API policy configuration

Configure an API security policy

1Expand the Policies area and click Security.
The Authentication panel appears.
2Select one of the following options:
• - None. Select an authentication at the time of creating a managed API.
• - Use existing. Assign an existing security policy to the API.
• - Create new. Select one or more authentication methods to create a new security policy for the API. You can't use anonymous authentication with any other authentication method.
3Optionally, in the Notes field, enter a description of the policy.
4Click Save.

Configure an API privacy policy

1Expand the Policies area and click Privacy.
The Personally Identifiable Information (PII) panel appears.
2Select one of the following options:
• - None. Select a privacy policy at the time of creating a managed API.
• - Use existing. Assign an existing PII policy to the API.
• - Create new. Create a new policy for the API. For each type of information to protect, select the action to take for the request and the response. You can select different actions for the request and the response.
Select one of the following actions:
• ▪ No action. Don't take any action.
• ▪ Warning. Issue a warning message that there was a privacy policy leakage in the request or the response. Don't block the request or response.
• ▪ Block. Block the request or response and issue a message that the message was blocked because of a potential privacy policy breach in the request or the response.
3Optionally, in the Notes field, enter a description of the policy.
4Click Save.

Configure an API rate limit policy

1Expand the Policies area and click Privacy.
The Rate Limit panel appears.
2Select a rate limit policy from the available list.
3Optionally, enter notes.
4Click Save.