Policy Hierarchy and 'base' Statement

Q

What are the relations among API policies defined at product level, API level, and operation level?

✍: FYIcenter.com

A

Azure API Management allows you to define policies at 3 levels:

Top Level policy - Policy defined at top level can be shared amount all APIs. You can use the "base" policy statement in the API policy to call the top level policy.
API level policy - Policy defined at API level can be shared amount all operations associated to the API. You can use the "base" policy statement in the operation policy to call the API policy.
Operation level policy - Policy defined at API level is only applied to the operation.

The "base" Policy statement allows you to call the same policy block in the next upper level of the policy hierarchy. The "base" policy statement is a simple <base/> with no attributes and no content.

For example, the following "inbound" policy defined at the operation level will call the "inbound" policy defined at the operation level.

  <inbound>
    <base />
    ... operation own policy statement
  </inbound>

The following "backend" policy defined in an operation will not call the API "backend" policy. Azure API management will not forward this operation to any backend system, because is have no policy statement:

  <backend>
  </backend>

Assuming we have the following 3 policies defined:

Operation inbound policy:
  <inbound>
    <base /> <!-- calling the API inbound policy
    <trace source="DEBUG">Hello from Operation Z!</trace>
  </inbound>
  
API inbound policy:
  <inbound>
    <base /> <!-- calling the product inbound policy
    <trace source="DEBUG">Hello from API Y!</trace>
  </inbound>
  
Product inbound policy:
  <inbound>
    <trace source="DEBUG">Hello from Product X!</trace>
  </inbound>

When Azure API management process the inbound request from a client system, it will produce DEBUG trace messages in order listed below:

Hello from Product X!
Hello from API Y!
Hello from Operation Z!

⇒ API Level Policy for All Operations

⇐ Azure API Policy XML Document Structure

⇑ Using Azure API Policy

⇑⇑ Microsoft Azure API Management Tutorials

2018-03-10, ∼2266🔥, 0💬

Add Request Query String Parameters
How to add request query string Parameters to my Azure API operation to make it more user friendly? If your API operation uses URL template parameters, the client system must call it with parameter values specified in the correct position, like: https://.../exchange-rate/USD/ EUR/2020-10-10The above... 2018-03-24, ∼5699🔥, 0💬

'@(...)' Expressions in Azure API Policy
How to use the "@(...)" expression in Azure API Policy? The "@(...)" expression in Azure API Policy can be used to include a single C# expression as the attribute value or text value in most policy statements. When a "@(...)" expression is included in a policy statement, the C# expression will be ev... 2018-02-14, ∼5614🔥, 0💬

Using the 'context' Object in Policy Expressions
How to use the built-in "context" object in Policy expressions? The built-in "context" object can be used any "@(...)" expressions or "@{...}" expression blocks. The "context" object allows you to access information related to Azure API operation through its properties and methods. Here are some exa... 2018-02-14, ∼4303🔥, 0💬

'@{...}' Expression Blocks in Azure API Policy
How to use the "@{...}" expression block in Azure API Policy? The "@{...}" expression block in Azure API Policy can be used to include a C# statement block as the attribute value or text value in most policy statements. C# statement block in the "@{...}" expression block must end with a "return" sta... 2018-02-14, ∼3722🔥, 0💬

Using Azure API Policy
Where to find tutorials on Using API Policy with API Management Services at Azure Portal? Here is a list of tutorials to answer many frequently asked questions compiled by FYIcenter.com team on Using API Policy with API Management Services at Azure Portal: What Is Azure API Policy Edit API Operation... 2018-03-24, ∼2975🔥, 0💬

Azure API Policy XML Document Structure
What is the XML Document Structure of an Azure API service operation? Azure API Policy XML Document contains 4 policy blocks: "inbound" - Policy sub element to provide policy statements that controls the generation of the inbound HTTP request to be delivered to the backend service. "backend" - Polic... 2018-03-10, ∼2695🔥, 0💬

Edit API Operation Policy
What are steps to edit policy of an Azure API Operation? For each operation you created in your API, a default policy coded is added. If you want to view and edit policy statements to be executed between the Azure API and the backend service, you can follow this tutorial: 1. Go to the publisher dash... 2018-03-10, ∼2617🔥, 0💬

'trace' Policy Statement
How to use the "trace" Policy Statement for an Azure API service operation? The "trace" policy statement allows you to generate debugging messages into the API trace output. The "trace" statement can be used in any policy blocks in the policy XML document. The "trace" statement has the following syn... 2018-03-10, ∼2475🔥, 0💬

What Is Azure API Policy
What Is Azure API Policy? Azure API Policy is a set of plugin rules to be executed between Azure API and the backend service. Those plugin rules are written in Azure API policy statements in XML format. An Azure API policy contains two major blocks: 1. Inbound Policy - Policy statements to be execut... 2018-03-10, ∼2378🔥, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.