API Manager API

You can apply outbound policies to an API's upstream endpoints. These policies will act on the outgoing traffic to the specified upstream.

The following example shows how to apply the basic credential injection policy to an API upstream:

curl -X POST \
  https://anypoint.mulesoft.com/apimanager/xapi/v1/organizations/:organizationId/environments/:environmentId/apis/:environmentApiId/policies/outbound-policies \
  -H 'authorization: Bearer OMITTED \
  -H 'content-type: application/json' \
  -d '{
   "configurationData":{
     "username": "",
     "password": "",
     "overwrite": "boolean",
     "customHeader": "customExpression"
   },
   “groupId”: "68ef9520-24e9-4cf2-b2f5-620025690913",
   "assetId": "credential-injection-basic-auth",
   "assetVersion": "1.0.0",
   "order": 1,
   "upstreamIds": ["desired-upstream-id"]
}'

The policy will apply to every specified upstream within the upstreamIds array, adding the configured credential headers to the requests bound to the upstream endpoint.

For outbound policies, the order property is relative to the other policies applied in the same upstream. It does not impact policies applied to different upstreams.