You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/api-management/transform-api.md
+27-63Lines changed: 27 additions & 63 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -34,14 +34,33 @@ In this tutorial, you learn how to:
34
34
35
35
* Learn the [Azure API Management terminology](api-management-terminology.md).
36
36
* Understand the [concept of policies in Azure API Management](api-management-howto-policies.md).
37
-
* Complete the following quickstart: [Create an Azure API Management instance](get-started-create-service-instance.md).
37
+
* Complete the following quickstart: [Create an Azure API Management instance](get-started-create-service-instance.md). For this tutorial, we recommend the Developer tier or the Basic v2 tier. The Consumption tier doesn't support all policies used in this tutorial.
38
38
* Also, complete the following tutorial: [Import and publish your first API](import-and-publish.md).
1. In your API Management service instance, select **APIs**.
47
+
1. Select **Swagger Petstore** from your API list.
48
+
1. Select the **Test** tab, on the top of the screen.
49
+
1. Select the **GetSpeakers** operation, and then select **Send**.
50
+
51
+
The original API response should look similar to the following response:
52
+
53
+
:::image type="content" source="media/transform-api/test-original-response-new.png" lightbox="media/transform-api/test-original-response-new.png" alt-text="Screenshot of the original API response in the portal.":::
54
+
55
+
As you can see, the response includes the **X-AspNet-Version** and **X-Powered-By** headers.
56
+
57
+
42
58
## Protect an API by adding rate limit policy (throttling)
43
59
44
-
This section shows how to add protection to your backend API by configuring rate limits, so that the API isn't overused by developers. In this example, the limit is set to three calls per 15 seconds for each subscription ID. After 15 seconds, a developer can retry calling an API.
60
+
This section shows how to add protection to your backend API by configuring rate limits, so that the API isn't overused by developers. In this example, the limit is set to three calls per 15 seconds. After 15 seconds, a developer can retry calling an API.
61
+
62
+
> [!NOTE]
63
+
> This example shows how to configure the `rate-limit-by-key` policy using the code editor. This policy isn't supported in the Consumption tier.
1. In the **Inbound processing** section, select the code editor (**</>**) icon.
@@ -65,33 +84,17 @@ This section shows how to add protection to your backend API by configuring rate
65
84
```
66
85
67
86
68
-
## Transform an API to strip response headers
69
-
70
-
This section shows how to hide the HTTP headers that you don't want to show to your users. For example, delete the following headers in the HTTP response:
71
-
72
-
* **X-Powered-By**
73
-
* **X-AspNet-Version**
74
-
75
-
### Test the original response
76
-
77
-
To see the original response:
78
-
79
-
1. In your API Management service instance, select **APIs**.
80
-
1. Select **Demo Conference API** from your API list.
81
-
1. Select the **Test** tab, on the top of the screen.
82
-
1. Select the **GetSpeakers** operation, and then select **Send**.
87
+
## Transform an API to add a custom response header
83
88
84
-
The original API response should look similar to the following response:
89
+
API Management includes several transformation policies that you can use to modify request or response payloads, headers, or status codes. As an example, this section shows you how to configure a custom response header using the `set-header` policy.
85
90
86
-
:::image type="content" source="media/transform-api/test-original-response-new.png" lightbox="media/transform-api/test-original-response-new.png" alt-text="Screenshot of the original API response in the portal.":::
87
91
88
-
As you can see, the response includes the **X-AspNet-Version** and **X-Powered-By** headers.
89
92
90
93
### Set the transformation policy
91
94
92
95
This example shows how to use the form-based policy editor, which helps you configure many policies without having to edit the policy XML statements directly.
1. In the **Outbound processing** section, select **+ Add policy**.
96
99
97
100
:::image type="content" source="media/transform-api/outbound-policy-small.png" alt-text="Screenshot of navigating to outbound policy in the portal." lightbox="media/transform-api/outbound-policy.png":::
@@ -101,53 +104,14 @@ This example shows how to use the form-based policy editor, which helps you conf
101
104
:::image type="content" source="media/transform-api/set-http-header.png" alt-text="Screenshot of configuring the Set headers policy in the portal.":::
102
105
103
106
1. To configure the Set headers policy, do the following:
104
-
1. Under **Name**, enter **X-Powered-By**.
105
-
1. Leave **Value** empty. If a value appears in the dropdown, delete it.
106
-
1. Under **Action**, select **delete**.
107
+
1. Under **Name**, enter **Custom header**.
108
+
1. Under **Value**, select **+ Add value**. Enter *My custom value*.
107
109
1. Select **Save**.
108
-
109
-
1. Repeat the preceding two steps to add a **Set headers** policy that deletes the **X-AspNet-Version** header:
110
110
111
-
1. After configuration, two **set-header** policy elements appear in the **Outbound processing** section.
111
+
1. After configuration, a **set-header** policy element appears in the **Outbound processing** section.
112
112
113
113
:::image type="content" source="media/transform-api/set-policy.png" alt-text="Screenshot of the Set headers outbound policies in the portal.":::
114
114
115
-
## Replace original URLs in the body of the API response with API Management gateway URLs
116
-
117
-
This section shows how to replace original URLs that appear in the body of the API's HTTP response with API Management gateway URLs. You might want to hide the original backend URLs from users.
118
-
119
-
### Test the original response
120
-
121
-
To see the original response:
122
-
123
-
1. Select **Demo Conference API** > **Test**.
124
-
1. Select the **GetSpeakers** operation, and then select **Send**.
125
-
126
-
As you can see, the response includes the original backend URLs:
127
-
128
-
:::image type="content" source="media/transform-api/original-response2.png" alt-text="Screenshot of original URLs in response in the portal.":::
129
-
130
-
### Set the transformation policy
131
-
132
-
In this example, you use the policy code editor to add the policy XML snippet directly to the policy definition.
1. In the **Outbound processing** section, select the code editor (**</>**) icon.
136
-
137
-
:::image type="content" source="media/transform-api/outbound-policy-code.png" lightbox="media/transform-api/outbound-policy-code.png" alt-text="Screenshot of navigating to outbound policy code editor in the portal.":::
138
-
139
-
1. Position the cursor inside the **`<outbound>`** element on a blank line. Then select **Show snippets** at the top-right corner of the screen.
140
-
141
-
:::image type="content" source="media/transform-api/show-snippets-1.png" alt-text="Screenshot of selecting show snippets in outbound policy editor in the portal.":::
142
-
143
-
1. In the right window, under **Transformation policies**, select **Mask URLs in content**.
144
-
145
-
The **`<redirect-content-urls />`** element is added at the cursor.
146
-
147
-
:::image type="content" source="media/transform-api/mask-urls-new.png" alt-text="Screenshot of inserting mask URLs in content policy in the portal.":::
0 commit comments