Routing policies

Policy

Description

Throttling policy

Route-level throttling policies prevent backend services from being overwhelmed by excessive requests and help avoid cascading failures. You can set fine-grained thresholds to limit the number of requests on a route within a specified period, ensuring backend availability.

Rewrite policy

A rewrite policy lets you modify the paths and hostnames in requests before they are forwarded to backend services. This gives you precise control over request routing to meet specific business and architecture requirements.

Header setting policy

A header setting policy lets you modify headers in requests before they reach backend services, or in responses before they are returned to clients.

CORS policy

CORS is a security mechanism that enables web servers to perform cross-origin access control for secure data transfer. Cloud-native gateways support route-level CORS policies, allowing you to specify which domain names and request methods can access your resources.

Authentication policy

Cloud-native gateways support route-level authentication. For more information about how to configure consumer authentication, see Configure consumer authentication.

Traffic replication policy

A traffic replication policy copies live traffic from a route to a specified application. This supports simulation testing and fault diagnosis, helping you evaluate application performance and troubleshoot issues efficiently.

Timeout policy

Route-level timeout policies define how long a gateway waits for a backend response. If no response is received within the specified period, the gateway returns a 504 (Gateway Timeout) HTTP status code to the client.

Retry policy

Route-level retry policies enable cloud-native gateways to automatically retry failed requests. You can specify retry conditions such as connection failures, unavailable backend services, or specific HTTP status codes.