@akhilas@secful.com Thanks for reaching out. From the description i understand that you have created a product-level policy and tried to place it at the global scope, but it resulted in an error. you want to know if there is any other option to create a policy that can be used at the global, product, and API scopes.
if you want to use a policy at the global, product, and API scopes, you can define the policy at the global scope and use the base
element to inherit the policy at the product and API scopes. For example, you can define a policy at the global scope as follows:
<policies>
<inbound> <!-- statements to be applied to the request go here -->
</inbound>
<backend> <!-- statements to be applied before the request is forwarded to the backend service go here -->
</backend>
<outbound> <!-- statements to be applied to the response go here -->
</outbound>
</policies>
Then, you can inherit the policy at the product and API scopes by using the base
element as follows:
<policies>
<inbound>
<base />
<!-- other policy statements -->
</inbound>
</policies>
do let me know incase of further queries, I would be happy to assist you.