Hear from Salesforce leaders on how to create and deploy Agentforce agents.
Contact Us 1-800-596-4880

Securing and Governing Flex Gateway APIs

Policies enforce rules when Flex Gateway processes requests, enabling you to secure and govern your Flex Gateway APIs.

MuleSoft provides policies that you can apply to your APIs via Anypoint Platform or declarative configuration files. The provided policies include rate limiting, caching, authentication, authorization, threat protection, monitoring, and logging. For more information about MuleSoft-provided policies, see the Inbound Policies Directory and Outbound Policies Directory.

To extend existing functionality or define new functionality, create custom policies based on your specific business requirements and apply them to APIs. For information about creating custom policies, see Flex Gateway Policy Development Kit (PDK) Overview.

Automated policies enable your API instance to comply with common security and logging requirements by automatically applying the same set of policies to all APIs running in Flex Gateway. See Automated Policies for more information.

To apply a policy for Managed Flex Gatewat or Connected Mode, see Applying Policies for Managed Flex Gateways and Connected Mode.

To apply a policy in Local Mode, see Applying Policies in Local Mode.

For information about policy reordering, see Ordering Policies.

For information about DataWeave support, see DataWeave Support in Flex Gateway Policies.