Policies are an API Management capability that allows you to change the behavior of your exposed API using a configuration file and without changing your application code.
Policies can be defined on all the APIs of your API Management instance, on a single API, or on a single operation in an API, and finally, you can also add policies to a single product. Policies are a set of statements you can apply to an API request (before the request is routed to the backend services) or to the response (before the response is returned to the caller).
Using policies, you can authenticate the request, implement restriction policies (for example, set a usage quota for a subscription or limit the number of calls for a product), implement caching, rewrite the URL, transform a request or response payload from JSON to XML, and so on.
You can display the policies applied...