Introduction To Azure API Management Policy
In this article will cover about Azure API Management policies and some brief introduction and some example around that.
There are multiple things in API-M and policy is also like inbound policy (CORS, rate-limiting, filtering) and outbound is like to update response or something around that. Also policy apply to multiple level like API-M level base policy, API level and API operation level.
There are total 3 Level of policy.
1. API-M Level policy
This policy applied to all API that part of API-M management and also called base policy. Later will see how it get include in API level and operation level.
2. API Level Policy
This policy applied to API level and all of its operations. Also at this level it is possible to inherit the base policy that applied to API-M or say global policy at API-M level.
In following image at Inbound policy section, it display "base" so it will inherit the API-M level policy and for that there is configuration for CORS.
Also it is completely possible to add new policy and that specific to this API only.
It is also possible to remove base policy so only new set of policy or explicit policy apply to specific API.
3. Operation Level Policy
This policy applied to specific operation level. At this level same as API level , possible to inherit the base policy or apply explicit policy. Here if base specify then it inherits from API level policy.
For other operation different policy along with base policy.
Also it is possible to remove base policy.
Conclusion
Overall it is simple and Azure API Management service provide quite granular support for policy and its applicability. Also it helps to understand and debug while working with API-M management service.
Next article will focus some more part on this in context of DevOps.