Stages | Policies |
Transport | Enable bulkhead - This policy can be enforced to configure the maximum number of concurrent requests that the APIs can process. Enable HTTP/HTTPS - This policy can be enforced for all types of API. But the SOAP versions 1.1 and 1.2 are applicable only for SOAP-based APIs. The SOAP 1.1 and SOAP 1.2 sub types are not available in UI when the REST and ODATA APIs are selected. Note: Software AG recommends to create a separate policy for each API type. Set Media Type - This policy is applicable only for a REST request and the policy name is not listed in Policy configuration page when the SOAP and ODATA APIs are selected. Enable JMS/AMQP - This policy is applicable only for SOAP APIs and the policy name is not listed in Policy configuration page when the REST and ODATA APIs are selected. |
Identity & Access | Authorize User, Identify & Authorize - These policies can be enforced to any API Type. Inbound Auth - Message - This policy is applicable only for SOAP-based APIs and the policy name is not listed in Policy configuration page when the REST and ODATA APIs are selected. |
Request Processing | Invoke webMethods IS, Validate API Specification, Data Masking - These policies can be enforced to any API Type. Request Transformation - This policy is applicable only for SOAP and REST APIs. and not for ODATA services. When all three API types are selected, Request Transformation policy cannot be applied at the global level. |
Routing | Custom HTTP Header, Outbound Auth - Transport, Outbound Auth - Message. The Routing stage policies can be applied at a global level for all types of API. |
Traffic Monitoring | Log Invocation, Monitor Performance, Monitor SLA, Traffic Optimization, and Service Result Cache. The Traffic Monitoring stage policies can be applied at a global level for all types of API. |
Response Processing | Invoke webMethods IS, Validate API Specification, Data Masking - These policies can be enforced to any API Type. Response Transformation - This policy can be enforced only for SOAP and REST APIs and the policy name is not listed in Policy configuration page when ODATA API type is selected. CORS - This policy can be enforced only for REST and ODATA APIs and the policy name is not listed in Policy configuration page when SOAP-based API is selected. |
Error handling | Conditional Error Processing and Data Masking. The Error handling stage policies can be applied at a global level for all types of API. |