The execute field of an assembly has the following structure:
execute: - Policy_1 - Policy_2
Note: Although some built-in policies can be used with both the DataPower® Gateway (v5 compatible) and the DataPower API Gateway, some policies are restricted to a particular Gateway. The following icons indicate which Gateway each policy can be used with:
- Indicates that the policy can be run on the DataPower Gateway (v5 compatible).
- Indicates that the policy can be run on the DataPower API Gateway.
For details of the two types of gateway, see API Connect gateway types.
The following table describes the possible policies and logic constructs that can be included in an execute field.
|activity-log||No||Use the activity-log policy to log information that relates to the calling of API operations.||object (activity-log)||
Functionality provided by the activity-log extension
|client-security||No||Provides a range of options for authenticating client access to your APIs, extending the capabilities of the OpenAPI specification.||object (client-security)|
|gatewayscript||No||Include a GatewayScript program.||object (gatewayscript)|
|graphql-introspect||No||Use the graphql-introspect policy to introspect a GraphQL schema.||object (graphql-introspect)|
|if||No||Use the if policy to execute a section of the assembly only when a condition is fulfilled.||object (if)||
Functionality provided by switch
|invoke||No||Use the invoke policy to call an API.
The last invoke in your policy might be replaced by a proxy automatically to improve performance. To disable this, see: API properties.
|json-to-xml||No||Convert payload from JSON to XML.||object (json-to-xml)|
|jwt-generate||No||Generate a JSON Web Token (JWT).||object (jwt-generate)|
|jwt-validate||No||Validate a JSON Web Token (JWT).||object (jwt-validate)|
|log||No||Use the log policy to customize or override the default activity logging configuration for an API.||object (log)|
|map||No||Use the map policy to transform variables.||object (map)|
|operation-switch||No||Use the operation-switch policy when you want to execute alternative policy assemblies, conditional on the operation that is being called.||object (operation-switch)|
|oauth||No||Use the oauth policy to policy to perform OAuth processing based on defined OAuth provider settings.||object (oauth)|
|parse||No||Use the parse policy to control the parsing of an input document. When the input document is a JSON string, the string is parsed instead of copied over.||object (parse)|
|proxy||No||Proxy a service.||object (proxy)||
Functionality provided by invoke
|ratelimit||No||Use the ratelimit policy to apply one or more rate or burst limits at any point in your API assembly flow. Rate and burst limits restrict the number of calls that an application can make to an API in a specified time period.||object (ratelimit)|
|redact||No||Use the redact policy to completely remove or to redact specified fields from the request body, the response body, and the activity logs. You might find this policy useful for removing or blocking out sensitive data (for example, credit card details) for legal, security, or other reasons.||object (redact - DataPower API Gatewayredact - DataPower Gateway (v5 compatible))|
|set-variable||No||Use the set-variable policy to set a runtime variable to a string value, or to add or clear a runtime variable.||object (set-variable)|
|switch||No||Use the switch policy to execute one of a number of sections of the assembly based on which specified condition is fulfilled.||object (switch)|
|throw||No||Use the throw policy to specify points at which an error should be thrown.||object (throw)|
|user-defined-policy||No||You can apply your own user-defined policies to your APIs.||object (User-defined policies)|
|user-security||No||Extract a user's credentials, authenticate those credentials, and obtain authorization from the user.||object (user-security)|
|validate||No||Use the Validate policy to validate the payload in an assembly flow against a JSON or an XML schema.||object (validate - DataPower API Gateway, validate - DataPower Gateway (v5 compatible))|
|validate-usernametoken||No||Validate a WS-Security UsernameToken.||object (validate-usernametoken)|
|xml-to-json||No||Convert payload from XML to JSON.||object (xml-to-json)|
|xslt||No||Apply an XSLT transform to the payload.||object (xslt)|
The following example shows an execute field for an assembly that invokes a URL and then redacts a field from the request or response.
execute: - invoke: title: Example Invoke target-url: 'https://example.com/api' description: Example description - redact: actions: - action: redact from: - request - response path: //*[@name='secondaryAddress']/*[@name='streetAddress']