API Gateway - Change HTTP response code from "401" to "400"

book

Article ID: 197125

calendar_today

Updated On:

Products

CA API Gateway API SECURITY CA API Gateway Precision API Monitoring Module for API Gateway (Layer 7) CA API Gateway Enterprise Service Manager (Layer 7) STARTER PACK-7 CA Microgateway

Issue/Introduction

We have a requirement to dynamically change the "401" error code returned by the backend to "400" for all APIs.
In others words, when a Back-end returns "401" the API Gateway must change it to "400".

The goal is to do it once and in one place (and not to duplicate this for each API)

Environment

Release : 9.4

Component : API GATEWAY

Resolution

You can't globally change the error code in a single place. There are two options here.

Option One:
Regarding the behavior of the HTTP Route assertion with the 401 error, the default is for the policy to fail if the target returns an error status >= 400. You can change this default behavior by changing the 'Assertion Outcome' property of the HTTP Route assertion on the 'Other' tab, as documented here, also check the screenshot as depicted below:

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-2/policy-assertions/assertion-palette/message-routing-assertions/route-via-http-s-assertion.html#RouteviaHTTP(S)Assertion-Configuringthe[Other]Tab


Option two: You can create a Global Policy Fragment. And in that fragment you define a "Customize Error Response" assertion.


Attachments