Select An Org
Automated Policies to exclude some APIs
Publish Date: Jul 22, 2025
Steps
QUESTION
How do we exclude an API from an Automated Policy?ANSWER
Automated Policies can be applied to Flex Gateways only, and/or a certain Mule version range.In this example "Mule gateways only" "From version 4.3.0", the Automated Policies will be applied to Runtime 4.3.0+(4.3.0, 4.4.0 and higher).
If you choose "Flex gateways only", it will be applied to Flex Gateway only.
If you choose "All runtimes", it will be applied to both Mule gateways and Flex Gateways.
However, unfortunately, excluding particular APIs is not possible. Please refer to the 'Conflict Management' section of the documentation., linked below:
https://docs.mulesoft.com/api-manager/2.x/automated-policy-apply#conflict-management
As you can see, automated policies are designed to be applied to all applications within an environment and have priority over policies applied at API level.
There is an Idea on the Ideas Portal currently open for this as this is currently not possible. If you are looking for this feature, then we would ask that you upvote this idea. This site is intended to give us a an idea of the demand for new features and the site is monitored by Product Management.
The only workaround at this point would be to use separate environments for applications and/or separate them into Mule gateway and Flex gateways.
To apply a policy via REST API, please refer to KB How To Enforce an API Policy via Anypoint Platform API.
Knowledge Article Number
001116771
Did this article solve your issue?
Let us know so we can improve!
