stop global level policy execution at operation level

1
votes

This is in context of Azure API Management (APIM) Azure service. New UI changes in azure has changed behaviour of policy executions I believe.

I have one policy for jwt-validate set at global level for all APIs.

Recently I had to add new API which doesn't need JWT validation but certificate authentication.

So in APIM I created new API, product and added certificate authentication policy at product level.

When I run my API then JWT policy is also firing. How can I stop it from executing in this case. I removed but it stopped global + product level policy.

I want stop execution of global policy but I want product level policy to execute.

Please advise.

2
azureazure-api-management
Have you tried removing the <base /> from the operation policy?Pieter Vandenheede

2 Answers

1
votes

This is not controlled by UI at all and wouldn't have been subject of recent updates. Policy chain is controlled with tag in policies. At operation level tag invokes API policy, at API it invokes Product, at product - global. If you remove from policy document chain will be broken and base policy invocation will not happen. So if for certain product you do not want global policy be invoked for every call - just remove from product policy.

2
votes

I had the same situation where I needed a specific API to skip a global policy that I had setup for JWT validation. The way that I made it work was by removing the <base /> tag from my API policies. Of course, this removed all of my global policies not only the JWT-validator. But this was fine for my particular case.