Traits & policies concepts of RAML/OAS based APIs
If your API exposes a RAML or OAS definition that users might need to reference, then the API definition should reliably detail every element that is expected in calls to your API.
For example when applying a client ID-based policies implies that all requests coming to your API include a client ID and client Secret (by default expected as query parameters). To prevent user requests from being rejected, create a trait in the RAML root and then reference this trait in every operation of your API. The trait might look like this:
traits: - client-id-required: queryParameters: client_id: type: string client_secret: type: string
And then you can apply this trait in each individual operation like this:
/products: get: is: [client-id-required] description: Gets a list of all the inventory products.
Click Policies on the API dashboard.
In the list of policies, the RAML snippet link contains the RAML trait or OAS components you need to add to the API specification.
Click API Specification Snippet.
Select the API type to match your specification:
RAML 0.8 or RAML 1.0 to match the API RAML version.
Or OAS 2.0 to match the API OAS version.
OAS Snippets are not displayed for all policy versions.
See the table below to see the policies and the versions that display their OAS snippets:
Rate limiting - SLA based
OAuth 2.0 access token enforcement using Mule OAuth provider
OpenAM access token enforcement
OpenId Connect access token enforcement
PingFederate access token enforcement
Client ID enforcement
Edit the API to add the code.
Redeploy the API.