Adding Verify API Key Policy
To add a Verify API Key Policy, please perform the following actions in the API Management Dashboard:
- Click the API Projects prompt.
Figure 1: API Projects prompt in API Dashboard
- Double-click the project to which the policy is to be added.
- Select the Policies tab and click the Add button to add a new policy.
- In the Add New Policy pop-up, add a policy ID and select the type of policy to be added (Eg: Security > Verify API Key) from the Policy drop-down and click OK.
- Select the Policy ID to navigate to the respective Policy Configuration page.
- Configure the Key Source as needed by clicking the Edit button and then click Save to add the policy.
After the policy is created, attach this policy to the project by performing the following actions under the same page:
- Go to the Resources tab.
- You may edit the DefaultResource which is already present here or you may add a new resource. Click the resource to open the resource editor and then attach this policy to the proxy request endpoint.
- Click Save to attach the policy to the project.
Now you can deploy the project with the Verify Key Policy attached to the project.
Testing the policy
To test this policy, perform the following actions:
- Create a sample Verify API Key policy (referring to Adding Verify API Key Policy section above) with the following configuration in Key Source:
- Type: PARAMETER
- Name: APIKey
- Default value: Provide a value of your choice.
- Create Client Subscription by following the steps mentioned in Adding Products, Clients and Client Subscriptions section, and deploy the project.
- From the Client Subscriptions listing (API Products section under Client Subscription Configuration), get the Consumer Key.
Pass this value to the API proxy access URL on the gateway server as a parameter in the following format:
If the Consumer Key is correct, the request should succeed, else an Authentication failure code will be displayed.