This is possible. You simply need to use the set-header policy in your outbound policy block to set the appropriate CSP headers required.
You can read more about policies in APIM for more insights on how policies work.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
In Azure API Management, there is a section to add policies. It seems that we can only add built-in policies. We are looking to add a Content Security Policy (CSP) header just like on our Azure Web app.
CSP Reference: https://content-security-policy.com/
Is it possible to add such custom http header?
Regards,
This is possible. You simply need to use the set-header policy in your outbound policy block to set the appropriate CSP headers required.
You can read more about policies in APIM for more insights on how policies work.