How do you access a server that returns a 307 redirect response

Not applicable

I am using a service callout to access an API and the server returns a 307 redirect response but doesn't redirect apigee to the location url and continue to the response. The response is blank. I can use Postman to make the request and watch it redirect and return data. How do i replicate this in an apigee callout?

Solved Solved
0 7 6,894
1 ACCEPTED SOLUTION

adas
Participant V

@Leonard.Williams282 The api layer is usually not the one that would handle redirects. Its the client, in most cases its the browser and in your case its postman that takes care of handling the redirect. The service callout policy is not designed to handle redirects and follow them. So here's the solution you can apply:

A redirect response would come with a "Location" header. You can write a small javascript policy that gets the Location header from the service callout response object and then make an http call from your javascript policy to that url, which would simulate something like "follow redirect" that the browser automatically does. You can either get the location header and make the http call in the same javascript or you can just get the location header, set that into a variable and then make another service callout to that url. Some sample code here:

 var url = context.getVariable("calloutResponse.header.location")
 try{
 var redirect = httpClient.get(url);
 context.session["redirect"] = redirect;
} catch (err) {
    // Handle any error that may have happened previously by generating a response
    response.content.asJSON.error = err;
}
 

Here's the sample bundle, you can refer to: apigee-redirect-rev1-2016-04-05.zip

View solution in original post

7 REPLIES 7

For a 307 I believe the Location header should have the URI you need to direct the request to. I know of no configuration to make a service callout follow redirects automatically. You'll want to detect the 307, extract the header, and make a service callout to that extracted URI.

adas
Participant V

@Leonard.Williams282 The api layer is usually not the one that would handle redirects. Its the client, in most cases its the browser and in your case its postman that takes care of handling the redirect. The service callout policy is not designed to handle redirects and follow them. So here's the solution you can apply:

A redirect response would come with a "Location" header. You can write a small javascript policy that gets the Location header from the service callout response object and then make an http call from your javascript policy to that url, which would simulate something like "follow redirect" that the browser automatically does. You can either get the location header and make the http call in the same javascript or you can just get the location header, set that into a variable and then make another service callout to that url. Some sample code here:

 var url = context.getVariable("calloutResponse.header.location")
 try{
 var redirect = httpClient.get(url);
 context.session["redirect"] = redirect;
} catch (err) {
    // Handle any error that may have happened previously by generating a response
    response.content.asJSON.error = err;
}
 

Here's the sample bundle, you can refer to: apigee-redirect-rev1-2016-04-05.zip

One thought @arghya das is there something else should should be done in response processing so that the 307 doesn't go back to the client if you are doing this?

Else you might end up with two sets of requests, one from the service callout and one from a client responding to the 307? Maybe this is not an issue?

The 307 response would never go back to the client, unless you explicitly send the service callout response back. The one thing that I didn't add in my proxy is a condition which should check for 3xx http response code before calling the javascript. That way if the response is non 3xx, you can send that response back to the clients, whereas the javascript logic kicks in only if the response is 301 to 307. Does that make sense ?

Not applicable

Thanks all!

Former Community Member
Not applicable

Hi @Leonard.Williams282 it might be better to do everything inside a JavaScript policy vs using a Service Callout. Especially true if your server may return multiple redirects. JS/code is better equipped at handling this as compared to a policy.

Not applicable

Hello @Leonard.Williams282, you should be able to get the redirected URL in the "Location" header of the response. So, you need to put a extract variable policy or a java script to extract and use the parameter.

Is that you are looking for or I got it wrong ?