API Proxy - Which policy to use in order to exclude several response elements for a specific developer?

liorkarol
Participant I

API Proxy - Which policy to use in order to exclude several response elements for a specific developer?

An example will be helpful.

Solved Solved
0 3 277
1 ACCEPTED SOLUTION

Great Question, @Lior Karol ,

It's something more than a simple policy. It's combination of Access Entity Policy, Extract Variables Policy, Assign Message Policy , API Product, Developer App, Developer, Developer Attribute, Developer Portal that makes the magic happening.

Please allow me to explain same with an example,

  • I have an API like, http://api.xxxxx.com/v1/employee/{employeeId}
  • API response gives 15 parameters out of the box
  • But, You might want to give 2 parameters as response to Developer Type (Silver)
  • You would like to give full 15 parameters to Developer Type (Gold)
  • You will create API Product and package above API into API Product in Apigee.

There are multiple ways you can solve this problem, Let's see developer attributes approach,

  • Let's say Developers ABC registers in Developer Portal
  • You will either manually / automatically assign a developer attribute called "type" = "silver". You can update in Apigee Drupal based Developer Portal using out of the box developer attributes functionality / You can manually edit developer in Edge UI & add this attribute.
  • Let's say Developers XYZ registers in Developer Portal , You assign attribute called "type" = "gold"
  • Developer ABC registers an App in Developer Portal & Gets the Key 123
  • Developer XYZ registers an App in Developer Portal & Gets the Key 456
  • Developer ABC presents the key 123 to your API,
    • You will use verify api key policy to validate the key
    • After the policy, You will have flow variables like developer id / email
    • You will use these flow variables & executes access entity policy to retrieve developer information including attributes in request flow.
    • In response flow, You will check for attribute type silver or gold using above flow variables & execute policies extract variable policy which extracts 2 parameters, constructs new response object using Assign Message Policy.
    • If attribute type is gold, you will just skip the policies extract variables & assign message using policy conditions.

For more details how to use these policies, check Apigee Docs http://docs.apigee.com/ or Learn quickly using Apigee 4MV4D videos.

-------------------------------

Anil Sagar

5997-screen-shot-2017-11-23-at-75916-pm.png Learn Apigee Concepts in 4 Minutes HandsOn

View solution in original post

3 REPLIES 3

Great Question, @Lior Karol ,

It's something more than a simple policy. It's combination of Access Entity Policy, Extract Variables Policy, Assign Message Policy , API Product, Developer App, Developer, Developer Attribute, Developer Portal that makes the magic happening.

Please allow me to explain same with an example,

  • I have an API like, http://api.xxxxx.com/v1/employee/{employeeId}
  • API response gives 15 parameters out of the box
  • But, You might want to give 2 parameters as response to Developer Type (Silver)
  • You would like to give full 15 parameters to Developer Type (Gold)
  • You will create API Product and package above API into API Product in Apigee.

There are multiple ways you can solve this problem, Let's see developer attributes approach,

  • Let's say Developers ABC registers in Developer Portal
  • You will either manually / automatically assign a developer attribute called "type" = "silver". You can update in Apigee Drupal based Developer Portal using out of the box developer attributes functionality / You can manually edit developer in Edge UI & add this attribute.
  • Let's say Developers XYZ registers in Developer Portal , You assign attribute called "type" = "gold"
  • Developer ABC registers an App in Developer Portal & Gets the Key 123
  • Developer XYZ registers an App in Developer Portal & Gets the Key 456
  • Developer ABC presents the key 123 to your API,
    • You will use verify api key policy to validate the key
    • After the policy, You will have flow variables like developer id / email
    • You will use these flow variables & executes access entity policy to retrieve developer information including attributes in request flow.
    • In response flow, You will check for attribute type silver or gold using above flow variables & execute policies extract variable policy which extracts 2 parameters, constructs new response object using Assign Message Policy.
    • If attribute type is gold, you will just skip the policies extract variables & assign message using policy conditions.

For more details how to use these policies, check Apigee Docs http://docs.apigee.com/ or Learn quickly using Apigee 4MV4D videos.

-------------------------------

Anil Sagar

5997-screen-shot-2017-11-23-at-75916-pm.png Learn Apigee Concepts in 4 Minutes HandsOn

@Anil Sagar Thanks. it was very usefull!

@Lior Karol , Glad it was helpful, Let us know if you are evaluating Apigee / Planning to purchase, Happy to assist you.