Apply Custom Policies to APIs¶
After building the gateway with your custom policies and starting it, the gateway automatically sends its policy manifest to the control plane on connection. You can then sync your custom policies to the organization and apply them to your APIs.
Step 1: View the Gateway Policies¶
- Sign in to API Platform Console.
- Go to Organization Level in API Platform.
- From the left navigation, select Admin → Gateways.
- Select your gateway to open the gateway detail view.
- Click the Policies tab.
Note
Each time the gateway connects to the control plane, it automatically sends an updated manifest with the latest policy details. The Policies tab always reflects the most recent manifest received.
The console fetches the manifest from the gateway and displays a table of all policies installed on it, with the following columns:
| Column | Description |
|---|---|
| Name | Policy name |
| Version | Installed version |
| Description | Policy description |
| Policy Type | Policy Hub for policy hub managed policies, Custom for your own policies |
| Sync Status | Whether the policy is synced to the organization — shows a Sync button if not yet synced or a newer version is available, or Latest Version Available if already up to date |
Step 2: Sync the Custom Policy to the Organization¶
Custom policies must be synced to the organization before they can be applied to APIs.
In the Sync Status column, each custom policy shows one of the following:
- Sync button — the policy has not been synced yet, or a newer version is available. Click Sync to register it in the organization.
- Latest Version Available — the policy is already synced and up to date. No action needed.
Note
Policy Hub policies (managed by WSO2) show N/A in the Sync Status column and cannot be synced manually.
Once synced, the custom policy is available organization-wide and can be applied to APIs.
Note
- Each major version of a custom policy is maintained as a separate policy entry with the same name.
- A minor version update re-enables the Sync button, allowing the newer version to be synced to the organization.
- Patch version updates are not supported.
- Version downgrades are not allowed.
Step 3: View Organization-Level Custom Policies¶
After syncing, the custom policy appears in the Custom Policies section on the main Gateways page. To view it:
- From the left navigation, select Admin → Gateways.
- Select the API Platform tab to ensure the Hybrid Gateways view is active.
- Scroll down to the Custom Policies section below the gateway list.
This section lists all custom policies available in the organization with the following details:
| Column | Description |
|---|---|
| Name | Policy name |
| Version | Synced version |
| Description | Policy description |
| Created At | Date and time the policy was first synced |
| Updated At | Date and time the policy was last updated |
Note
To delete a synced custom policy, none of the APIs in the organization should be using it.
Step 4: Apply the Custom Policy to an API¶
After syncing, the custom policy appears in the policy list when configuring an API proxy. To apply it:
- Navigate to your API proxy.
- Go to the Policies page.
- Select your custom policy from the available policies and configure it.
- Deploy the API.
For detailed instructions on attaching and configuring policies on an API, see Adding and Managing Policies.
What's Next?¶
- Publish APIs Overview: Learn about publishing APIs on the self-hosted gateway
- Subscription Based APIs: Publish APIs with subscription-based access control
- Subscription Less APIs: Publish APIs without subscription requirements
- Lifecycle Management: Manage the lifecycle of your published APIs