With the Script Policy, header, parameter, body and error message contents in the messages can be processed with the selected script language.

The original version of the incoming request message (Client to API Proxy) and the original version of the returned response message (Backend API to API Proxy) cannot be changed, only reading can be made on this data. Both reading and modification can be done on the request to be sent to the Backend API (API Proxy to Backend API) and the response that will be returned to the client (API Proxy to Client).

The read and change operations to be made include the header, parameter and body parts of the message. Various keywords are used to access these fields on the script. These keywords vary according to the region to be accessed.

If we want to formulate keywords, we can express them as follows:

  • To access headers → <request|response>HeaderMap<From|To><Client|TargetAPI>
  • To access URL parameters → <request>UrlParamMap<From|To><Client|TargetAPI>
  • To access body → <request|response>BodyText<From|To><Client|TargetAPI>
  • To terminate the policy and return a customized error message → <request|response>ErrorMessage<From|To><Client|TargetAPI>
  • To change status codes→statusCode<From|To><Client|TargetAPI>

There are also some other specific keywords, which are:

  • requestUrlFromClient: Holds the URL which client sent request to
  • requestBackendUrlToTargetAPI: If user wants to change Backend URL of request, this field can be used
  • customVariableMap: Custom variables can be created specifically for API Proxy's business logic, and these variables can be read and written on the request and response lines. In the business rule policy, its value can be also used via the keyword added to this map.
  • contextValues: Context Values of Message can be used to read the data that Apinizer keeps specific for each request. Only reading can be done on these values.

For example;

  • When the request from the client reaches Apinizer, that is, if it is want to access the body content of the original request, change the requestBodyTextFromClient variable,
  • If you want to access the headers of Apinizer when transmitting the incoming request to the Backend API, set the requestHeaderMapToTargetAPI variable,
  • If you want to access the headers of the response from the Backend API when it is sent to Apinizer, set the responseHeaderMapFromTargetAPI variable,
  • You can use the variable responseBodyTextToClient to access the body of the response that Apinizer returns to the client.

Variables in message regions

The variables that affect the policy added to the request line are shown in the table below:

Client → ApinizerData TypeOperationApinizer → Backend ApiData TypeOperation
HeaderrequestHeaderMapFromClientMap<String, String>ReadingrequestHeaderMapToTargetAPIMap<String, String>

Reading, Writing

ParameterrequestUrlParamMapFromClientMap<String, String>ReadingrequestUrlParamMapToTargetAPIMap<String, String>

Reading, Writing


Reading, Writing

Error Message---requestErrorMessageToTargetAPIStringWriting
Status Code---statusCodeToTargetAPIIntegerWriting
Message InformationcontextValuesStringReadingcontextValuesStringReading
Custom VariablecustomVariableMap

Map<String, String>

Reading, Writing


Map<String, String>

Reading, Writing

The variables that affect the policy added to the response line are shown in the table below:

Backend Api → ApinizerData TypeOperationApinizer → ClientData TypeOperation
BodyresponseHeaderMapFromTargetAPIMap<String, String>ReadingresponseHeaderMapToClientMap<String, String>

Reading, Writing


Reading, Writing

Error Message---responseErrorMessageToClientStringYazma
Status CodestatusCodeFromTargetAPIIntegerReadingstatusCodeToClientIntegerWriting
Message InformationcontextValuesStringReadingcontextValuesStringReading
Custom VariablecustomVariableMap

Map<String, String>

Reading, Writing


Map<String, String>

Reading, Writing

The Script Policy added to the request line cannot access variables in the response line.

The Script Policy added to the response Line can only read the variables in the request Line.

When one of the error message variables (requestErrorMessageToTargetAPI, responseErrorMessageToClient) is defined, the flow is interrupted.

That is, the request/response message is blocked.

When the request is blocked, instead of the Error Message Template, whatever is written to the value of this variable is returned to the client as an error message.

Multi-value case of Header or Parameter fields

It can be multiple when assigning values to Header or Parameter information.

Due to backward compatibility restriction in Apinizer Script policy, if this key value is plural, it can be parsed with # while reading. If it is single, it should be treated as a normal string.

Suppose the following request is made for reading and writing operations on this data type.

Header contains multiple values

// reading from header map
String headerVal = requestHeaderMapToTargetAPI.get("multipleHeaderTest");
String[] headerArr = headerVal.split("#");

for (String val:headerArr) {
	// do some stuff with multiple values of "multipleHeaderTest""

headerVal = requestHeaderMapToTargetAPI.get("oneHeaderTest");
// do some stuff with single value of "oneHeaderTest"

// adding a new header "value" to existing one 
headerVal = headerVal + "#newHeaderScriptVal";
requestHeaderMapToTargetAPI.put("multipleHeaderTest", headerVal);

Parameter contains multiple values

// reading from param map
String paramVal = requestUrlParamMapToTargetAPI.get("multipleParamTest[]");
String[] paramArr = paramVal.split("#");

for (String val : paramArr) {
  	// do some stuff with multiple values of "multipleParamTest""

paramVal = requestUrlParamMapToTargetAPI.get("oneParamTest");
// do some stuff with single value of "oneParamTest"

// adding a new param "value" to existing one 
paramVal = requestUrlParamMapToTargetAPI.get("multipleParamTest[]") + "#newParamScriptVal";
requestUrlParamMapToTargetAPI.put("multipleParamTest[]", paramVal);

The picture below shows the policy settings:

The policy fields are shown in the table below.

DescriptionAn optional description of the policy that may be useful for usage and management activities.
Script LanguageThe type of script that will be written to the body; Javascript, Groovy
Script Body

Script code is written to operate on the request or response line.

It can be added to the body area by clicking on the links of the variables given according to the regions of the message.

Try it

The script to be run is tested. Trial operation is done on a dialog.

Testing the Script

Script can be tested with the Try it button at the bottom of the configuration area.

The image of the dialog containing the Script Test settings is given below:

Only the changes in the Target field are shown in the Result section.

If the script language is Groovy;

These make the process of the message processing very easy.

You can visit the Policies page for the details of the Conditions and Error Message Customization panels.