This document discusses using context variables and custom fields in CA API Developer Portal policy writing. It describes how portal policy templates and custom fields allow additional input that can be leveraged by gateway policies. The presentation includes an example of a policy template, discusses typical use cases, and demonstrates a policy that uses a custom field to variably set quotas on HTTP methods and restrict partner access.
Scanning the Internet for External Cloud Exposures via SSL Certs
Pre-Con Ed: CA API Developer Portal: Policy Writing for the Portal Using the New Context Variables and API Key Custom Fields
1. CA API Developer Portal:
Policy Writing for the Portal Using
Context Variables and Custom Fields
Jay Bagtas
Principal Software Engineer
CA Technologies
DO3X40E
DEVOPS
As you build out your presentation, here are a few dos and don’ts.
Portal and the Gateway
Policy defines the rules (assertions) the Gateway enforces
Applied at runtime allowing supreme flexibility
Has its own learning curve but plenty of benefits
The Portal has features that allow users to define additional configuration actionable via Policy
Policy not code = flexibility
Code is rigid and hard to change
Policy is flexible, can be done on the fly, doesn’t need to be re-compiled
Assertions
Define what a Policy does and are the base building block
Policy Fragment
Re-usable piece of policy reference-able within other Policies
Encapsulated Assertion
Self-contained Policy based on a Policy Fragment that accepts inputs and generates outputs
Context Variables
Variables reference-able within Policy
Policy Templates are Encapsulated Assertions specifically exposed to the Portal
Allows publishing of APIs that reference an Encapsulated Assertion
Typically encapsulate IT and Security rules
Ex. SSL requirement, two-factor authentication
Lets API Owners provide inputs specific to their API
API Custom Fields are created as Service Properties on the Gateway
Reference-able in Policy via context variable: ${service.property.NAME}
Viewable in Policy Manager via Published Service Properties dialogue
Application Custom Fields are tied specifically to the API Key
Stored as JSON