With the Business Rule Policy, certain rules or rules are verified on the request or response message. If the message complies with the rule(s), then the action(s) defined in the business rule will be applied.

The picture below shows the policy settings:


The policy fields are shown in the table below.

Field

Description

NameThe name can be written to facilitate the use and management of the policy. You will need this name during the management and selection of policies.
DescriptionAn optional description of the policy that may be useful for usage and management activities.
Action List

Rules that can be applied by Apinizer are added to the messages sent to or returned to Apinizer, and they are listed.  


Action Creation

When an action is wanted to be added to the Policy by pressing the Add button, the user will see a screen like the image below:

 


As seen in this image, 4 types of actions can be selected:

  • Add: A value that is not in the header, parameter or body of the request/response is added.
  • Modify: The value of an existing field in the header, parameter or body of the request/response is changed.
  • Delete: The value of an existing field or the entire field is deleted in the header, parameter or body of the request/response.
  • Stop: By interrupting the flow of the request/response, it is prevented from proceeding to the next step and the client is informed that the flow has been stopped.

Add Action

It is used to add a value to the header, parameter or body of the message.

When this action is selected, it is assumed that there is no value to be added in the message.

Where to add the value is determined by the Injection Target variable.

The type of this variable;

  • If the header is the header of the message, the "Header Name" in the variable is added.
  • If it is a parameter, "Parameter Name" in the variable is added to the parameter of the message.
  • Message Body is the newly opened "Element Name" on the screen, from the body of the message to the path specified in the variable.

When the injection target variable is selected, it should be entered from where the value of the added field should be obtained, for this the source type of the target value is determined:


The source type of the target value can be given in the rule or it can be taken from another part of the message with a variable.

To give the value in the rule, the Specify the Value statement is selected and the relevant value is entered as text in the resulting field.

To give the value with a variable, Use a Variable is selected and the relevant variable is selected.


The difference here is when you want to add a value to the message.

For instance, in the example in the image below, the first element of the SOAP XML Message is targeted as the Injection Target variable.


In the above example, when the action runs, an XML element named "userid" will be created as the first element of the SOAP XML Message, and its value will come from the value of the "username" header in the message's header.

Here, whether the message will be processed as XML or JSON is decided according to the "Body Type" value in the "Injection Target" variable.

Modify Action

It is used to change the value in the header, parameter or body of the message.

When this action is selected, it is assumed that the value to be added in the message is included, if it is not found, the policy will fail. This should be noted in the conditional part of the rule.


A variable is selected to change the value in any part of the message.

Then, the data type of the value of this variable is specified.


Depending on the selected data type, the next actions will vary.


The data type and operations of these data types can be:

Data TypeOperatorDescription
Numeric




Add

It changes the value to be changed by adding the target value.

SubtractChanges the target value by deleting it from the value to be changed.
Multiply byMultiplies the target value with the value to be changed.
Divide byIt changes the value to be changed by dividing the target value.
ModChanges the mode of the value to be changed according to the target value.
PowerIt changes the value to be changed by taking the exponent of the target value.
String










Concat

Combines the target value to the end of the value to be changed.

Decode Base64Replaces the value to be changed by subjecting it to Base64 decryption.
Encode Base64It changes the value to be changed by subjecting it to Base64 encryption.

Extract JWT Header Claim

The target value is parsed as a JWT, and the header value from the JWT header is retrieved. If the entered value starts with $., the JsonPath value on the header JSON is obtained for reading the specified value; otherwise, the claim value in the header is retrieved
Extract JWT Body ClaimThe target value is parsed as a JWT, and the value from the JWT body is retrieved. If the entered value starts with $., the JsonPath value on the header JSON is obtained for reading the specified value; otherwise, the claim value in the header is retrieved
FormatIt masks the value with the properties specified in the javax.swing.text.MaskFormatter class.
InsertChanges the target value by typing from the specified text index of the value to be changed.
MaskChanges the value to be changed by masking all or the range specified by text indices.
Replace FirstReplaces the first match of the specified replacement data in the value to be replaced with the target value.
Replace Replaces all matches of the specified replacement data in the value to be replaced with the target value.
Replace WithIt completely replaces the value to be changed with the target value.
SubstringIt replaces the fields outside the specified text indexes of the value to be changed by deleting them.
TransformIt changes the value to be changed by subjecting it to XSLT, JOLT, XML to JSON or JSON to XML processing.
TrimRemoves leading and trailing spaces from the value to be changed.

URL Decode 

It decodes the value to be changed using URL decoding before making the replacement.
URL EncodeIt encodes the value to be changed using URL decoding before making the replacement.
Date/TrimAddAdds the specified time unit and amount to the value to be changed.
SubtractDeletes the specified time unit and amount to the value to be changed.

Delete Action

It is used to delete the value in the header, parameter or body of the message.

When this action is selected, it is assumed that the value to be deleted is included in the message, if it is not found, the policy does not give an error, and other operations are continued.

The part of the message to be deleted is specified with the variable.


Stop Action

When this action type is selected, the flow of the message is interrupted and it is prevented from proceeding to the next step, and the client is informed that the flow has been stopped.

You can visit the Policies page for the details of the Conditions and Error Message Customization panels.