By exposing an API through Apigee Edge, you gain the ability to modify and monitor its behavior using out-of-the-box policies. Edge's out-of-the-box policies enable you to augment your API with sophisticated features to control traffic, enhance peformance, enforce security, and increase the utility of your APIs, without requiring you to write any code or to modify any backend services. Extension policies enable you to implement custom logic in the form of JavaScript, Python, Java, and XSLT.

Following are the categories of policies that Apigee provides.

Traffic management policies Mediation policies Security policies Extension policies

Traffic management policies let you configure cache, control traffic quotas and spikes, set concurrent rate limits, and so on.

Mediation policies let you perform message transformation, parsing, and validation, as well as raise faults and alerts.

Security policies let you control access to your APIs with OAuth, API key validation, and other threat protection features.

Extension policies let you provide custom policy functionality, with support for such features as service callout, message data collection, and calling Java, JavaScript, and Python behavior you have created.

*  Apigee Edge enterprise only
† On-premises installations only

Policy schemas

The policy schemas, available in Github, provide the full set of elements and attributes available for policy configuration.
 

 

Help or comments?

  • Something's not working: See Apigee Support
  • Something's wrong with the docs: Click Send Feedback in the lower right.
    (Incorrect? Unclear? Broken link? Typo?)