way and APIM will have to receive it to find out the URL path.
Returning a 404 is the right way to respond for invalid paths. Even if you were to place something like a reverse proxy before APIM, that service would have to read the request to know where it has to route it to and return something (a 404) if it doesn't recognize the path.
If the intention is to protect your APIM endpoint from the public internet, consider placing it inside a VNET if possible.
