Ana içeriğe atla

General Information

Policy Type

policy-redaction

Endpoints

List Policies

GET /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/

Add Policy

POST /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/

Update Policy

PUT /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/

Delete Policy

DELETE /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/

List Policies

Endpoint

GET /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/

Request

Headers

HeaderValue
AuthorizationBearer {token}

Path Parameters

ParameterTypeRequiredDescription
projectNamestringYesProject name
apiProxyNamestringYesAPI Proxy name

Response

Success Response (200 OK)

{
  "success": true,
  "resultList": [
    {
      "apiProxy": {
        "name": "MyAPI",
        "requestPolicyList": [
          {
            "type": "policy-redaction",
            "name": "redaction-policy",
            "description": "Remove sensitive data",
            "active": true,
            "redactionDefList": [
              {
                "redactionType": "KEY_EXISTENCE",
                "keyValueVar": {
                  "type": "HEADER",
                  "headerName": "X-Sensitive-Data"
                },
                "keyValueListStr": null,
                "redactionDefDetailList": [
                  {
                    "orderNum": 1,
                    "action": {
                      "actionType": "DELETE",
                      "sourceVar": {
                        "type": "HEADER",
                        "headerName": "X-Sensitive-Data"
                      }
                    }
                  }
                ]
              }
            ]
          }
        ],
        "responsePolicyList": [],
        "errorPolicyList": []
      }
    }
  ],
  "resultCount": 1
}

cURL Example

curl -X GET \
  "https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/" \
  -H "Authorization: Bearer YOUR_TOKEN"

Add Policy

Endpoint

POST /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/

Request

Headers

HeaderValue
AuthorizationBearer {token}
Content-Typeapplication/json

Path Parameters

ParameterTypeRequiredDescription
projectNamestringYesProject name
apiProxyNamestringYesAPI Proxy name
policyNamestringYesPolicy name

Request Body

Full JSON Body Example - Key Existence Redaction
{
  "operationMetadata": {
    "targetScope": "ALL",
    "targetPipeline": "REQUEST",
    "deploy": true,
    "deployTargetEnvironmentNameList": ["production"],
    "order": 1
  },
  "policy": {
    "type": "policy-redaction",
    "description": "Remove sensitive headers",
    "active": true,
    "redactionDefList": [
      {
        "redactionType": "KEY_EXISTENCE",
        "keyValueVar": {
          "type": "HEADER",
          "headerName": "X-Credit-Card"
        },
        "keyValueListStr": null,
        "redactionDefDetailList": [
          {
            "orderNum": 1,
            "action": {
              "actionType": "DELETE",
              "sourceVar": {
                "type": "HEADER",
                "headerName": "X-Credit-Card"
              },
              "sourceDataType": "STRING",
              "operator": null
            }
          }
        ]
      }
    ]
  }
}
Full JSON Body Example - Key Value Redaction with Masking
{
  "operationMetadata": {
    "targetScope": "ALL",
    "targetPipeline": "REQUEST",
    "deploy": true,
    "deployTargetEnvironmentNameList": ["production"],
    "order": 1
  },
  "policy": {
    "type": "policy-redaction",
    "description": "Mask credit card numbers",
    "active": true,
    "redactionDefList": [
      {
        "redactionType": "KEY_VALUE",
        "keyValueVar": {
          "type": "BODY",
          "bodyJsonPath": "$.creditCard"
        },
        "keyValueListStr": "4111111111111111,5555555555554444",
        "redactionDefDetailList": [
          {
            "orderNum": 1,
            "action": {
              "actionType": "MODIFY",
              "sourceVar": {
                "type": "BODY",
                "bodyJsonPath": "$.creditCard"
              },
              "sourceDataType": "STRING",
              "operator": "MASK",
              "maskFrom": 4,
              "maskTo": 12,
              "targetValSource": "VALUE",
              "targetVal": "****-****-****"
            }
          }
        ]
      }
    ]
  }
}

