Securing and Governing Flex Gateway APIs
Policies enforce rules when Flex Gateway processes requests, enabling you to secure and govern your Flex Gateway APIs.
MuleSoft provides policies that you can apply to your APIs via Anypoint Platform (Connected Mode) or declarative configuration files (Local Mode). The provided policies include rate limiting, caching, authentication, authorization, threat protection, monitoring, and logging. For more information about MuleSoft-provided policies, see the Included Policies Directory.
To extend existing functionality or define new functionality, create custom policies based on your specific business requirements and apply them to APIs. For information about creating custom policies, see Custom Policies.
Automated policies enable your API instance to comply with common security and logging requirements by automatically applying the same set of policies to all APIs running in Flex Gateway. See Automated Policies for more information.
To apply a policy in Connected Mode, see Securing and Governing APIs in Connected Mode.
To apply a policy in Local Mode, see Securing and Governing APIs in Local Mode.
For information about policy reordering, see Ordering Policies.
For information about DataWeave support, see DataWeave Support in Flex Gateway Policies.