Send Docs Feedback

Note: Most user interface tasks can be performed in Edge Classic or the New Edge experience. For an overview, getting started topics, and release notes specific to the New Edge experience, see the docs.

Policy reference overview

By exposing an API through Apigee Edge, you gain the ability to modify and monitor its behavior using out-of-the-box policies. Edge's out-of-the-box policies enable you to augment your API with sophisticated features to control traffic, enhance performance, enforce security, and increase the utility of your APIs, without requiring you to write any code or to modify any backend services. Extension policies enable you to implement custom logic in the form of JavaScript, Python, Java, and XSLT.

Following are the categories of policies that Apigee provides.

Traffic management policies Mediation policies Security policies Extension policies

Traffic management policies let you configure cache, control traffic quotas and spikes, set concurrent rate limits, and so on.

Mediation policies let you perform message transformation, parsing, and validation, as well as raise faults and alerts.

Security policies let you control access to your APIs with OAuth, API key validation, and other threat protection features.

Extension policies let you provide custom policy functionality, with support for such features as service callout, message data collection, and calling Java, JavaScript, and Python behavior you have created.

* Available only with select Edge plans
† On-premises installations only


Help or comments?