With procedural code, you can:
- Create or manipulate complex body values, such as request and response values.
- Rewrite URLs, such as to mask a target endpoint URL.
- Add other logic not available with included policies.
How it works
The following describes, at a high level, one way this works. Be sure to see the policy references for more details.
- In a separate file, write the code you're going to use.
- In your code, put the result of the code's processing into an Apigee flow variable.
You'll retrieve the variable value elsewhere in your API proxy. For more about flow variables, see Managing proxy state with flow variables.
- Add your file (or JAR) as a resource file to your API proxy.
For more about resource files, see Resource files.
- Add the policy corresponding to the language you're using.
Configure the policy to make a call to your code from the desired place in your API proxy's flow.
- Use a policy to retrieve the code's value from the flow variable.
The Apigee security model does not permit system calls such as network I/O, filesystem read/writes, current user info, process list, and CPU/memory utilization. Although some such calls may be functional, they are unsupported and liable to be actively disabled at any time. For forward compatibility, you should avoid making such calls in your code.
Other limitations may exist for each supported language, as described in the language's corresponding policy reference.
Use the Java Callout policy to make calls to Java code from your proxy's flow. The policy reference topic includes examples.
Use the Python Script policy to call out to Python code.