| Browse by Topic | Browsing by Type | Request a Recipe | Report a broken link |
| Scenarios | Description | Usecase |
|---|---|---|
| Basic authentication to target endpoint | Sample showcasing the generation of basic authentication header values for authentication with target endpoint. Edit the setcredential policy to provide the credentials to be used to connect to the target endpoint | Authentication |
| SAML 2.0 browser profile based authentication to target endpoint | Sample showcasing the handling of SAML 2.0 browser profile based authentication to the target endpoing using JavaScript policy | Authentication |
| Basic authentication for user credentials, SAML 2.0 Browser Profile Authentication for Target Endpoint | Sample showcasing the enablement of an API proxy with basic authentication. The user name and password is passed in the HTTP header. Authorization is then used to trigger the SAML 2.0 browser profile flow to the target endpoint. | Authentication |
| Cross-Origin Resource Sharing (CORS) | Sample showcasing the handling of a response with a CORS header. This is helpful in scenarios where the targer server doesn't support sending CORS headers. | Cross Origin Resource Sharing |
| Quota | Sample showcasing the control the flow of traffic from the client to the target servers using Quota polices. It contains samples to limit the no of calls allowed per developer and also showcases quota violation handling using a HTTP 429 status as per the RFC | Traffic Management |
| Spike Arrest | Sample showcasing the throttling of the number of incoming request processed by the API proxy. | Traffic Management |
| SQL Threat Protection | Sample showcasing the detection of SQL threats in a query parameters and error handling via HTTP 403 Forbidden response. | Security |
| Url Masking | Sample showcasing the masking/rewriting of the target system host, basepath and replacing it with the proxy endpoint host and base path. | Security |
| Verify API Key | Sample showcasing the enforcement and verification of API key based access to the API Proxy. Sample contains examples to pass the API key either as header parameter or as query parameter. | Authentication |
How to consume a Policy Template?
| Policy Template | Description | Usecase |
|---|---|---|
| API Management debugging and traceability | Assists in API proxy execution performance assessment | Debugging and Tracing |
| CORS | Supports your API to be consumed by the application where CORS support is not available | Cross Origin Resource Sharing |
| Connect to SAP Cloud Foundry services | Helps to manage mircoservices running in cloud foundry using SAP Cloud Platform API Management | Consume APIs of an Applications or Platform |
| Connect to SAP Cloud Platform services | Helps in consuming APIs hosted on SAP Cloud Platform and protected by Cloud Platform OAuth | Consume APIs of an Applications or Platform |
| Connect to SAP Concur | Facilitates easy consumption of Concur APIs protected by OAuth | Consume APIs of an Applications or Platform |
| Connect to SAP SuccessFactors | Helps to consume SAP SuccessFactors APIs protected by OAuth | Consume APIs of an Applications or Platform |
| JSON Threat Protection | Assists you in securing your APIs from JSON threats for APIs managed by API Management | Security |
| Metadata Cache for Odata APIs | Helps to improve performance of Odata API Proxies by caching metadata across invocations | Caching |
| Principal propagation via SAML | Assists you in SAML User propagation from the application to back-end system via SAP API Management | Authentication |
| Quota With 429 Status Code | Helps to set quota and 429 status message | Traffic Management |
| SQL Threat Protection | Assists you in securing your APIs from SQL threat for APIs managed by API Management | Security |
| URL Masking | Assists in protecting backend system for APIs managed by API Management | Security |
| Verify APIKey | Assists you in protecting APIs by Verifying the API Key | Authentication |
| XML Threat Protection | Protects APIs from XML threats for APIs managed by API Management | Security |