Ana içeriğe atla

Endpoint

PUT /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/

Authentication

Requires a Personal API Access Token. 
Authorization: Bearer YOUR_TOKEN

Request

Headers

HeaderValueRequired
AuthorizationBearer Yes
Content-Typeapplication/jsonYes

Path Parameters

ParameterTypeRequiredDescription
projectNamestringYesProject name
apiProxyNamestringYesAPI Proxy name
policyNamestringYesPolicy name (must exist)

Request Body

Full JSON Body Example

{
  "operationMetadata": {
    "targetScope": "ALL",
    "targetPipeline": "REQUEST",
    "deploy": true,
    "deployTargetEnvironmentNameList": ["production"],
    "order": 2
  },
  "policy": {
    "type": "policy-api-based-throttling",
    "description": "Updated API throttling policy - 200 requests per minute",
    "active": true,
    "targetVariableForIdentity": {
      "type": "HEADER",
      "headerName": "X-API-Key"
    },
    "messageCountForInterval": 200,
    "throttlingInterval": "ONE_MINUTE",
    "intervalPeriodLength": 1,
    "intervalWindowType": "FIXED",
    "cacheConnectionTimeoutInSeconds": 5,
    "cacheErrorHandlingType": "FAIL",
    "showRateLimitStatisticsInResponseHeader": true,
    "detailList": [
      {
        "targetValue": "VIP",
        "regexExpression": false,
        "messageCountForInterval": 2000,
        "intervalPeriodLength": 1,
        "quotaInterval": "ONE_MINUTE"
      }
    ],
    "policyCondition": {
      "conditionRuleList": [
        {
          "conditionCriteria": "VALUE",
          "firstVariable": {
            "name": "userTypeHeader",
            "type": "HEADER",
            "headerName": "X-User-Type"
          },
          "variableDataType": "STRING",
          "valueComparisonOperator": "EQ",
          "secondValueSource": "VALUE",
          "secondValue": "PREMIUM"
        }
      ]
    }
  }
}

Request Body Fields

The request body structure is identical to Add Policy. See that documentation for complete field descriptions.
operationMetadata
FieldTypeRequiredDefaultDescription
targetScopestringYes-Policy scope: ALL or ENDPOINT
targetEndpointstringNo*-Endpoint path (required if targetScope=ENDPOINT)
targetEndpointHTTPMethodstringNo*-HTTP method (required if targetScope=ENDPOINT)
targetPipelinestringYes-Pipeline: REQUEST, RESPONSE, or ERROR
deploybooleanNotrueWhether to deploy after updating policy
deployTargetEnvironmentNameListarrayNo[]List of environment names to deploy to
orderintegerNonullPolicy execution order (starts from 1). If null, keeps existing order. If >= list size, moves to end
Note: If order is null, the policy keeps its existing position. If order is provided, the policy is moved to that position.

EnumPolicyTargetScope

  • ALL - Policy applies to all endpoints
  • ENDPOINT - Policy applies only to specified endpoint

EnumPolicyTargetPipeline

  • REQUEST - Executes in request pipeline
  • RESPONSE - Executes in response pipeline
  • ERROR - Executes in error pipeline

EnumHttpRequestMethod

  • GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD, TRACE, ALL
policy
The policy object structure is identical to Add Policy. All policy fields can be updated. Important: The policy type cannot be changed. If you need a different policy type, delete the existing policy and create a new one.

Response

Success Response (200 OK)

{
  "status": "SUCCESS"
}
If deploy: true is set in the request, the response includes deployment result: 
{
  "status": "SUCCESS",
  "deploymentResult": {
    "success": true,
    "responseTime": 1500,
    "detailList": [
      {
        "envName": "production",
        "podName": "pod-123",
        "podIp": "10.0.0.1",
        "success": true,
        "responseTime": 1500
      }
    ]
  }
}

Response Fields

FieldTypeDescription
statusstringResponse status: SUCCESS or FAILURE
deploymentResultobjectDeployment result (if deploy=true). See Deployment Result Object

Deployment Result Object (deploymentResult)

FieldTypeDescription
successbooleanOverall deployment success status
responseTimeintegerTotal deployment response time in milliseconds
detailListarrayList of deployment details per pod/environment

Deployment Detail Object (detailList item)

FieldTypeDescription
envNamestringEnvironment name
podNamestringPod name where deployment occurred
podIpstringPod IP address
successbooleanDeployment success status for this pod
responseTimeintegerDeployment response time for this pod in milliseconds

