Trace
APPLIES TO: All API Management tiers
The trace policy adds a custom trace into the request tracing output in the test console, Application Insights telemetries, and/or resource logs.
- The policy adds a custom trace to the request tracing output in the test console when tracing is triggered.
- The policy creates a Trace telemetry in Application Insights, when Application Insights integration is enabled and the
severityspecified in the policy is equal to or greater than theverbosityspecified in the diagnostic setting. - The policy adds a property in the log entry when resource logs are enabled and the severity level specified in the policy is at or higher than the verbosity level specified in the diagnostic setting.
- The policy is not affected by Application Insights sampling. All invocations of the policy will be logged.
Important
- API Management request tracing using the Ocp-Apim-Trace header in a request and using the value of the Ocp-Apim-Trace-Location response header is being deprecated.
- To improve security, tracing can now be enabled at the level of an individual API by obtaining a time-limited token using the API Management REST API, and passing the token in a request to the gateway. For details, see Enable tracing of an API.
- Take care when enabling tracing, as it can expose sensitive information in the trace data. Ensure that you have appropriate security measures in place to protect the trace data.
Note
Set the policy's elements and child elements in the order provided in the policy statement. Learn more about how to set or edit API Management policies.
Policy statement
<trace source="arbitrary string literal" severity="verbose | information | error">
<message>String literal or expressions</message>
<metadata name="string literal or expressions" value="string literal or expressions"/>
</trace>
Attributes
| Attribute | Description | Required | Default |
|---|---|---|---|
| source | String literal meaningful to the trace viewer and specifying the source of the message. Policy expressions aren't allowed. | Yes | N/A |
| severity | Specifies the severity level of the trace. Allowed values are verbose, information, error (from lowest to highest). Policy expressions aren't allowed. |
No | verbose |
Elements
| Name | Description | Required |
|---|---|---|
| message | A string or expression to be logged. Policy expressions are allowed. | Yes |
| metadata | Adds a custom property to the Application Insights Trace telemetry. | No |
metadata attributes
| Attribute | Description | Required | Default |
|---|---|---|---|
| name | Name of the property. | Yes | N/A |
| value | Value of the property. | Yes | N/A |
Usage
- Policy sections: inbound, outbound, backend
- Policy scopes: global, workspace, product, API, operation
- Gateways: classic, v2, consumption, self-hosted, workspace
Example
<trace source="PetStore API" severity="verbose">
<message>@((string)context.Variables["clientConnectionID"])</message>
<metadata name="Operation Name" value="New-Order"/>
</trace>
Related policies
Related content
For more information about working with policies, see:
- Tutorial: Transform and protect your API
- Policy reference for a full list of policy statements and their settings
- Policy expressions
- Set or edit policies
- Reuse policy configurations
- Policy snippets repo
- Author policies using Microsoft Copilot in Azure