Configure global policies

Edit online

Global policies are a set of policies that are associated globally with all APIs or the selected set of APIs.

About this task

When you create an API, you can enforce a policy only at the API level. If you want to enforce a policy for multiple APIs, you can create a global policy that can be applied across all APIs or a selected set of APIs depending on the requirement. By associating policies globally to all APIs or a selected set of APIs, you can make sure that a set of policies is applied to the selected APIs by default. For example, you can apply a threat protection policy to all APIs by creating a global policy that addresses data protection and security concerns.

webMethods API Gateway provides a default system policy Transaction logging, which has a log invocation policy and filters associated to log request or response payloads to a specified destination. These transactions are monitored and logged across all APIs in webMethods API Gateway. When you activate Transaction logging, Logging Invocation policy is applied to all APIs created.

Make sure that you have the Manage global policies functional privilege to create a global policy.

The following section illustrates an example where you create a global policy Transport Global. This global policy has the Enable HTTP/HTTPS policy that is configured and applied to all APIs that do not have ODATA in their name.

Procedure

  1. Open the menu options and select Manage > Policies.
  2. Click Global policies > Create global policy.
  3. In the Basic information section, provide the following details:
    • Name - Transport Global
    • Description - Global Policy
  4. Click Basic information or Filters in the left navigation window
  5. Select all API Type.
  6. Select all the HTTP methods in the Filter using HTTP methods section for this example.
  7. In the Filter by using attributes, select the following values to filter out APIs having ODATA as part of their name.
    • Attribute - API Name
    • Operator - Not Contains
    • Value - ODATA
  8. Click Continue to policy configuration.
  9. Select Transport and click Enable HTTP/HTTPS to configure the policy.
  10. Select the protocol HTTP in the policy properties section.
  11. Click Save. The global policy is created and the policy details page appears. It also lists the APIs for which this global policy is configured.
  12. Click Activate to activate the global policy.
  13. Verify the configured global policy. Select the API Petstore Debugging from the APIs section in the global policy. In the policies tab for the API, the globe icon for Transport > Enable HTTP/HTTPS indicates that the policy is applied at a global level.