EnumStatus

  • SUCCESS - Operation successful
  • FAILURE - Operation failed

Error Response (400 Bad Request)

{
  "error": "bad_request",
  "error_description": "A policy with name (my-policy) does not exist in API Proxy!"
}

Common Causes

  • Policy name does not exist
  • Invalid targetScope (ENDPOINT without targetEndpoint)
  • Invalid targetEndpoint (endpoint not found in API Proxy)
  • Invalid policy type (cannot change policy type)
  • Missing required policy fields
  • Invalid condition configuration
  • Invalid order value (order < 1)

Error Response (401 Unauthorized)

{
  "error": "unauthorized_client",
  "error_description": "Invalid token"
}

Error Response (404 Not Found)

{
  "error": "not_found",
  "error_description": "ApiProxy (name: MyAPI) was not found!"
}

cURL Example

Example 1: Update Policy Configuration

curl -X PUT \
  "https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/throttling-policy/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "operationMetadata": {
      "targetScope": "ALL",
      "targetPipeline": "REQUEST",
      "deploy": true,
      "deployTargetEnvironmentNameList": ["production"],
      "order": 1
    },
    "policy": {
      "type": "policy-api-based-throttling",
      "description": "Updated throttling policy - increased limit",
      "active": true,
      "targetVariableForIdentity": {
        "type": "HEADER",
        "headerName": "X-API-Key"
      },
      "messageCountForInterval": 200,
      "throttlingInterval": "ONE_MINUTE",
      "intervalPeriodLength": 1,
      "intervalWindowType": "FIXED"
    }
  }'

Example 2: Update Policy Order

Move a policy to a different position in the pipeline. 
curl -X PUT \
  "https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/throttling-policy/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "operationMetadata": {
      "targetScope": "ALL",
      "targetPipeline": "REQUEST",
      "deploy": false,
      "order": 3
    },
    "policy": {
      "type": "policy-api-based-throttling",
      "description": "Throttling policy",
      "active": true,
      "targetVariableForIdentity": {
        "type": "HEADER",
        "headerName": "X-API-Key"
      },
      "messageCountForInterval": 100,
      "throttlingInterval": "ONE_MINUTE",
      "intervalPeriodLength": 1,
      "intervalWindowType": "FIXED"
    }
  }'

Example 3: Update Policy Scope

Move a policy from ALL endpoints to a specific endpoint. 
curl -X PUT \
  "https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/throttling-policy/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "operationMetadata": {
      "targetScope": "ENDPOINT",
      "targetEndpoint": "/api/users",
      "targetEndpointHTTPMethod": "GET",
      "targetPipeline": "REQUEST",
      "deploy": false,
      "order": 1
    },
    "policy": {
      "type": "policy-api-based-throttling",
      "description": "Endpoint-specific throttling",
      "active": true,
      "targetVariableForIdentity": {
        "type": "HEADER",
        "headerName": "X-API-Key"
      },
      "messageCountForInterval": 50,
      "throttlingInterval": "ONE_MINUTE",
      "intervalPeriodLength": 1,
      "intervalWindowType": "FIXED"
    }
  }'

Example 4: Update Policy Pipeline

Move a policy from REQUEST pipeline to RESPONSE pipeline. 
curl -X PUT \
  "https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/logging-policy/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "operationMetadata": {
      "targetScope": "ALL",
      "targetPipeline": "RESPONSE",
      "deploy": false,
      "order": 1
    },
    "policy": {
      "type": "policy-script",
      "description": "Response logging",
      "active": true,
      "scriptLanguage": "GROOVY",
      "scriptBody": "log.info(\"Response: \" + response.statusCode)"
    }
  }'

Permissions

  • User must have API_MANAGEMENT + MANAGE permission in the project
  • If deploy: true is set in the request, user must also have API_MANAGEMENT + DEPLOY_UNDEPLOY permission

Notes and Warnings

  • Policy Name: Policy name cannot be changed. Use Delete and Add to rename a policy.
  • Policy Type: Policy type cannot be changed. Use Delete and Add to change policy type.
  • Order: If order is null, the policy keeps its existing position. If order is provided, the policy is moved to that position (1-based indexing).
  • Scope Change: You can change targetScope from ALL to ENDPOINT or vice versa. Ensure the endpoint exists if using ENDPOINT scope.
  • Pipeline Change: You can change targetPipeline (REQUEST, RESPONSE, ERROR). The policy will be moved to the new pipeline.
  • Deployment: If deploy: true, ensure environments exist and user has deployment permissions.
  • Validation: All policy-specific validations apply. See individual policy documentation for required fields.