The range of policies that enable the APIs to loosely couple it with security, rate limit, retry, etc. are good. We can easily tie authentication mechanisms to external and other internal services without having to modify the backend.
Cost - the upfront cost is a bit restrictive. I've been told it is because there are a few underlying VMs that are running this service. So if you're just starting out with API management, it can be an expensive proposition. Value increases as you add additional APIs. If you're using Azure B2C for the developer portal, you'll require Standard or Premium since they support AAD integration.
Security granularity - at time of writing, APIM doesn't support breaking out operations to products. For example, if you have an API that has a GET and a POST operation, and you want the POST operation to require a different subscription. There is a work around, but it makes management a bit messy.
Developer and Publisher portal - it's a little weird. Microsoft hasn't migrated all the publisher portal functionality into the "native" Azure portal. So some of it feels a little weird - especially when working with the content management side of things for the developer portal.
Scaling - while it's easy to scale up, the cost of APIM ramps up very quickly. Standard -> Premium is a 4x jump.
It’s really pay as you go, so it's not that costly to get in and try it out. There’s no expensive client to buy and manage, but you do need to stay on top of the rapidly changing Azure environment to be sure you upgrade or adjust when needed.
It’s not great having more than one API tool, but it’s ok to spread out your work, as you always want the right tool for the right job. For example, if you are a Salesforce-heavy organization, I’d go with Mule over Azure.
It was easy getting an external consultant access to the tool to build their own API for a project they were working on for us.
