Solved: How to Customize VerifyApiKey Policy Default Error

azeddine-errami · 12-09-2019 08:29 AM

Hello ,

I'm trying to customize the defaut error Generated by the VerifyApiKey Policy , for example :

Default Error

{ "fault": { "faultstring": "Invalid ApiKey", "detail": { "errorcode": "oauth.v2.InvalidApiKey" } } }

So i'm trying to catch the error code which is "401" but i don't find a way to do it in Apigee .

Please can anyone help ?

bhatikuldeep

This might help -

https://community.apigee.com/content/kbentry/23724/an-error-handling-pattern-for-apigee-proxies.html, use `AssignMessage` policy instead of `RaiseFault`;
https://github.com/apigee/api-platform-samples/tree/master/learn-edge/fault-handling-1

View solution in original post

dchiesa1

here's an example from a recent proxy I am using

<ProxyEndpoint name="endpoint1">
...
  <FaultRules>
    <FaultRule name="invalid-key">
      <Step>
        <Name>AM-InvalidApiKey</Name>
      </Step>
      <Condition>fault.name = "InvalidApiKey" OR fault.name = "InvalidApiKeyForGivenResource"</Condition>
    </FaultRule>


    <FaultRule name="missing-key">
      <Step>
        <Name>AM-MissingKey</Name>
      </Step>
      <Condition>fault.name = "FailedToResolveAPIKey"</Condition>
    </FaultRule>


    <FaultRule name="key-expired">
      <Step>
        <Name>AM-ExpiredKey</Name>
      </Step>
      <Condition>fault.name = "consumer_key_expired"</Condition>
    </FaultRule>


  </FaultRules>

  ...

Each of the AM-XXXXX policies are AssignMEssage policies which overwrite the "default" error message for the specific fault. You can make the message anything you like. Here's an example

<AssignMessage name="AM-MissingKey">
  <Set>
    <StatusCode>400</StatusCode>
    <ReasonPhrase>Bad Request</ReasonPhrase>
    <Payload contentType="application/json">{
  "error" : {
    "code" : 400.14,
    "message" : "the apikey is missing"
  }
}
</Payload>
  </Set>
  <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
</AssignMessage>

View solution in original post

bhatikuldeep

This might help -

https://community.apigee.com/content/kbentry/23724/an-error-handling-pattern-for-apigee-proxies.html, use `AssignMessage` policy instead of `RaiseFault`;
https://github.com/apigee/api-platform-samples/tree/master/learn-edge/fault-handling-1

dchiesa1

here's an example from a recent proxy I am using

<ProxyEndpoint name="endpoint1">
...
  <FaultRules>
    <FaultRule name="invalid-key">
      <Step>
        <Name>AM-InvalidApiKey</Name>
      </Step>
      <Condition>fault.name = "InvalidApiKey" OR fault.name = "InvalidApiKeyForGivenResource"</Condition>
    </FaultRule>


    <FaultRule name="missing-key">
      <Step>
        <Name>AM-MissingKey</Name>
      </Step>
      <Condition>fault.name = "FailedToResolveAPIKey"</Condition>
    </FaultRule>


    <FaultRule name="key-expired">
      <Step>
        <Name>AM-ExpiredKey</Name>
      </Step>
      <Condition>fault.name = "consumer_key_expired"</Condition>
    </FaultRule>


  </FaultRules>

  ...

Each of the AM-XXXXX policies are AssignMEssage policies which overwrite the "default" error message for the specific fault. You can make the message anything you like. Here's an example

<AssignMessage name="AM-MissingKey">
  <Set>
    <StatusCode>400</StatusCode>
    <ReasonPhrase>Bad Request</ReasonPhrase>
    <Payload contentType="application/json">{
  "error" : {
    "code" : 400.14,
    "message" : "the apikey is missing"
  }
}
</Payload>
  </Set>
  <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
</AssignMessage>