Request Body Fields

operationMetadata
FieldTypeRequiredDefaultDescription
targetScopestringYes-Policy scope: ALL or ENDPOINT
targetEndpointstringNo*-Endpoint path (required if targetScope=ENDPOINT)
targetEndpointHTTPMethodstringNo*-HTTP method (required if targetScope=ENDPOINT)
targetPipelinestringYes-Pipeline: REQUEST, RESPONSE, or ERROR
deploybooleanNotrueWhether to deploy after adding policy
deployTargetEnvironmentNameListarrayNo[]List of environment names to deploy to
orderintegerNonullPolicy execution order (starts from 1)
Enum: targetScope
  • ALL - Policy applies to all endpoints
  • ENDPOINT - Policy applies only to specified endpoint
Enum: targetPipeline
  • REQUEST - Executes in request pipeline (redacts request data)
  • RESPONSE - Executes in response pipeline (redacts response data)
  • ERROR - Executes in error pipeline
Enum: targetEndpointHTTPMethod
  • GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD
policy
FieldTypeRequiredDefaultDescription
typestringYes-Policy type: policy-redaction
descriptionstringNo-Policy description
activebooleanNotrueWhether policy is active
redactionDefListarrayYes-List of redaction definitions (at least one required)
Note: redactionDefList must contain at least one redaction definition.
redactionDefList
Each redaction definition is an object with the following fields:
FieldTypeRequiredDefaultDescription
redactionTypestringYes-Redaction type: KEY_EXISTENCE, KEY_VALUE, USER, or ROLE
keyValueVarobjectNo*-Variable for key matching (required for KEY_EXISTENCE and KEY_VALUE)
keyValueListStrstringNo*-Comma-separated list of values to match (required for KEY_VALUE)
redactionDefDetailListarrayYes-List of redaction actions (at least one required)

EnumPolicyRedactionType

  • KEY_EXISTENCE - Redact if key exists (uses keyValueVar)
  • KEY_VALUE - Redact if key value matches (uses keyValueVar and keyValueListStr)
  • USER - Redact based on user context
  • ROLE - Redact based on role context

Note

  • For KEY_EXISTENCE and KEY_VALUE, keyValueVar is required.
  • For KEY_VALUE, keyValueListStr is required (comma-separated values).
  • redactionDefDetailList must contain at least one detail.
redactionDefDetailList
Each detail is an object with the following fields:
FieldTypeRequiredDefaultDescription
orderNumintegerYes-Execution order (starts from 1)
actionobjectYes-Action to perform (MODIFY or DELETE)
Note: Actions are executed in orderNum order.
action
Action object with the following fields:
FieldTypeRequiredDefaultDescription
actionTypestringYes-Action type: MODIFY or DELETE
sourceVarobjectYes-Source variable to redact
sourceVarBodyInjectionFieldNamestringNo-Body injection field name
sourceDataTypestringNo*-Source data type (required for MODIFY)
sourceTemporalFormatstringNo-Temporal format (if sourceDataType=TEMPORAL)
operatorstringNo*-Modification operator (required for MODIFY)
substringFromintegerNo-Substring start index (for SUBSTRING operator)
substringTointegerNo-Substring end index (for SUBSTRING operator)
maskFromintegerNo-Mask start index (for MASK operator)
maskTointegerNo-Mask end index (for MASK operator)
replaceSourcestringNo-Replace source pattern (for REPLACE_IN/REPLACE_WITH)
insertOffsetintegerNo-Insert offset (for INSERT operator)
temporalOperatorTimeUnitstringNo-Temporal time unit (for TEMPORAL operations)
replaceFirststringNo-Replace first pattern (for REPLACE_FIRST)
targetValSourcestringNo*-Target value source (required for MODIFY)
targetValstringNo*-Target value (required if targetValSource=VALUE)
targetVarobjectNo*-Target variable (required if targetValSource=VARIABLE)
transformationContentTypestringNo-Transformation content type
formatAllowsInvalidbooleanNofalseFormat allows invalid characters
formatValueContainsLiteralCharactersbooleanNofalseFormat value contains literal characters
formatInvalidCharactersstringNo-Format invalid characters
formatPlaceholderstringNo-Format placeholder
jsonToXmlIgnoreNullbooleanNofalseJSON to XML ignore null
jsonToXmlIgnoreEmptybooleanNofalseJSON to XML ignore empty
jsonToXmlUseNullForNilbooleanNofalseJSON to XML use null for nil
jsonToXmlUnwrapElementbooleanNofalseJSON to XML unwrap element
xmlToJsonUnwrapElementbooleanNofalseXML to JSON unwrap element
xmlToJsonIgnoreNullbooleanNofalseXML to JSON ignore null
xmlToJsonIgnoreEmptybooleanNofalseXML to JSON ignore empty
xmlToJsonNumbersAsStringsbooleanNofalseXML to JSON numbers as strings
xmlToJsonUseNullForNilbooleanNofalseXML to JSON use null for nil
xmlToJsonArrayPathListarrayNo[]XML to JSON array path list
claimJsonPathstringNo-JWT claim JSON path

EnumActionType

  • MODIFY - Modify the value (mask, replace, transform, etc.)
  • DELETE - Delete the value completely

EnumActionSourceDataType

  • STRING - String data type
  • NUMERIC - Numeric data type
  • TEMPORAL - Date/time data type

EnumActionSourceValueModificationOperator

  • Numeric operations: ADD, SUBTRACT, MULTIPLY, DIVIDE, MODULUS, POWER
  • String operations: CONCAT, REPLACE_IN, REPLACE_WITH, REPLACE_FIRST, SUBSTRING, MASK, FORMAT, TRANSFORM, INSERT, TRIM, ENCODE, DECODE, URL_ENCODE, URL_DECODE, EXTRACT_JWT_HEADER_CLAIM, EXTRACT_JWT_BODY_CLAIM
  • Temporal operations: ADD_TEMPORAL, SUBTRACT_TEMPORAL

EnumValueSource

  • VALUE - Use static value
  • VARIABLE - Extract from variable

EnumTransformationContentType

  • XSLT - XSLT transformation
  • JOLT - JOLT transformation
  • XML2JSON - XML to JSON conversion
  • JSON2XML - JSON to XML conversion

EnumTimeUnit

  • MILLISECOND, SECOND, MINUTE, HOUR, DAY, WEEK, MONTH, YEAR

Note

  • For DELETE action, only actionType and sourceVar are required.
  • For MODIFY action, sourceDataType, operator, and targetValSource are required.
  • Operator-specific fields (e.g., maskFrom, maskTo for MASK) are required based on the operator.

Response

Success Response (200 OK)

{
  "success": true,
  "deploymentResult": {
    "success": true,
    "deploymentResults": [
      {
        "environmentName": "production",
        "success": true,
        "message": "Deployment successful"
      }
    ]
  }
}

cURL Example

curl -X POST \
  "https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/redaction-policy/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "operationMetadata": {
      "targetScope": "ALL",
      "targetPipeline": "REQUEST",
      "deploy": true,
      "deployTargetEnvironmentNameList": ["production"],
      "order": 1
    },
    "policy": {
      "type": "policy-redaction",
      "description": "Remove sensitive data",
      "active": true,
      "redactionDefList": [
        {
          "redactionType": "KEY_EXISTENCE",
          "keyValueVar": {
            "type": "HEADER",
            "headerName": "X-Sensitive-Data"
          },
          "redactionDefDetailList": [
            {
              "orderNum": 1,
              "action": {
                "actionType": "DELETE",
                "sourceVar": {
                  "type": "HEADER",
                  "headerName": "X-Sensitive-Data"
                }
              }
            }
          ]
        }
      ]
    }
  }'

