how to check null header values in apim and throw error response back

Question

I want to check if the specific header contains null values if the value is null then throw error bad request how to achive this functionality in apim

<validate-headers specified-header-action="ignore | prevent | detect" unspecified-header-action="ignore | prevent | detect" errors-variable-name="variable name">
    <header name="header name" action="ignore | prevent | detect" />
</validate-headers>

any example I have seen above code in apim documentation but not sure how to check null values

score 0 · Answer 1 · answered May 22 '23 at 07:45

Use the check-header policy or the validate-headers policy in Azure API Management (APIM) to determine whether a certain header includes null values and to raise a bad request error if it does.

validate-headers policy:

<validate-headers specified-header-action="prevent" unspecified-header-action="prevent" errors-variable-name="headerErrors">
    <header name="headerName" action="prevent">
        <value>^((?!null).)*$</value>
    </header>

check-header policy: As per this MS document check header policy statement format will be as follows,

 <check-header name="header name" failed-check-httpcode="code" failed-check-error-message="message" ignore-case="true | false">
        <value>Value1</value>
        <value>Value2</value>
    </check-header>

Example 1:

<check-header name="author header name" failed-check-httpcode="401" failed-check-error-message="Not authorized" ignore-case="false">
    <value>***********</value>
</check-header>

Example 2:

<check-header name=" bad request header name" failed-check-httpcode="400" failed-check-error-message="Bad Request">  
<value>*******</value>  
</check-header>

Reference document.

score 0 · Accepted Answer · answered Jun 23 '23 at 06:43

I did the same and my Scenario was validate the JWT-Token Header token and response back if JWT is missing. I did below code and for me it's working.

<set-variable name="JWTToken" value="@(context.Request.Headers.GetValueOrDefault("Authorization"))" />
<choose>
    <when condition="@(context.Variables.GetValueOrDefault<string>("JWTToken") == null || !context.Variables.GetValueOrDefault<string>("JWTToken").Contains("Bearer "))">
        <return-response response-variable-name="cartErrorResponse">
            <set-status code="400" reason="reason" />
            <set-header name="Content-Type" exists-action="override">
                <value>application/json</value>
            </set-header>
            <set-body>{
                  "error": {
                        "code": "APIMC002",
                         "type": "",
                         "text": "Token is missing in header"
                   }
                   }</set-body>
        </return-response>
    </when>
</choose>

how to check null header values in apim and throw error response back

2 Answers2