Policies help in modifying requests to APIs or responses from APIs in a configurable way. The Azure APIM portal allows users to apply these policies to requests or responses. One example could be the conversion of an XML payload in a request to JSON format. There is a wide variety of policies that give great control over changing the behavior of requests or responses. The following are a few capabilities and characteristics of the policies:

• Encapsulate common APIM functions
• Access control, protection, transformation, and caching
• Chained together into a pipeline
• Mutate request context or change API behavior
• Set inbound and outbound directions
• Can be triggered by an error
• Applied at a variety of scopes