diff --git a/azurerm/internal/services/apimanagement/api_management_resource.go b/azurerm/internal/services/apimanagement/api_management_resource.go
index 22d66c0509030..bf0da97885bb2 100644
--- a/azurerm/internal/services/apimanagement/api_management_resource.go
+++ b/azurerm/internal/services/apimanagement/api_management_resource.go
@@ -88,10 +88,9 @@ func resourceArmApiManagementService() *schema.Resource {
 						"type": {
 							Type:     schema.TypeString,
 							Optional: true,
-							// None will not be returned, which will cause refresh diff
-							//Default:  string(apimanagement.None),
+							Default:  string(apimanagement.None),
 							ValidateFunc: validation.StringInSlice([]string{
-								//string(apimanagement.None),
+								string(apimanagement.None),
 								string(apimanagement.SystemAssigned),
 								string(apimanagement.UserAssigned),
 								string(apimanagement.SystemAssignedUserAssigned),
@@ -655,7 +654,7 @@ func resourceArmApiManagementServiceRead(d *schema.ResourceData, meta interface{
 		d.Set("location", azure.NormalizeLocation(*location))
 	}
 
-	identity := flattenAzureRmApiManagementMachineIdentity(resp.Identity)
+	identity := flattenAzureRmApiManagementMachineIdentity(resp.Identity, d)
 	if err := d.Set("identity", identity); err != nil {
 		return fmt.Errorf("setting `identity`: %+v", err)
 	}
@@ -885,10 +884,6 @@ func flattenApiManagementHostnameConfigurations(input *[]apimanagement.HostnameC
 		}
 	}
 
-	if len(managementResults) == 0 && len(portalResults) == 0 && len(developerPortalResults) == 0 && len(proxyResults) == 0 && len(scmResults) == 0 {
-		return []interface{}{}
-	}
-
 	return []interface{}{
 		map[string]interface{}{
 			"management":       managementResults,
@@ -1019,7 +1014,15 @@ func expandAzureRmApiManagementIdentity(d *schema.ResourceData) (*apimanagement.
 	return &managedServiceIdentity, nil
 }
 
-func flattenAzureRmApiManagementMachineIdentity(identity *apimanagement.ServiceIdentity) []interface{} {
+func flattenAzureRmApiManagementMachineIdentity(identity *apimanagement.ServiceIdentity, d *schema.ResourceData) []interface{} {
+	// service api will not return identity when type = `None`
+	if v, ok := d.GetOk("identity.0.type"); ok && v.(string) == string(apimanagement.None) && identity == nil {
+		return []interface{}{
+			map[string]interface{}{
+				"type": v.(string),
+			},
+		}
+	}
 	if identity == nil {
 		return make([]interface{}, 0)
 	}
diff --git a/azurerm/internal/services/apimanagement/tests/api_management_resource_test.go b/azurerm/internal/services/apimanagement/tests/api_management_resource_test.go
index 27fb5b6362dca..aab44e7727e85 100644
--- a/azurerm/internal/services/apimanagement/tests/api_management_resource_test.go
+++ b/azurerm/internal/services/apimanagement/tests/api_management_resource_test.go
@@ -325,6 +325,58 @@ func TestAccAzureRMApiManagement_identityUserAssigned(t *testing.T) {
 	})
 }
 
+func TestAccAzureRMApiManagement_identityNoneUpdateUserAssigned(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_api_management", "test")
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acceptance.PreCheck(t) },
+		Providers:    acceptance.SupportedProviders,
+		CheckDestroy: testCheckAzureRMApiManagementDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMApiManagement_identityNone(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep("identity.#", "identity.0.type", "identity.0.principal_id", "identity.0.tenant_id"),
+			{
+				Config: testAccAzureRMApiManagement_identityUserAssigned(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep(),
+		},
+	})
+}
+
+func TestAccAzureRMApiManagement_identityUserAssignedUpdateNone(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_api_management", "test")
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acceptance.PreCheck(t) },
+		Providers:    acceptance.SupportedProviders,
+		CheckDestroy: testCheckAzureRMApiManagementDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMApiManagement_identityUserAssigned(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep(),
+			{
+				Config: testAccAzureRMApiManagement_identityNone(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep("identity.#", "identity.0.type", "identity.0.principal_id", "identity.0.tenant_id"),
+		},
+	})
+}
+
 func TestAccAzureRMApiManagement_identitySystemAssigned(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_api_management", "test")
 
@@ -344,6 +396,58 @@ func TestAccAzureRMApiManagement_identitySystemAssigned(t *testing.T) {
 	})
 }
 
+func TestAccAzureRMApiManagement_identitySystemAssignedUpdateNone(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_api_management", "test")
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acceptance.PreCheck(t) },
+		Providers:    acceptance.SupportedProviders,
+		CheckDestroy: testCheckAzureRMApiManagementDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMApiManagement_identitySystemAssigned(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep(),
+			{
+				Config: testAccAzureRMApiManagement_identityNone(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep("identity.#", "identity.0.type", "identity.0.principal_id", "identity.0.tenant_id"),
+		},
+	})
+}
+
+func TestAccAzureRMApiManagement_identityNoneUpdateSystemAssigned(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_api_management", "test")
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acceptance.PreCheck(t) },
+		Providers:    acceptance.SupportedProviders,
+		CheckDestroy: testCheckAzureRMApiManagementDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMApiManagement_identityNone(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep("identity.#", "identity.0.type", "identity.0.principal_id", "identity.0.tenant_id"),
+			{
+				Config: testAccAzureRMApiManagement_identitySystemAssigned(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep(),
+		},
+	})
+}
+
 func TestAccAzureRMApiManagement_identitySystemAssignedUserAssigned(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_api_management", "test")
 
@@ -363,6 +467,58 @@ func TestAccAzureRMApiManagement_identitySystemAssignedUserAssigned(t *testing.T
 	})
 }
 
+func TestAccAzureRMApiManagement_identitySystemAssignedUserAssignedUpdateNone(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_api_management", "test")
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acceptance.PreCheck(t) },
+		Providers:    acceptance.SupportedProviders,
+		CheckDestroy: testCheckAzureRMApiManagementDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMApiManagement_identitySystemAssignedUserAssigned(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep(),
+			{
+				Config: testAccAzureRMApiManagement_identityNone(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep("identity.#", "identity.0.type", "identity.0.principal_id", "identity.0.tenant_id"),
+		},
+	})
+}
+
+func TestAccAzureRMApiManagement_identityNoneUpdateSystemAssignedUserAssigned(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_api_management", "test")
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acceptance.PreCheck(t) },
+		Providers:    acceptance.SupportedProviders,
+		CheckDestroy: testCheckAzureRMApiManagementDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMApiManagement_identityNone(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep("identity.#", "identity.0.type", "identity.0.principal_id", "identity.0.tenant_id"),
+			{
+				Config: testAccAzureRMApiManagement_identitySystemAssignedUserAssigned(data),
+				Check: resource.ComposeTestCheckFunc(
+					testCheckAzureRMApiManagementExists(data.ResourceName),
+				),
+			},
+			data.ImportStep(),
+		},
+	})
+}
+
 func TestAccAzureRMApiManagement_identitySystemAssignedUserAssignedUpdateSystemAssigned(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_api_management", "test")
 
@@ -844,6 +1000,33 @@ resource "azurerm_api_management" "test" {
 `, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomIntOfLength(12))
 }
 
+func testAccAzureRMApiManagement_identityNone(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "test" {
+  name     = "acctestRG-%d"
+  location = "%s"
+}
+
+resource "azurerm_api_management" "test" {
+  name                = "acctestAM-%d"
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+  publisher_name      = "pub1"
+  publisher_email     = "pub1@email.com"
+
+  sku_name = "Developer_1"
+
+  identity {
+    type = "None"
+  }
+}
+`, data.RandomInteger, data.Locations.Primary, data.RandomInteger)
+}
+
 func testAccAzureRMApiManagement_identitySystemAssignedUpdateHostnameConfigurationsVersionlessKeyVaultId(data acceptance.TestData) string {
 	return fmt.Sprintf(`
 provider "azurerm" {