API Gateway 10.3 | Using API Gateway | Policies | Managing API-level Policies
 
Managing API-level Policies
 
Assigning a Policy to an API
Viewing API Policy Details
Modifying API Policy Details
The API-level policies apply to all APIs at the API level within an instance of API Gateway.
A policy at an API-level provides run-time governance capabilities to an API. The policy can be used to identify and authenticate consumers, validate digital signatures, capture performance measurements, and so on. Policies have one or more properties, which you can configure in a policy when you apply it to an API. For example, a policy that identifies consumers specifies one or more identifiers to identify the consumers who are trying to access the API.
The API level policies are categorised in the following stages:
*Threat protection - These policies can be viewed on the API details page of an API but can be managed only through the Policies > Global threat protection section and cannot be managed from the API details page.
*Transport
*Identify & Access
*Request Processing
*Routing
*Traffic Monitoring
*Response Processing
*Error Handling