API Connect

API Connect

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

how can we get "401" status code instead of "500" status code for Invalid or expiration of authorization token.

  • 1.  how can we get "401" status code instead of "500" status code for Invalid or expiration of authorization token.

    Posted Thu November 10, 2022 03:07 AM
    Hello Team,

    We are using jwt validate policy we are getting "500" status code  we need to change the status code to "401".
    Please suggest.

    Thanks,

    ------------------------------
    Pawan Jinaga
    ------------------------------


  • 2.  RE: how can we get "401" status code instead of "500" status code for Invalid or expiration of authorization token.

    Posted Tue November 15, 2022 11:52 AM

    Hi Pawan,

    Per https://www.ibm.com/docs/en/api-connect/10.0.1.x?topic=policies-validate-jwt, this policy throws a RuntimeError.  Your API can catch this error and update the status code to a 401 by updating context.message.statusCode = 401; or context.message.statusCode = '401 MyCustomReasonPhrase';

    There are examples updating the statusCode in https://www.ibm.com/docs/en/api-connect/10.0.1.x?topic=aplc-using-context-variables-in-gatewayscript-xslt-policies-datapower-api-gateway.

    Regards,

    Steve Linn



    ------------------------------
    Steve Linn
    Senior Consulting I/T Specialist
    IBM
    ------------------------------

    Original Message


Related Content