We are trying to activate the streaming on some REST apis. We want to be able to use some security inbound which requires to inspect the message and outbound, we want to stream the response.

It looks likes as soon as we inspect the request, the streaming for the response is not possible. The response is loaded completely in memory. In other words, as soon as we read a part of the request, the response becomes un-streamable.

Is this the expected behavior for the gateway? 

CA API Gateway 9.x

Streaming can only be done if you’re not acting, processing, or validating a message. Once your policy acts on a message (for example, if you need to run a regular expression against a response), then the Gateway needs to buffer the request in full before it can act against it, it can’t run a regular expression against the message mid-stream, so to speak. This is the expected behavior.

“The Configure Message Streaming assertion allows large message requests to stream without being read and buffered by the Gateway. This assertion can reduce the latency of requests passing through the Gateway, but note that this will limit the types of validation and processing the Gateway is able to perform on these requests.”