Skip to main content

Overview

In Apinizer, dynamic variables can be used in many string fields such as policy settings, connection configurations, and routing addresses. This allows you to define values that change based on environment, request, or runtime instead of using fixed values. There are two types of dynamic variables:

Environment Variable — ${key}

Environment variables are resolved at deploy time. They can have different values for environments such as development, test, and production.

Context Variable — #{key}

Context variables are resolved on each request. They contain system data such as request information, date/time, or custom values assigned via script.

Two Variable Types

FeatureEnvironment Variable (${key})Context Variable (#{key})
Format${variableName}#{variableName}
Resolution TimeAt deploy timeOn each request
Value SourceDefined in Environment Variable management screenAuto-generated by system or assigned via script
Environment DependentYes — different values for dev, test, prodNo — per-request
Definition RequirementRequires definition in Environment Variable screenSystem variables: not required. Global variables: requires Custom Variable definition
Typical UsageHost names, base URLs, ports, connection detailsUser information, request details, date/time, error details
MutabilityFixed after deploymentCan vary on each request

Environment Variable (${key})

Environment Variables allow you to use different values across environments (development, test, production). They are resolved at deploy time and remain fixed during runtime. Example: ${api.hostname}localhost:8080 in development, api.example.com in production
For detailed information about Environment Variable definition and management, see the Environment Variable page. For CRUD operations and usage scenarios, see the Environment Variable Management page.

Context Variable (#{key})

Context Variables are resolved on each request and consist of two subcategories: 1. System Context Variables — Auto-generated, no definition required:
  • #{context.request.httpMethod}, #{context.request.uri}, #{context.request.remoteAddress}
  • #{context.system.year}, #{context.system.dateTime}
  • #{context.message.correlationId}
  • #{context.apiProxy.name}, #{context.apiProxy.id}
  • #{context.credential.clientId}, #{context.credential.username}
  • #{error.defaultErrorCode}, #{error.defaultMessage}
2. Global Variables — Created via script, requires Custom Variable definition:
  • #{userId}, #{tenantId}, #{customValue}
  • Values are assigned using customVariableMap.put("key", "value") in Script policy
For detailed information about variable definitions, see the Variables page.

Mixed Usage

Both types can be used together: 
https://${api.hostname}/v1/users/#{userId}
${api.hostname} is resolved at deploy time (e.g., api.example.com), while #{userId} gets a different value on each request.

Supported Fields

Dynamic variables can be used in nearly all string fields in policy and connection settings.

Policies

PolicySupported FieldsVariable Types
REST API CallURL, header, parameter, body${key} and #{key}
OIDCToken endpoint, introspection endpoint, resource endpoint, form parameters${key} and #{key}
JOSE Validation / ImplementationDynamic key HTTP endpoint${key} and #{key}
Authentication APIURL, header, parameter${key} and #{key}
Message BuilderTemplate, header, form fields${key} and #{key}
RedactionKey-value list${key} and #{key}
Other policiesText (string) input fields${key} and #{key}
Script policy is not included in this table. The #{key} placeholder mechanism is not used in Script policy because variables are already accessed directly via the customVariableMap object and bindings such as request_httpMethod, dateTime_year. See Script Format Difference for details.

Connections

Connection TypeSupported Fields
Database ConnectionHost, port, username, password, connection string
LDAP ConnectionURL, base DN, username, password
Email ConnectionHost, port, username

Other Fields

FieldSupported Types
Routing Address${key} and #{key}
JSON Error Response Template#{key} (including error variables)
XML Error Response Template#{key} (including error variables)
Identity Provider (DB, LDAP, API)${key} and #{key}
IP Group${key} and #{key}
Credential${key} and #{key}
In connection settings (Database, LDAP, Email), ${key} (Environment Variable) is typically used because these values are environment-specific and should be resolved at deploy time. #{key} (Context Variable) is resolved at request time and is more commonly used in policy settings and routing addresses.

Variable Selection in UI

In policy and connection edit screens, a “Variable” button is available in the breadcrumb area. Clicking this button opens a menu providing access to two dialogs:

Environment Variable Dialog

When “Environment Variable” is selected from the menu, the dialog lists all defined environment variables:
  • Global Variables — Variables valid across all environments
  • Environment-Specific Variables — Variables defined for specific environments
Clicking a variable copies it to the clipboard in ${variableName} format, ready to be pasted into the relevant field.

Context Variable Dialog

When “Context Variable” is selected from the menu, the dialog lists all available context variables organized by category:
  • Error Variables — Error information
  • Request Variables — Request information
  • Message Variables — Message information
  • API Variables — API Proxy information
  • Credential Variables — Authenticated credential information
  • DateTime Variables — Date/time information
Clicking a variable copies it to the clipboard in #{variableName} format.
Both dialogs are independent. You can use both ${key} and #{key} in the same field.

