Python Script policy
The Python Script policy lets you add customized Python functionality to your API proxy flow, especially when the functionality you need is beyond what the Edge out-of-the-box policies provide.
This policy can be attached in the following locations, but see the notes following the table for specific guidance.
Python Script policy
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <Script name="Python-1"> <DisplayName>Python-1</DisplayName> <ResourceURL>py://myscript.py</ResourceURL> </Script>
In this example, the element, ResourceURL specifies the relevant Python script resource.
This shows what you might include in the Python script itself.
import base64 username = flow.getVariable("request.formparam.client_id") password = flow.getVariable("request.formparam.client_secret") base64string = base64.encodestring('%s:%s' % (username, password))[:-1] authorization = "Basic "+base64string flow.setVariable("authorizationParam",authorization)
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <Script name="Python-1"> <DisplayName>Python-1</DisplayName> <ResourceURL>py://myscript.py</ResourceURL> <IncludeURL>py://myscript_dependency.py</IncludeURL> </Script>
The following attributes are common to all policy parent elements.
The internal name of the policy. Characters you can use in the name are restricted to:
Optionally, use the
This attribute is deprecated.
Use in addition to the
name attribute to label the policy in the management UI proxy editor with a different, natural-language name.
<DisplayName>Policy Display Name</DisplayName>
If you omit this element, the value of the policy's
This element specifies the main Python file that will execute in the API flow. You can store this file at the API proxy scope (under
Specifies a Python file to be loaded as dependency to the main Python file specified with the
<ResourceURL> element. The scripts will be evaluated in the order in which they are listed in the policy.
Include more than one Python dependency resource with additional
If your Python files are stored at the organization or environment level, be sure they were uploaded correctly with cURL using the
-F option or as a file attachment through a REST client. Content-Type is
multipart/form-data. For more information, see Resource files.
A Python policy contains no actual code. Instead, a Python policy references a Python 'resource' and defines the Step in the API flow where the Python script executes. You can upload your script through the Management UI proxy editor, or you can include it in the
/resources/py directory in API proxies that you develop locally.
System calls, for example network I/O, filesystem read/writes, current user info, process list, and CPU/memory utilization are not permitted by the security model. Although some such calls may be functional, they are unsupported and liable to be actively disabled at any time. For forward compatibility, you should avoid making such calls in your Python scripts.
No error codes are specified for the Python Script policy.
For working samples of API proxies, see the Samples reference.
Help or comments?
- If something's not working: Ask the Apigee Community or see Apigee Support.
- If something's wrong with the docs: Send Docs Feedback
(Incorrect? Unclear? Broken link? Typo?)