Is it possible to use flow variables for configuration of limits in the JSON Threat policy ?

Not applicable
 
1 9 719
9 REPLIES 9

@sumit pramanik , Welcome to Apigee Community.

Can you please add more details regarding your query. What do you mean by "in between xml tags" ? JSON threat policy is used to minimize content level attacks when request payload is JSON. It's not used for setting flow variable. Assign Message Policy / Extract Variable Policy is used to set flow variables.

Not applicable

Hi Anil, thanks for your time.

I have created a KVM,in which I have made "ArrayElementCount","ContainerDepth" as keys and have assigned values to them. Now I want the JSON Threat policy to pick up values from here at run time, so that the values are configurable in the KVM and not hard coded in the policy itself.

Can this be done.. Hope I am clear. 🙂

@sumit pramanik ,

I don't think JSON Threat protection policy supports ref variables as per documentation to replace same runtime retrieving from KVM. I have tried same & didn't work. Ideally, It should support like other policies. Let me loop in some Apigee Engineering folks for more details.

Hi Anil,

Any updates? Can we set flow variable in json threat protection?

@anilsr - any update on this thread?

Still no

@dchiesa1 any alternate solution for maintaining this policy for different consumers?

I can't think of one. . . . 

Aside from waiting for an enhancement to the policy to allow dynamic specification of the limits.  

I agree it would be helpful to have the capability you're describing. I've raised a ticket to ask for this enhancement (ref: b/197897330) . But I've got no idea on how the team will prioritize or schedule this enhancement.  

Thank you for raising the enhancement ticket 🙂

I see this feature enhancement been requested for almost 5 years now. I hope this would get prioritized now.