ResponseCache policy

This pageapplies toApigee andApigee hybrid.

View Apigee Edge documentation.

The ResponseCache policy caches data from a backend resource, reducing the number of requests to the resource. As apps make requests to the same URI, you can use this policy to return cached responses instead of forwarding those requests to the backend server. The ResponseCache policy can improve your API's performance through reduced latency and network traffic.

This policy is anExtensible policy and use of this policy might have cost or utilization implications, depending on your Apigee license. For information on policy types and usage implications, seePolicy types.

You'll likely find ResponseCache most useful when backend data used by your API is updated only periodically. For example, imagine you have an API that exposes weather report data refreshed only every ten minutes. By using ResponseCache to return cached responses between refreshes, you can decrease the number of requests reaching the backend. This also reduces the number of network hops.

For general purpose short-term caching, considering using thePopulateCache policy. That policy is used in conjunction with theLookupCache policy (for reading cache entries) and theInvalidateCache policy (for invalidating entries).

Watch the following video for an introduction to the Response Cache policy.

Tip: For a discussion of antipatterns for the Response Cache policy, seeIntroduction to antipatterns.Note: You are limited to attaching this policy once in the proxy request flow and once in the response flow. You cannot use the ResponseCache policy in a shared flow.

For a video tutorial showing how to use the policy, seeTutorial: Implementing Response Caching within Edge. See alsoError Codes below.

Samples

10-minute cache

This sample shows how to have cached responses kept for 10 minutes.

Imagine that you have an API at the following URL:

http://{org_name}-test.apigee.net/weather/forecastrss?w=23424778

You're using the query parameterw as a cache key. Apigee checks the value of the query parameterw whenever a request is received. If a valid (that is, non-expired) response is present in the cache, then the cached response message is returned to the requesting client.

Now imagine that you have a ResponseCache policy configured as follows.

<ResponseCache name="ResponseCache">    <CacheKey>        <KeyFragment ref="request.queryparam.w" />    </CacheKey>    <ExpirySettings>        <TimeoutInSeconds>600</TimeoutInSeconds>    </ExpirySettings></ResponseCache>

The first time the API proxy receives a request message for the following URL, the response is cached. On the second request within 10 minutes, a cache lookup occurs -- the cached response is returned to the app with no request forwarded to the backend service.

http://{org_name}-test.apigee.net/weather/forecastrss?w=23424778
Tip: HTTP headers and query parameters are automatically populated as variables when a request is received. Any HTTP header is available asrequest.header.{header_name}, for examplerequest.header.user-agent. Any query parameter is available asrequest.queryparam.{queryparam_name}, for examplerequest.queryparam.action.

Skip cache lookup

The following example shows how to have the cache lookup skipped and have the cache refreshed. See also this video on the use of SkipCacheLookup.

The optional SkipCacheLookup condition (if configured) is evaluated in the request path. If the condition evaluates to true, then the cache look up is skipped and the cache is refreshed.

A common use of conditional cache refresh is a condition that defines a specific HTTP header that causes the condition to evaluate to true. A scripted client application could be configured to periodically submit a request with the appropriate HTTP header, explicitly causing the response cache to refresh.

For example, imagine a call to an API at the following URL:

'http://{org_name}-test.apigee.net/weather/forecastrss?w=23424778' -H "bypass-cache:true"

Now imagine the following ResponseCache policy configured on that proxy. Note that the bypass-cache condition is set to true.

<ResponseCache name="ResponseCache">    <CacheKey>        <KeyFragment ref="request.queryparam.w" />    </CacheKey>    <!-- Explicitly refresh the cached response -->    <SkipCacheLookup>request.header.bypass-cache = "true"</SkipCacheLookup>    <ExpirySettings>        <TimeoutInSeconds>600</TimeoutInSeconds>    </ExpirySettings></ResponseCache>

For more information about conditions, seeFlow variables and conditions.

Element reference

The element reference describes the elements and attributes of the policy.

<?xmlversion="1.0"encoding="UTF-8"standalone="yes"?><ResponseCacheasync="false"continueOnError="false"enabled="true"name="Response-Cache-1"><DisplayName>ResponseCache1</DisplayName><Properties/><CacheKey><Prefix/><KeyFragmentref="request.uri"/></CacheKey><Scope>Exclusive</Scope><ExpirySettings><ExpiryDate/><TimeOfDay/><TimeoutInSecondsref="flow.variable.here">300</TimeoutInSeconds></ExpirySettings><CacheResource>cache_to_use</CacheResource><CacheLookupTimeoutInSeconds/><ExcludeErrorResponse/><SkipCacheLookup/><SkipCachePopulation/><UseAcceptHeader/><UseResponseCacheHeaders/></ResponseCache>

<ResponseCache> attributes

<ResponseCache async="false" continueOnError="false" enabled="true" name="Response-Cache-1">

The following table describes attributes that are common to all policy parent elements:

AttributeDescriptionDefaultPresence
name

The internal name of the policy. The value of thename attribute can contain letters, numbers, spaces, hyphens, underscores, and periods. This value cannot exceed 255 characters.

Optionally, use the<DisplayName> element to label the policy in the management UI proxy editor with a different, natural-language name.

N/ARequired
continueOnError

Set tofalse to return an error when a policy fails. This is expected behavior for most policies.

Set totrue to have flow execution continue even after a policy fails. See also:

falseOptional
enabled

Set totrue to enforce the policy.

Set tofalse toturn off the policy. The policy will not be enforced even if it remains attached to a flow.

trueOptional
async

This attribute is deprecated.

falseDeprecated

<DisplayName> element

Use in addition to thename attribute to label the policy in the management UI proxy editor with a different, natural-language name.

