JSONP
APPLIES TO: All API Management tiers
The jsonp policy adds JSON with padding (JSONP) support to an operation or an API to allow cross-domain calls from JavaScript browser-based clients. JSONP is a method used in JavaScript programs to request data from a server in a different domain. JSONP bypasses the limitation enforced by most web browsers where access to web pages must be in the same domain.
Note
Set a policy's elements and child elements in the order provided in the policy statement. Learn more about how to set or edit API Management policies.
Policy statement
<jsonp callback-parameter-name="callback function name" />
Attributes
| Name | Description | Required | Default |
|---|---|---|---|
| callback-parameter-name | The cross-domain JavaScript function call prefixed with the fully qualified domain name where the function resides. Policy expressions are allowed. | Yes | N/A |
Usage
- Policy sections: outbound
- Policy scopes: global, workspace, product, API, operation
- Gateways: classic, consumption, self-hosted
Usage notes
- This policy can only be used once in a policy section.
Example
<jsonp callback-parameter-name="cb" />
If you call the method without the callback parameter ?cb=XXX, it will return plain JSON (without a function call wrapper).
If you add the callback parameter ?cb=XXX, it will return a JSONP result, wrapping the original JSON results around the callback function like XYZ('<json result goes here>');
Related policies
Next steps
For more information about working with policies, see:
- Tutorial: Transform and protect your API
- Policy reference for a full list of policy statements and their settings
- Policy expressions
- Set or edit policies
- Policy samples