Dynamically Modify API Responses Based on Subscription Tier with Azure API Management Policies

Azure API Management (APIM) provides more than just API Gateway features; it offers a comprehensive suite of capabilities that strengthen the entire API ecosystem.

Here are some key features provided by Azure API Management:

• API Gateway
• Developer Portal
• Policy Management
• Analytics and Monitoring
• Security Features
• Multi-Cloud and Hybrid Support
• Versioning and Revisioning
• Scalability
• Integration
• Custom Domains and Branding
• Products & Subscriptions

We can combine multiple features from these categories based on our specific requirements.

In this article, I will illustrate how to combine Policy Management features with Product & Subscription features to implement a specific use case. 

Following is my business case

I want to offer my COVID data API in two product tiers. Users who subscribed to the premium product would see the entire response including the death count. But, the users who subscribed to the basic product would see the response without the death count

Here is the approach I used to implement the solution:

First we need to create two products within our Azure API Management instance:

• Starter – A basic plan where customers would see only a subset of the response
• Unlimited – A premium plan where the customers would see the full response

Then let's create two subscriptions for those products using Subscriptions section

Let's navigate to your API and enable access for both the Starter and Unlimited products.

Next, navigate to the Outbound Processing section of the API operation and open the Policy Editor to enforce a conditional response based on the subscribed product.

Here is the policy snippet I used:

    <outbound>
        <base />
        <choose>
            <when condition="@(context.Response.StatusCode == 200 && context.Product?.Name != "Unlimited")">
                <set-body>@{
                        var response = context.Response.Body.As<JObject>();
                        var rawData = response["rawData"] as JArray;
                        if (rawData != null) {
                            foreach (var record in rawData) {
                                record["Deaths"]?.Parent.Remove();
                            }
                        }

                        return response.ToString();
                    }</set-body>
            </when>
        </choose>
        <cache-store duration="15" />
    </outbound>

Let's test this with the Postman client. 

Let's first try with the Starter product. We will use the subscription key associated with the Starter product. As you can see, the Deaths property is not included within the rawData collection.

Now, let's check the same request using the Unlimited product. This time, the Deaths property is included in the response.