About Resource Level Policies

Using Mule 3.8.1 and later, you can apply one or more MuleSoft-provided policies to the resource- and method-levels of an API that meets the following conditions:

  • The API has a RAML endpoint.

  • You create the API using APIkit or a RAML proxy.

Using APIkit, you can create a RAML-based API and configure a Basic Endpoint, or you create the RAML-based API and configure the Endpoint with a Proxy in the case of an existing API.

A policy applied at a resource level affects all methods, or selected methods, within the resource.

methods resources

You need to add some code to existing custom policies to support this capability.

You can apply multiple conditions to filter your resources and methods. The URI template regex can be applied to one, many or all the methods that your API has.

Unsupported Policies

You cannot apply the following policies to resources:

  • Cross-Origin Resource Sharing

  • LDAP Security Manager

  • Simple Security Manager

Usage Scenarios

The uses for resource level policies are limited mainly by your imagination. Here are a few possibilities:

  • Applying policies to specific resources

  • Securing a subset of an API

  • Setting different limits on resources

Was this article helpful?

💙 Thanks for your feedback!

Edit on GitHub
Submit your feedback!
Share your thoughts to help us build the best documentation experience for you!
Take our latest survey!