API Manager Functions

The API Policy Manager provides asset functions and request functions for creating policies and setting up Proxy endpoint rules.

Important: This page describes Classic APIM. For APIM 3.0, refer to API Management 3.0.

Overview

The API Policy Manager has two types of functions that are integral to creating policies and setting up Proxy endpoint rules.

  • Asset Functions
  • Request Functions

Asset Functions

The asset variable allows policy instances to access data associated with the asset that is being requested.

FieldDetails
path 

Description: The path to the asset being accessed.

Syntax: asset.path

Example:

Expression: asset.path

Where the request was for a Task in the organization's shared project.

Result: /ExampleOrg/shared/TestTask

Snaplex Functions

FieldDetails
load balancer 

Description: The load balancer for the Snaplex JCC node or FeedMaster node. When configuring an OAuth policy callback URL, you might want to reference the Snaplex load balancer set for your API Version or Proxy.

Syntax:

  • snaplex.jccLoadbalancer
  • snaplex.feedMasterLoadbalancer

Request Functions

The request variable allows Policy instances to access data associated with the current request being processed.

FieldDetails
remoteAddr 

Description: The IP address of the client making the request as a string. Note that this can be an IPv4 or IPv6 address.

Syntax: request.remoteAddr

Example:

Expression: request.remoteAddr

Where the request was made from the IP address 10.0.1.2

Result: 10.0.1.2

remoteUser 

Description: The identifier for the user making the request as a string.

Syntax: request.remoteUser

Example:

Expression: request.remoteUser

Where the request was made by the user [email protected]:

Result: [email protected]

isUserInRole() 

Description: Checks if the user is in the given role.

Syntax: request.isUserInRole(role)

Example:

Expression: request.isUserInRole('admin')

Where the request was made by a user that has the admin role.

Result: true

method 

Description: The HTTP method used for this request.

Syntax: request.method

Example:

Expression: request.method == 'POST'

Where the request is a POST

Result: true

uri.path 

Description: The full path of the request.

Syntax: request.uri.path

Example:

Expression: request.uri.path

Result: /api/1/rest/feed/example/shared/HelloTask

uri.query 

Description: The query parameters for this request.

Syntax: request.uri.query

Example:

Expression: request.uri.query

Result: $name

headers 

Description: An object that contains the headers from the request. The property names in the object correspond to the HTTP header names that were in the request and lookups are case-insensitive. The values of the properties are lists of strings where each element comes from one instance of a header.

Note: Since accessing this object can be error-prone, it is best to use the match operator to extract data, like so: 
match request.headers { { "Content-Type": [ctype] } => ctype }

Syntax: request.headers

Example:

Expression: request.headers['Content-Type']

Where the request was made with the Content-Type header set to application/json

Result: ["application/json"]

properties 

Description: An object that contains the internal properties associated with the request.

When configuring an OAuth policy scope, you might want to list the Snaplexes. You can use the following functions to do so:

  • For JCC node in a Snaplex: snaplex.jccLoadbalancer
  • For the FeedMaster node in a Snaplex: snaplex.feedMasterLoadbalancer

Syntax: request.properties

roles 

Description: An object that contains all existing roles.

  • Policies that run before the Authorize by Role policy return an empty list.
  • Policies that run after the Authorize by Role policy return the user roles in a list of strings returned from the expression request.roles.

Responses: [anonymous] or [admins, members]

Syntax: request.roles

Example:

Expression: request.roles

Result: admins, members

Related Content