Set HTTP proxy

APPLIES TO: All API Management tiers

The proxy policy allows you to route requests forwarded to backends via an HTTP proxy. Only HTTP (not HTTPS) is supported between the gateway and the proxy. Basic and NTLM authentication only.

Caution

Minimize risks of credential exposure when configuring this policy. Microsoft recommends that you use more secure authentication methods if supported by your backend, such as managed identity authentication or credential manager. If you configure sensitive information in policy definitions, we recommend using named values and storing secrets in Azure Key Vault.

Note

Set the policy's elements and child elements in the order provided in the policy statement. Learn more about how to set or edit API Management policies.

Policy statement

<proxy url="http://hostname-or-ip:port" username="username" password="password" />

Attributes

Attribute Description Required Default
url Proxy URL in the form of http://host:port. Policy expressions are allowed. Yes N/A
username Username to be used for authentication with the proxy. Policy expressions are allowed. No N/A
password Password to be used for authentication with the proxy. Policy expressions are allowed. No N/A

Usage

Usage notes

  • We recommend using named values to provide credentials, with secrets protected in a key vault.

Example

In this example, named values are used for the username and password to avoid storing sensitive information in the policy document.

<proxy url="http://192.168.1.1:8080" username={{username}} password={{password}} />

For more information about working with policies, see: