API Connect

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

#API Connect
#Applicationintegration
#APIConnect

View Only

Back to discussions

Expand all | Collapse all

Invoke policy property:"Allow list" substitution using context variable

Atul Mathew GeorgeMon March 09, 2026 07:14 AM

Hi All, I would like to check if there is a provision to supply Headercontrol -> Allowlist in API ...

Amutha KaruvelamuthuMon March 16, 2026 05:15 PM

Hi Atul, From my understanding, the Header control → Allowlist field in the Invoke policy ...

1. Invoke policy property:"Allow list" substitution using context variable

Like
Atul Mathew George
Posted Mon March 09, 2026 07:14 AM

Reply
Hi All,

I would like to check if there is a provision to supply Headercontrol -> Allowlist in API Connect invoke policy using context variables set using gateway script prior to the invoke in API assembly. I tried the option of setting a context variable as shown in screenshots inline. Please let me know if there is any option to achieve dynamic substitution of this property in invoke policy.

Gateway script :

Invoke policy :

------------------------------
Atul Mathew George
------------------------------
2. RE: Invoke policy property:"Allow list" substitution using context variable

Like
Amutha Karuvelamuthu
Posted Mon March 16, 2026 05:15 PM
Edited by Lorraine Rizzuto Tue March 17, 2026 09:24 AM

Reply
Hi Atul,

From my understanding, the Header control → Allowlist field in the Invoke policy may not support runtime substitution using context variables like $(allowedheaderlist). The values in this section are typically treated as static configuration and may not resolve variables set through GatewayScript.

If dynamic control of headers is required, one possible approach could be to handle the header filtering in a GatewayScript policy before the Invoke policy by modifying context.message.headers programmatically.

However, I have not tested this scenario yet, so it would be good to confirm if others in the community have implemented a similar solution.

Thanks.

------------------------------
Amutha Karuvelamuthu
Adaptive Development Private Limited
------------------------------

API Connect

API Connect

Invoke policy property:"Allow list" substitution using context variable

Atul Mathew GeorgeMon March 09, 2026 07:14 AM

Amutha KaruvelamuthuMon March 16, 2026 05:15 PM

1. Invoke policy property:"Allow list" substitution using context variable

2. RE: Invoke policy property:"Allow list" substitution using context variable

Office

Community Links

IBM Links

API Connect

API Connect

Invoke policy property:"Allow list" substitution using context variable

Atul Mathew GeorgeMon March 09, 2026 07:14 AM

Amutha KaruvelamuthuMon March 16, 2026 05:15 PM

1. Invoke policy property:"Allow list" substitution using context variable

2. RE: Invoke policy property:"Allow list" substitution using context variable

Related Content

Setting Dynamic Backed URL in Gateway Script and using it on Invoke

invoke policy usage

Reading header variable value in gatewayscript

IBM APIC Connect v10 - Invoke Policy Setting Password field via context variable

Context variable or policy to get authenticated ldap user

Office

Community Links

IBM Links