Skip to main content

Common and Conditional Policies

Data Equity Studio supports two types of policies to control API behavior: common policies and conditional policies.

Common Policies

  • Definition: Common policies are applied globally to all API requests, regardless of the HTTP method or other conditions.
  • Usage: They provide a baseline set of rules (e.g., rate limiting, CORS settings, basic authentication) that affect every request uniformly.

Conditional Policies

  • Definition: Conditional policies allow you to specify rules that are only applied under certain conditions, such as based on the HTTP verb (e.g., GET, POST, PUT, DELETE).
  • Usage: They enable you to tailor responses or behavior for specific request types. For example, you might want different rate limits or authentication rules for GET requests compared to POST requests.

Policy Conflict Resolution

  • Priority: When both common and conditional policies are defined, conditional policies take priority. This means if there is any conflict between a global (common) rule and a conditional rule, the conditional rule will override the common policy.
  • Example: If a common policy sets a rate limit of 100 requests per hour for all methods, but a conditional policy specifies a rate limit of 50 requests per hour for POST requests, the POST requests will adhere to the 50 requests per hour limit.

Benefits of Using Conditional Policies

  • Flexibility: Customize API behavior based on the type of request, allowing for more granular control.
  • Optimized Responses: Provide different responses or processing logic for different HTTP verbs. For instance, a GET request may return a detailed data set, while a POST request might return a simple confirmation message.
  • Enhanced Security and Performance: Apply stricter security or throttling rules where necessary without affecting the overall API performance for other methods.

By leveraging both common and conditional policies, you can ensure that your API behaves in a nuanced and controlled manner, delivering the appropriate responses based on the HTTP verb used in the request.

Steps

  • Ensure that the necessary verbs are added in the design Docs Version Dropdown
  • Add additional swinlanes by copying the existing ones and modifying it. Docs Version Dropdown
  • Click on the conditional policy and edit the Condition. The only allowed conditional key is PATH.METHOD. The value can be any HTTP verb added in the design tab
  • Deploy and test Docs Version Dropdown Docs Version Dropdown