Adding policies to API Operations
    • Dark
      Light
    • PDF

    Adding policies to API Operations

    • Dark
      Light
    • PDF

    Article Summary

    With APIs in API Management, you can full control over requests to its operations and responses returned to the API consumer. With policies, you can control the behaviour of your APIs – as these policies are a collection of statements that are executed sequentially on the request or response of an API.

    In the Azure Portal when adding or editing your operations, you can add policies before the request is en to the backend, and/or before the response is returned to the client (caller), and/or at the backend itself as shown below.

    image.png

    The policy definition itself is XML-bases. When opening the editor (the </>), you will see an XML definition without any policies statements. You will see that this definition will have an inbound, outbound, backend and on-error sections.

    image.png

    You can inside the Azure Portal edit and set policies as described in Microsoft Docs: How to set or edit Azure API Management policies. Furthermore, there is a policy reference and samples available for you when it comes creating policies. Hence, you do not have to create them from scratch!

    To conclude the significant benefit of policies is controlling the in- and outbound traffic to your APIs (backend services). Furthermore, you can apply policy scopes on the API level, Product and API Management Instance level, as shown below.

    image.png

    Again policy you can set on the different levels are available in the reference. Furthermore, you will find additional policy examples in the documentation page samples.

    APIM.png


    Was this article helpful?