services / Azure / API Management AI gateway tool servers

An API Management workspace tool server is a control-plane configuration object defining a backend tool integration (endpoints, headers, OAuth2/OpenAPI spec settings) that the AI gateway can invoke on behalf of agents.

Supporting AI-integration configuration scoped to a single gateway/workspace; sensitivity is MEDIUM at the control plane, but the resource backs the CRITICAL-tier listSecrets action that returns endpoint credentials.


Microsoft.​ApiManagement/​service/​workspaces/​toolServers/​listSecrets/​action

Returns the secret subtrees (endpoint header values, oauth2.clientSecret, and spec contentBase64) for each endpoint, exporting usable credential material that an attacker can reuse to authenticate to the connected tool/IdP backends and pivot to those identities.

Risks

Scope: CRITICAL

This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.

Links

  • https:​/​/​azure.​permissions.​cloud/​iam/​Microsoft.​ApiManagement
  • https:​/​/​learn.​microsoft.​com/​en-​us/​azure/​role-​based-​access-​control/​resource-​provider-​operations
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog