Regarding creation of the policies for APIs

NagarajTrivedi · September 21, 2021, 7:08am

Hi all, this is regarding configuration of policies for the APIs.
I want to know whether each Policy Id corresponds to a single API OR under one Policy Id different policies can be created for different APIs.
For example here is the default policy configuration present in the file policies/policies.json
{
“default”: {
“rate”: 1000,
“per”: 1,
“quota_max”: 100,
“quota_renewal_rate”: 60,
“access_rights”: {
“41433797848f41a558c1573d3e55a410”: {
“api_name”: “My API”,
“api_id”: “41433797848f41a558c1573d3e55a410”,
“versions”: [
“Default”
]
}
},
“org_id”: “54de205930c55e15bd000001”,
“hmac_enabled”: false
}
}

Suppose if I have created one more API called Hello-World then will the policy for this API (Hello-World) be configured as part of the default policy which is already present OR a new policy with a different Policy Id can be added for the new API Hello-World.

Please clarify this.

Thanks and Regards

N.M.Trivedi

Olu · September 21, 2021, 9:27am

Policies can correspond to single API or multiple APIs. This is configurable in the access_rights section. You can see a template of this in our Security Policy Example

About adding multiple multiple policy IDs, you can list multiple policies or policy IDs within the single JSON object. Based on your scenario, your policies.json file would look like this

{
“default”: { policy definition goes here… },
“Hello-World”: { policy definition goes here… },
“another policy ID”: { policy definition goes here… }
}

I hope this helps