To add a Verify API Key Policy, please perform the following actions in the API Management Dashboard:
Click the API Projects prompt.
Figure 1: API Projects prompt in API Dashboard
Double-click the project to which the policy is to be added.
Select the Policies tab and click the Addbutton to add a new policy.
In the Add New Policy pop-up window, add a policy ID and select the type of policy to be added (Eg: Security > Verify API Key) from the Policy drop-down menu and click OK.
Select the Policy ID to navigate to the respective Policy Configuration page.
Configure the Key Source as needed by clicking the Edit button and then click Save to add the policy.
After the policy is created, attach the policy to the project by performing the following actions under the same page:
Go to the Resources tab.
Edit the DefaultResource which is already present or add a new resource. Click the resource to open the resource editor and then attach the policy to the proxy request endpoint.
Click Save to attach the policy to the project.
The project can now be deployed with the Verify Key Policy attached to the project.
Testing the Policy
To test the policy, perform the following actions:
Create a sample Verify API Key policy (refer to the Adding Verify API Key Policy section above) with the following configuration in Key Source:
Type: PARAMETER
Name: apiKey
Default value: Provide a preferred value.
Create Client Subscription by following the steps mentioned in the Adding Products, Clients and Client Subscriptions section, and deploy the project.
From the Client Subscriptions listing (API Products section under Client Subscription Configuration), get the Consumer Key.
Pass this value to the API proxy access URL on the gateway server as a parameter in the following format:
