Custom headers in Azure API Management for CSP

Ryan 21 Reputation points
2020-06-30T12:00:45.447+00:00

In Azure API Management, there is a section to add policies. It seems that we can only add built-in policies. We are looking to add a Content Security Policy (CSP) header just like on our Azure Web app.

CSP Reference: https://content-security-policy.com/

Is it possible to add such custom http header?

Regards,

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,939 questions
{count} votes

Accepted answer
  1. Pramod Valavala 20,611 Reputation points Microsoft Employee
    2020-07-01T07:01:33.357+00:00

    This is possible. You simply need to use the set-header policy in your outbound policy block to set the appropriate CSP headers required.

    You can read more about policies in APIM for more insights on how policies work.


0 additional answers

Sort by: Most helpful