API Manager API

1.0.x
(4 reviews)

Applying a policy

After creating an API Instance, you can apply policies to it. The following example shows how to apply the Client ID Enforcement policy to an API:

curl -X POST \
  https://anypoint.mulesoft.com/apimanager/api/v1/organizations/:organizationId/environments/:environmentId/apis/:environmentApiId/policies \
  -H 'authorization: Bearer OMITTED \
  -H 'content-type: application/json' \
  -d '{
   "configurationData": {
      "clusterizable": true,
      "exposeHeader": true,
         “rateLimits”: [{“timePeriodInMilliseconds”: 86400000, “maximumRequests”: 10}]
     },
   "pointcutData": null,
   “groupId”: "68ef9520-24e9-4cf2-b2f5-620025690913"
   “assetId”: "rate-limiting",
   “assetVersion”: "1.0.0",
   "order": 1
}'

This command works for API instances using mule4 or flexGateway as their runtime technology. The payload in the above example contains the following:

  • pointcutData: resource Level Policy configuration. For more information, see Resource Level Policy documentation.
  • configurationData: specifies a map containing the values applied to the policy.
  • The GAV (GroupID, AssetID, AssetVersion) of the Policy asset in Exchange, which indicates which policy is being applied to the API.
  • The order property is optional and specifies the precedence of the policy application with respect to the other policies applied to the API (order 1 has the highest precedence).

In order to apply a policy to API instances running in Mule Runtime/API Gateway versions earlier than 4.x, you need to reference the policyTemplateId, as in the following example:

curl -X POST \
  https://anypoint.mulesoft.com/apimanager/api/v1/organizations/:organizationId/environments/:environmentId/apis/:apiInstanceId/policies \
  -H 'authorization: Bearer OMITTED \
  -H 'content-type: application/json' \
  -d '{
   "configurationData":{
     "credentialsOrigin":"customExpression",
     "clientIdExpression":"#[message.inboundProperties['http.query.params']['client_id']]",
     "clientSecretExpression":"#[message.inboundProperties['http.query.params']['client_secret']]"
   },
   "pointcutData":null,
   "policyTemplateId":"client-id-enforcement"
}'

The payload in the above example contains the following:

  • policyTemplateId: each out of the box or custom policy created in the organization is available. A list of the available template ids can be retrieved by performing a GET request at https://anypoint.mulesoft.com/apimanager/api/v1/organizations/:organizationId/policy-templates.
  • pointcutData: resource Level Policy configuration. For more information, see Resource Level Policy documentation.
  • configurationData: specifies a map containing the values applied to the policy.

Reviews