Skip to Content

SAP API Management Policy Guide


By adding an API to the API platform, you gain the ability to modify and monitor its behavior using out-of-the-box policies. The out-of-the-box policies let you add sophisticated features to control traffic, enhance performance, enforce security, and increase the utility of your APIs, without coding or changing backend services. Extension policies enable you to add custom logic in the form of JavaScript, Python and XSLT to an API, tailoring it to meet business requirements.

Following are the categories of policies that SAP API Management provides.

  • Traffic management policies:Traffic management policies let you configure cache, control traffic quotas and spikes, set concurrent rate limits, and so on.
  • Security policies: Security policies let you control access to your APIs with OAuth, API key validation, and other threat protection features.
  • Mediation policies: Mediation policies let you perform message transformation, parsing, and validation, as well as raise faults and alerts.
  • Extension policies: Extension policies let you provide custom policy functionality beyond what is provided by SAP API Management, with support for such features as a service callout, message data collection, and calling JavaScript, and Python behavior you have created.

Here is the link to the SAP API Management policy guide.

Former Member

No comments