API policies and logic constructs
Policies and logic constructs are pieces of configuration that control a specific aspect of processing in the Gateway server during the handling of an API invocation at run time.
Policies are the building blocks of assembly flows, and they provide the means to configure capability, such as security, logging, routing of requests to target services, and transformation of data from one format to another. Policies can be configured in the context of an API or in the context of a Plan.
Logic constructs behave in a similar way to policies, but they affect how and which parts of the assembly are implemented without modifying the data flow of the assembly.
IBM® API
Connect provides the following ways
that you can create, configure, and apply policies and logic constructs:
- Policies associated with a Plan
- A Plan provides a mechanism for grouping API operations or subsets of operations from one or more APIs. You can set rate limiting policies on a Plan to specify how many requests an application is allowed to make during a specified time interval. You can also configure a policy for each operation that is included in a Plan. For more information, see Working with Products.
- Built-in policies
- A built-in policy enables you to
apply a pre-configured policy statement to an assembly to control processing capabilities in the
Gateway server. Built-in policies are
applied by using the API
Manager assembly
editor to add a built-in policy to your assembly and to configure the properties for that policy.
For more information, see Built-in policies.Note: You can also apply built-in policies to your APIs by adding an
assemblyextension to your OpenAPI definition file. For more information, see IBM extensions to the OpenAPI specification. - Logic constructs
- A logic construct enables you to control the flow of data through your assembly during an API
call. Like policies, logic constructs are applied to an API by using the API
Manager assembly editor to add a logic
construct to your assembly and to configure the behavior of the construct. For more information, see
Logic Constructs.Note: You can also apply logic constructs to your APIs by adding an
assemblyextension to your OpenAPI definition file. For more information, see IBM extensions to the OpenAPI specification. - User-defined policies
- A user-defined policy enables you to create your own policies to control extra processing features in the Gateway server, such as security, or routing of requests. User-defined policies are created outside of API Connect and then imported into one or more Catalogs, so they can be applied to an operation in the same way as built-in policies. For more information, see Importing a user-defined policy into a Catalog.