The execute field of an assembly has the following structure:

 - Policy_1
 - Policy_2
Note: Although some built-in policies can be used with both the DataPower® Gateway (v5 compatible) and the DataPower API Gateway, some policies are restricted to a particular Gateway. The following icons indicate which Gateway each policy can be used with:
  • DataPower gateway iconIndicates that the policy can be run on the DataPower Gateway (v5 compatible).
  • DataPower gateway iconIndicates that the policy can be run on the DataPower API Gateway.

For details of the two types of gateway, see API Connect gateway types.

The following table describes the possible policies and logic constructs that can be included in an execute field.

Table 1. execute properties
Property Required Description Data Type DataPower gateway icon DataPower gateway icon
activity-log No Use the activity-log policy to log information that relates to the calling of API operations. object (activity-log) Yes Yes

Functionality provided by the activity-log extension

client-security No Provides a range of options for authenticating client access to your APIs, extending the capabilities of the OpenAPI specification. object (client-security) No Yes
gatewayscript No Include a GatewayScript program. object (gatewayscript) Yes Yes
graphql-introspect No Use the graphql-introspect policy to introspect a GraphQL schema. object (graphql-introspect) No Yes
if No Use the if policy to execute a section of the assembly only when a condition is fulfilled. object (if) Yes Yes

Functionality provided by switch

invoke No Use the invoke policy to call an API.

The last invoke in your policy might be replaced by a proxy automatically to improve performance. To disable this, see: API properties.

object (invoke) Yes Yes
json-to-xml No Convert payload from JSON to XML. object (json-to-xml) Yes Yes
jwt-generate No Generate a JSON Web Token (JWT). object (jwt-generate) Yes Yes
jwt-validate No Validate a JSON Web Token (JWT). object (jwt-validate) Yes Yes
log No Use the log policy to customize or override the default activity logging configuration for an API. object (log) No Yes
map No Use the map policy to transform variables. object (map) Yes Yes
operation-switch No Use the operation-switch policy when you want to execute alternative policy assemblies, conditional on the operation that is being called. object (operation-switch) Yes Yes
oauth No Use the oauth policy to policy to perform OAuth processing based on defined OAuth provider settings. object (oauth) No Yes
parse No Use the parse policy to control the parsing of an input document. When the input document is a JSON string, the string is parsed instead of copied over. object (parse) No Yes
proxy No Proxy a service. object (proxy) Yes Yes

Functionality provided by invoke

ratelimit No Use the ratelimit policy to apply one or more rate or burst limits at any point in your API assembly flow. Rate and burst limits restrict the number of calls that an application can make to an API in a specified time period. object (ratelimit) No Yes
redact No Use the redact policy to completely remove or to redact specified fields from the request body, the response body, and the activity logs. You might find this policy useful for removing or blocking out sensitive data (for example, credit card details) for legal, security, or other reasons. object (redact - DataPower API Gatewayredact - DataPower Gateway (v5 compatible)) Yes Yes
set-variable No Use the set-variable policy to set a runtime variable to a string value, or to add or clear a runtime variable. object (set-variable) Yes Yes
switch No Use the switch policy to execute one of a number of sections of the assembly based on which specified condition is fulfilled. object (switch) Yes Yes
throw No Use the throw policy to specify points at which an error should be thrown. object (throw) Yes Yes
user-defined-policy No You can apply your own user-defined policies to your APIs. object (User-defined policies) Yes Yes
user-security No Extract a user's credentials, authenticate those credentials, and obtain authorization from the user. object (user-security) No Yes
validate No Use the Validate policy to validate the payload in an assembly flow against a JSON or an XML schema. object (validate - DataPower API Gateway, validate - DataPower Gateway (v5 compatible)) Yes Yes
validate-usernametoken No Validate a WS-Security UsernameToken. object (validate-usernametoken) Yes No
xml-to-json No Convert payload from XML to JSON. object (xml-to-json) Yes Yes
xslt No Apply an XSLT transform to the payload. object (xslt) Yes Yes

The following example shows an execute field for an assembly that invokes a URL and then redacts a field from the request or response.

 - invoke:
  title: Example Invoke
  target-url: 'https://example.com/api'
  description: Example description
 - redact:
   - action: redact
      - request
      - response
    path: //*[@name='secondaryAddress']/*[@name='streetAddress']