Update Policy

Endpoint

PUT /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/

Request

Headers

HeaderValue
AuthorizationBearer {token}
Content-Typeapplication/json

Path Parameters

ParameterTypeRequiredDescription
projectNamestringYesProject name
apiProxyNamestringYesAPI Proxy name
policyNamestringYesPolicy name

Request Body

Full JSON Body Example
{
  "operationMetadata": {
    "targetScope": "ALL",
    "targetPipeline": "REQUEST",
    "deploy": true,
    "deployTargetEnvironmentNameList": ["tester"],
    "order": 1
  },
  "policy": {
    "type": "policy-redaction",
    "description": "Updated: Remove multiple sensitive headers",
    "active": true,
    "redactionDefList": [
      {
        "redactionType": "KEY_EXISTENCE",
        "keyValueVar": {
          "type": "HEADER",
          "headerName": "X-Credit-Card"
        },
        "keyValueListStr": null,
        "redactionDefDetailList": [
          {
            "orderNum": 1,
            "action": {
              "actionType": "DELETE",
              "sourceVar": {
                "type": "HEADER",
                "headerName": "X-Credit-Card"
              },
              "sourceDataType": "STRING"
            }
          }
        ]
      },
      {
        "redactionType": "KEY_EXISTENCE",
        "keyValueVar": {
          "type": "HEADER",
          "headerName": "Authorization"
        },
        "keyValueListStr": null,
        "redactionDefDetailList": [
          {
            "orderNum": 1,
            "action": {
              "actionType": "MODIFY",
              "sourceVar": {
                "type": "HEADER",
                "headerName": "Authorization"
              },
              "targetVar": {
                "type": "HEADER",
                "headerName": "Authorization"
              },
              "sourceDataType": "STRING",
              "targetValSource": "VALUE",
              "targetValue": "[REDACTED]"
            }
          }
        ]
      }
    ]
  }
}
Note: Request body structure is the same as Add Policy. All fields should be provided for update.

Response

Success Response (200 OK)

{
  "success": true,
  "deploymentResult": {
    "success": true,
    "deploymentResults": [
      {
        "environmentName": "production",
        "success": true,
        "message": "Deployment successful"
      }
    ]
  }
}

Delete Policy

Endpoint

DELETE /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/

Request

Headers

HeaderValue
AuthorizationBearer {token}
Content-Typeapplication/json

Path Parameters

ParameterTypeRequiredDescription
projectNamestringYesProject name
apiProxyNamestringYesAPI Proxy name
policyNamestringYesPolicy name

Request Body

Full JSON Body Example
{
  "operationMetadata": {
    "targetScope": "ALL",
    "targetPipeline": "REQUEST",
    "deploy": false
  }
}

Response

Success Response (200 OK)

{
  "success": true,
  "deploymentResult": {
    "success": true,
    "deploymentResults": []
  }
}

Notes and Warnings

  • Redaction Type:
    • KEY_EXISTENCE - Redact if key exists
    • KEY_VALUE - Redact if key value matches list
    • USER - Redact based on user context
    • ROLE - Redact based on role context
  • Action Type:
    • DELETE - Completely remove the value
    • MODIFY - Modify the value (mask, replace, transform, etc.)
  • Order: Actions are executed in orderNum order within each redaction definition
  • Key Value List: For KEY_VALUE type, provide comma-separated values in keyValueListStr
  • Masking: Use MASK operator with maskFrom and maskTo to mask portions of values
  • Substring: Use SUBSTRING operator with substringFrom and substringTo to extract portions
  • Replace: Use REPLACE_IN, REPLACE_WITH, or REPLACE_FIRST to replace patterns
  • Transformation: Use TRANSFORM operator with transformationContentType for format conversion
  • Performance: Redaction adds processing overhead. Use for necessary data protection only.
  • Pipeline:
    • REQUEST pipeline redacts request data before forwarding
    • RESPONSE pipeline redacts response data before sending to client
  • Error Handling: Invalid redaction configuration may cause policy execution to fail
  • Deployment: Policy changes require deployment to take effect. Set deploy: true or deploy manually.