API Gateway - Change HTTP response code from "401" to "400"


Article ID: 197125


Updated On:


CA API Gateway API SECURITY CA API Gateway Precision API Monitoring Module for API Gateway (Layer 7) CA API Gateway Enterprise Service Manager (Layer 7) STARTER PACK-7 CA Microgateway


We have a requirement to dynamically change the "401" error code returned by the backend to "400" for all APIs.
In others words, when a Back-end returns "401" the API Gateway must change it to "400".

The goal is to do it once and in one place (and not to duplicate this for each API)


Release : 9.4

Component : API GATEWAY


You can't globally change the error code in a single place. There are two options here.

Option One:
Regarding the behavior of the HTTP Route assertion with the 401 error, the default is for the policy to fail if the target returns an error status >= 400. You can change this default behavior by changing the 'Assertion Outcome' property of the HTTP Route assertion on the 'Other' tab, as documented here, also check the screenshot as depicted below:


Option two: You can create a Global Policy Fragment. And in that fragment you define a "Customize Error Response" assertion.