About Policies

The Policy Manager Workbench Policies View is the starting point for defining, configuring, and managing policies used to govern web services that are managed in Policy Manager Workbench. Polices are supported at both the Root and Sub-Organization levels.

For information about using policies in the context of the Community Manager developer portal, see Business Policies.

Table of Contents

• Overview
• Policy Functions
• Policy Categories
• QoS Policies
• Operational Policies
• Compliance Policies

Overview

Policies are defined in the Policies Object within an Organization and can also be added at the Organization level by selecting Add Policy from the Actions portlet. The Policies Object provides a platform for managing the creation and maintenance of WS-Security policies that comprise your Policy Manager deployment. In addition, a policy cannot be moved from one Organization to another.

The policy framework supports delegated administration which means that policies can be assigned at the Organization and Service Operation levels. Based on your security requirements, you can configure policies as single entities or you can define a policy group (for example, Aggregate Policy) that includes two or more policies. The Add Policy Wizard is used to create a policy. Policies can be attached to different governable entities in the Policy Manager Workbench including Organizations, Services, Endpoints, Operations, and Messages.

You can create a new version of a policy. However, only one version of a policy can be active at one time. The new version is in a Draft state until it's activated; once it's activated, it replaces the previous version in all instances where the policy is in use.

The following list represents all of the supported policy functions. The Policies Summary screen includes a set of general policy actions that are common for all policies. The Modify Policy functions provide configuration options that are unique to each policy type.

For information about using policies in the context of the Community Manager developer portal, see Business Policies.

Policy Functions

You can do the following with policies. For more information, see Managing Policies.

• View Policies Summary
• Add Policy
• View Policy Details
• View Policy Overview
• Attach Policy
• Modify Policy Information
• Make a New Policy Version
• Change Organization
• Copy Policy
• Delete Policy
• Export Policy
• View Policy References
• Use Regular Expressions in Policies
• Use JSONPath in Policies
• Use XPath in Policies

Policy Categories

There are three policy categories:

• QoS Policies
• Operational Policies
• Compliance Policies

QoS Policies

Quality of Service policies allow you to define metrics of requirements for ensuring service availability, performance, integrity, and reliability.

The platform supports the following Quality of Service policies:

• Bandwidth Quota Policy
• Concurrency Quota Policy
• Script Policy
• Service Level Enforcement Policy
• Service Level Policy
• Throughput Quota Policy
• Timeout Policy

For more information, see About QoS Policies.

Operational Policies

The platform supports the following operational policies:

• Aggregate Policy
• Anti Virus Policy
• API Consumer Application Security Policy (Community Manager policy)
• API User Security Policy (Community Manager policy)
• Auditing Message Policy
• Auditing Service Policy
• Authentication Policy
• Authorization Policy
• Basic Auditing Policy
• CORS Policy
• Cross-Site Scripting Detection Policy
• Detailed Auditing Policy
• HTTP Caching Policy
• HTTP Headers Injection Policy (2019.1.17 and later)
• HTTP Malicious Pattern Detection Policy
• HTTP Message Validation Policy
• HTTP Security Policy
• JOSE Profile-Driven Security Policy (2022.1.0 and later)
• JOSE Security Policy v2 (Unencoded Payload Support)
• Message Threat Policy
• Metrics Policy
• OAuth 10a Trusted Token Security Policy (Community Manager policy)
• OAuth Client Policy
• OAuth Security Policy (Community Manager policy)
• Open Banking Client Validation Policy (2019.1.0 and later)
• Operational Script Policy (Private)
• Operational Script Policy (Public)
• Paging Policy
• Pipeline Policy (legacy; do not use)
• Schema Validation Policy
• SPNEGO Policy
• WS-Addressing Policy
• WS-Auditing Message Policy
• WS-Auditing Service Policy
• WS-Auditing Transaction Tracking Policy
• WS-Malicious Pattern Detection Policy
• WS-Schema Validation Policy
• WS-Security Asymmetric Binding Policy
• WS-Security Message Policy
• WS-Security Supporting Tokens Policy
• WS-Security Symmetric Binding Policy
• WS-Security Transport Binding Policy
• XML Policy

The following information on additional operational policies is applicable only if you have the Envision product installed:

• Business Metrics Policy
• Business Service Level Policy
• Operational Metrics Policy (deprecated in 2020.1.1)

For more information, see About Operational Policies.

Compliance Policies

The platform supports the following compliance policies:

• Compliance Aggregate Policy
• Compliance Script Policy
• Compliance WSI BP Policy
• Compliance XQuery Policy

For more information, see About Compliance Policies.

Related Topics