services / Azure / API Management AI gateway tool servers
An API Management workspace tool server is a control-plane configuration object defining a backend tool integration (endpoints, headers, OAuth2/OpenAPI spec settings) that the AI gateway can invoke on behalf of agents.
Supporting AI-integration configuration scoped to a single gateway/workspace; sensitivity is MEDIUM at the control plane, but the resource backs the CRITICAL-tier listSecrets action that returns endpoint credentials.
Microsoft.ApiManagement/service/workspaces/toolServers/listSecrets/action
Returns the secret subtrees (endpoint header values, oauth2.clientSecret, and spec contentBase64) for each endpoint, exporting usable credential material that an attacker can reuse to authenticate to the connected tool/IdP backends and pivot to those identities.
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Links
Contributed by P0 Security