| title | Azure API Management policy reference - return-response | Microsoft Docs |
|---|---|
| description | Reference for the return-response policy available for use in Azure API Management. Provides policy usage, settings, and examples. |
| services | api-management |
| author | dlepow |
| ms.service | azure-api-management |
| ms.topic | reference |
| ms.date | 07/23/2024 |
| ms.author | danlep |
[!INCLUDE api-management-availability-all-tiers]
The return-response policy cancels pipeline execution and returns either a default or custom response to the caller. Default response is 200 OK with no body. Custom response can be specified via a context variable or policy statements. When both are provided, the response contained within the context variable is modified by the policy statements before being returned to the caller.
[!INCLUDE api-management-policy-generic-alert]
<return-response response-variable-name="existing context variable">
<set-status>...</set-status>
<set-header>...</set-header>
<set-body>...</set-body>
</return-response>| Attribute | Description | Required | Default |
|---|---|---|---|
| response-variable-name | The name of the context variable referenced from, for example, an upstream send-request policy and containing a Response object. Policy expressions aren't allowed. |
No | N/A |
| Element | Description | Required |
|---|---|---|
| set-status | Sets the status code of the response. | No |
| set-header | Sets a header in the response. | No |
| set-body | Sets the body in the response. | No |
- Policy sections: inbound, outbound, backend, on-error
- Policy scopes: global, workspace, product, API, operation
- Gateways: classic, v2, consumption, self-hosted, workspace
- A liquid template doesn't work when specified inside the body (set using
set-body) of thereturn-responsepolicy. Thereturn-responsepolicy cancels the current execution pipeline and removes the request body and response body in the current context. As a result, a liquid template specified inside the policy receives an empty string as its input and won't produce the expected output.
<return-response>
<set-status code="401" reason="Unauthorized"/>
<set-header name="WWW-Authenticate" exists-action="override">
<value>Bearer error="invalid_token"</value>
</set-header>
</return-response>[!INCLUDE api-management-policy-ref-next-steps]