Skip to main content
Feedback

Adding Policy Rules to Deployed APIs

Use one of two available options to add a policy to any deployed API.

Adding Policy rules from the Deployed APIs tab

  1. From the Manage API page, select Deployed APIs.

  2. Select the appropriate branch located in the top right corner of the page.

  3. Once the branch is selected, select the desired deployed API from the API Title column. ../Images/img-api-deployed_apis.png

  4. Select Custom Policies tab. Existing Custom Policies display for the API in the following timing order. If necessary, drag and drop policy rules to reorder them. The order of execution is from top to bottom of the policies listed in the tables.

    • Policies executed before request : Within this section are policies executed before standard policies and policies executed after standard policies.

      note

      If the request policy fails, none of the response policies will be applied.

    • Policies executed after response : Within this section are policies executed before standard policies and policies executed after standard policies. ../Images/img-api-custom_policies.png

  5. To attach a new policy rule, choose Select Policy Rule to Attach.

    Add the following:

    • URI Path : The path is relative to the API base path, where "/" indicates base path. As an example, if you have policies in path “/”, “/api”, and “/api/test”:

      • For the API call http://test.com/api/123, this will execute policies in path ”/” and then policies in “/api”.

      • For the API call http://test.com/api/test, this will execute policies in path ”/” , “/api”, and “/api/test”.

        note

        If any policy fails, the subsequent policy or policy path is not executed. The policy chain execution ends when any policy fails.

    • Execution Timing: Specify the timing to apply the policy rule. Standard policies are policies for authentication, authorization, and rate limiting. The options are:

      • After Response And Before Standard Policies
      • After Response And After Standard Policies
      • Before Request And Before Standard Policies
      • Before Request And After Standard Policies
        ../Images/img-api-attach_custom_policy.png

  6. Select Attach. The rule will be attached (not saved) to the policy at the selected path and the timing is set as the last policy to execute.

  7. To change the order that the policies are executed, you can rearrange the table rows by dragging them.

  8. Select Save.

Adding Policy rules from the Policy Rules tab

This approach offers an additional way to attach rules. Perform the following to add the policy.

  1. From the Manage API page, select the Policy Rules tab.

  2. Select the specific policy rule and choose Actions > Add to API.

  3. Perform the following in the Attach rule to deployed APIs dialog box:

    • Select a branch from the drop-down.

      The drop-down lists all available branches for your account. When you select a specific branch, the dialog displays only the APIs deployed from that branch.

      When you open the dialog for the first time, the drop-down defaults to the default branch from Integration, provided no other branch has been selected on any API Management (APIM) page.

      Once you select a branch on any APIM page—such as Manage APIs, Deployed APIs, or API Lifecycle—that same branch selection automatically appears across all APIM pages within your session. Branch propagation applies only within APIM pages and does not reference the branch selected in Integration.

    • Select the deployed API to which the policy has to be applied.

    • Add the URI Path: The path is relative to the API base path, where "/" indicates the base path. As an example, if you have policies in path “/”, “/api”, and “/api/test”:

      • For the API call http://test.com/api/123, this will execute policies in path ”/” and then policies in “/api”.

      • For the API call http://test.com/api/test, this will execute policies in path ”/” , “/api”, and “/api/test”.

        note

        If any policy fails, the subsequent policy or policy path is not executed. The policy chain execution ends when any policy fails.

    • Select the Execution Order: Specify the timing to apply the policy rule. Standard policies are policies for authentication, authorization, and rate limiting. The options are:

      • Before Request And Before Standard Policies
      • Before Request And After Standard Policies

  4. Select Save.

On this Page