Verifying API Key Policy

Adding Verify API Key Policy

To add a Verify API Key Policy, please perform the following actions in the API Management Dashboard:

1. Click the API Projects prompt.
   
    
   Figure 1: API Projects prompt in API Dashboard
    
2. Double-click the project to which the policy is to be added.
3. Go to the Policies  tab and click the Add  icon to add a new policy.
4. In the dialog box, select the Create a Policy option, add a policy ID and select the type of policy to be added (Eg: Security > Verify API Key) from the drop-down menu and click OK.
5. Select the Policy ID and environment to navigate to the respective Policy Configuration page.

6. Configure the Key Source as needed by clicking the Edit  icon

   Create a sample Verify API Key policy (refer to the Adding Verify API Key Policy section above) with the following configuration in Key Source:

   • Type: PARAMETER
   • Name: apiKey
   • Default value: Provide a preferred value.
7. Click Save to add the policy.

After the policy is created, attach the policy to the project by performing the following actions under the same page:

1. Go to the Resources  tab.
2. Edit the DefaultResource which is already present or add a new resource.
3. Click the resource, expand the Policy Configuration section and click the Add  icon in the Proxy Request part to attach the policy to the proxy request endpoint.
4. Click the Save  icon to attach the policy to the project.

The project can now be deployed with the Verify Key Policy attached to the project.

Testing the Policy

To test the policy, perform the following actions:

Pass the consumer Key received from the Subscribed Products section (Refer to the Generating API Key section) to the API proxy access URL on the gateway server as a parameter in the following format:

If the Consumer Key is correct, the request will succeed, and if not correct, Authentication Failure code will be displayed.