Context Variable Reference

Request

FormatDescriptionExample Value
#{context.request.httpMethod}HTTP methodGET, POST
#{context.request.uri}Request URI/api/users/123
#{context.request.contentType}Content typeapplication/json
#{context.request.remoteAddress}Client IP address192.168.1.100
#{context.request.queryString}Query parameters?id=123
#{context.request.pathInfo}Path information/api/users
#{context.request.contextPath}Context path/apinizer

DateTime

All context.system.* date/time variables return UTC values. To get time in a specific timezone, use dtf.format('+03:00') inside a JEXL expression in the Message Builder policy.
FormatDescriptionExample Value
#{context.system.year}Year2026
#{context.system.month}Month (1-12)2
#{context.system.dayOfMonth}Day (1-31)4
#{context.system.dayOfWeek}Day of week (1=Monday, 7=Sunday)3
#{context.system.hour}Hour (0-23)14
#{context.system.minute}Minute (0-59)30
#{context.system.second}Second (0-59)45
#{context.system.epochMillis}Unix timestamp (milliseconds)1707058245000
#{context.system.dateTime}Formatted date/time (UTC)2026-02-04T14:30:45.000Z
#{context.system.date}Formatted date2026-02-04
#{context.system.time}Formatted time14:30:45

Message

FormatDescriptionExample Value
#{context.message.correlationId}Unique request IDabc123-def456-ghi789
Custom message variables defined on API Proxy or Proxy Group are also displayed in this category.

API

FormatDescriptionExample Value
#{context.apiProxy.id}API Proxy IDapi-proxy-123
#{context.apiProxy.name}API Proxy nameUser Management API

Credential

FormatDescriptionExample Value
#{context.credential.clientId}Authenticated credential key/usernamemy-app-key
#{context.credential.username}Credential usernameadmin
#{context.credential.email}Credential emailadmin@example.com
#{context.credential.fullName}Credential full nameJohn Doe

Error

FormatDescriptionExample Value
#{error.customizedErrorCode}Customized error codeCUSTOM_001
#{error.customizedHttpCode}Customized HTTP code400
#{error.customizedMessage}Customized messagePlease try again
#{error.defaultErrorCode}Default error codeDEFAULT_001
#{error.defaultMessage}Default messageAn error occurred
#{error.defaultHttpCode}Default HTTP code500

Script Format Difference

Context variables use a different format inside Script policy. The dot (.) separator used at runtime is replaced with underscore (_) in scripts:
Runtime FormatScript Format
#{context.request.httpMethod}request_httpMethod
#{context.system.year}dateTime_year
#{context.message.correlationId}message_correlationId
#{context.apiProxy.name}apiProxy_name
#{error.defaultErrorCode}error_defaultErrorCode
// Using context variables inside script
String method = request_httpMethod
String year = dateTime_year
String correlationId = message_correlationId

Global Variable Usage

Global variables are created through Custom Variable definitions and assigned values via script. They are used for data transfer between policies.
1

Create Variable Definition

Go to Project > Variables and create a new definition with Custom Variable type.
2

Assign Value via Script

In Script policy, assign a value using customVariableMap.put("variableName", "value").
3

Use the Variable

Use #{variableName} format in other policies and settings.
Script Example: 
// Extract user information from request body
if (bodyTextFC != null && !bodyTextFC.isEmpty()) {
    def jsonBody = new groovy.json.JsonSlurper().parseText(bodyTextFC)
    if (jsonBody.userId) {
        customVariableMap.put("userId", jsonBody.userId.toString())
    }
}

// Get value from header
String token = headerMapFC.get("X-Custom-Token")
if (token != null) {
    customVariableMap.put("customToken", token)
}
Global variables are available only after the script policy executes. The policy that uses the variable must run after the script policy that assigns the value (policy order matters).

Usage Examples

Error Response Template

{
  "error": {
    "code": "#{error.defaultErrorCode}",
    "message": "#{error.defaultMessage}",
    "requestId": "#{context.message.correlationId}",
    "timestamp": "#{context.system.epochMillis}"
  }
}

Dynamic Routing

https://${api.hostname}/v1/#{tenantId}/users/#{context.request.pathInfo}
${api.hostname} is resolved at deploy time, while #{tenantId} and #{context.request.pathInfo} are resolved on each request.

Response Header Addition

X-Request-ID: #{context.message.correlationId}
X-API-Name: #{context.apiProxy.name}
X-Processed-At: #{context.system.dateTime}

Behavior Rules

  • Missing #{key} values are replaced with empty string (""); no exception is thrown, a warning-level log is written
  • Missing ${key} values cannot be resolved and remain as-is
  • In Script policy, the custom variable map is accessed directly, so the #{...} placeholder mechanism is not used there
  • Variable names are case-insensitive

Next Steps

Environment Variable

Learn about environment variables in detail

Variables

Learn about variable definitions

Script Policy

Variable usage in Script policy

Environment Variable Management

Environment Variable CRUD operations