Webmethods API Gateway - Error handling of connected external access control application

Hello everyone,

We would like to use our own access control application in the API Gateway by calling an endpoint under Identify and Access (Policies) in the custom extension. Here we found the API Gateway settings for response processing and enabled both features “Copy entire response” and “Abort API execution in case of failure”. In case of an unauthorized access we would then like to pass our error message that is thrown in the connected access control service. So far, unfortunately, the general error of the gateway (error code 500) is returned in case of failure. Can you please help us here, which settings (extended settings) exactly have to be made in order to forward the full error message of the connected access control application?

Many thanks in advance and best regards,
Lea

Hi Lea,
Copy Entire Response is used to copy the response to a variable for use in subsequent steps.

Select to copy the entire response received from the external call out.
This response is used in the subsequent step by using ${request.payload} or ${response.payload}.

Other option you can try is to use the ${response.payload} in Conditional Error Processing and manipulate the error response.

Regards.

Hello Prabavathy,

our problem is that the response error, when using a custom extension, is always “500 Internal Server Error”, regardless of the actual error that the external endpoint throws. We are trying to forward the native error from the custom extension endpoint. We already checked the “Send native provider fault” option under Administration–>General–>API fault, but it seems this has no effect when using a custom extension. So the question is, whether this is possible (when using a custom extension) or not?

Best regards.