<DisplayName>Policy Display Name</DisplayName>
Default

N/A

If you omit this element, the value of the policy'sname attribute is used.

PresenceOptional
TypeString

<CacheKey> element

Configures a unique pointer to a piece of data stored in the cache.

Cache keys are limited to a size of 2 KB.

Note: You can further augment the cache key configured here by using values from response headers. For more information, seeConfiguring a cache key.
<CacheKey><Prefix>string</Prefix><KeyFragmentref="variable_name"/><KeyFragment>literal_string</KeyFragment></CacheKey>

Default:

N/A

Presence:

Required

Type:

N/A

<CacheKey> constructs the name of each piece of data stored in the cache. The key is often set using a value from entity headers or query params. In those cases, you would have the element's ref attribute specify a variable containing the key value.

At runtime,<KeyFragment> values are prepended with either the<Scope> element value or<Prefix> value. For example, the following results in a cache key ofUserToken__apiAccessToken__<value_of_client_id>:

<CacheKey>    <Prefix>UserToken</Prefix>    <KeyFragment>apiAccessToken</KeyFragment>    <KeyFragment ref="request.queryparam.client_id" /></CacheKey>

You use the<CacheKey> element in conjunction with<Prefix> and<Scope>. For more information, seeWorking with cache keys.

<CacheLookupTimeoutInSeconds> element

Specifies the number of seconds after which an unsuccessful cache lookup will be considered a cache miss. If this occurs, flow resumes along the cache-miss path.

<CacheLookupTimeoutInSeconds>30</CacheLookupTimeoutInSeconds>

Default:

30

Presence:

Optional

Type:

Integer

<CacheResource> element

Specifies the cache where messages should be stored. Omit this element to use the included shared cache. You should specify aCacheResource by name if you wish to be able to administratively clear entries contained in the cache. For more on that, seeCaches API.

<CacheResource>cache_to_use</CacheResource>

Default:

N/A

Presence:

Optional

Type:

String

<CacheKey>/<KeyFragment> element

Specifies a value that should be included in the cache key, creating a namespace for matching requests to cached responses.

<KeyFragmentref="variable_name"/><KeyFragment>literal_string</KeyFragment>

Default:

N/A

Presence:

Optional

Type:

N/A

This can be a key (a static name that you provide) or a value (a dynamic entry set by referencing a variable). All specified fragments combined (plus the prefix) are concatenated to create the cache key.

<KeyFragment>apiAccessToken</KeyFragment><KeyFragment ref="request.queryparam.client_id" />

You use the<KeyFragment> element in conjunction with<Prefix> and<Scope>. For more information, seeWorking with cache keys.

Attributes

AttributeTypeDefaultRequiredDescription
refstringNo

The variable from which to get the value. Should not be used if this element contains a literal value.

<CacheKey>/<Prefix> element

Specifies a value to use as a cache key prefix.

<Prefix>prefix_string</Prefix>

Default:

N/A

Presence:

Optional

Type:

String

Use this value instead of<Scope> when you want to specify your own value rather than a<Scope> -enumerated value. If defined,<Prefix> prepends the cache key value for entries written to the cache. A<Prefix> element value overrides a<Scope> element value.

You use the<Prefix> element in conjunction with<CacheKey> and<Scope>. For more information, seeWorking with cache keys.

<ExcludeErrorResponse> element

This policy can cache HTTP responses withany status code. That means both success and error responses can be cached, including 2xx and 3xx status codes.

Set this element totrue (default) to exclude the error responses. Set it tofalse if you do not want to exclude cache target responses with HTTP error status codes.

Note: Status codes from 200 to 205 are still cached when this element is set totrue; these are the HTTP status codes that Apigee counts as "success" codes, and you cannot exclude them with this element.

For a discussion of Response Cache patterns in which this element is useful, seeIntroduction to antipatterns.

<ExcludeErrorResponse>true</ExcludeErrorResponse>

Default:

true

Presence:

Optional

Type:

Boolean

<ExpirySettings> element

Specifies when a cache entry should expire. When present,<TimeoutInSeconds> overrides both<TimeOfDay> and<ExpiryDate>.

<ExpirySettings><TimeOfDayref="time_variable">expiration_time</TimeOfDay><TimeoutInSecondsref="duration_variable">seconds_until_expiration</TimeoutInSeconds><ExpiryDateref="date_variable">expiration_date</ExpiryDate></ExpirySettings>

Default:

N/A

Presence:

Required

Type:

N/A

<ExpirySettings>/<ExpiryDate> element

Specifies the date on which a cache entry should expire. Use the formmm-dd-yyyy. When present, this element's sibling,<TimeoutInSeconds>, overrides<ExpiryDate>.

<ExpirySettings><ExpiryDateref="{date_variable}">expiration_date</ExpiryDate></ExpirySettings>

Default:

N/A

Presence:

Optional

Type:

String

Attributes

<ExpiryDate ref="" />
AttributeDescriptionDefaultPresenceType
ref

The variable from which to get the value. Should not be used if this element contains a literal value.

N/AOptionalString

<ExpirySettings>/<TimeOfDay> element

The time of day at which a cache entry should expire. Use the formhh:mm:ss . When present, this element's sibling,<TimeoutInSeconds>, overrides<TimeOfDay>.

Enter time of day in the format HH:mm:ss, where HH represents the hour on a 24-hour clock. For example, 14:30:00 for 2:30 in the afternoon.

For the time of day, the default locale and time zone will vary depending on where the code is running (which isn't knowable when you configure the policy).

<ExpirySettings><TimeOfDayref="time_variable">expiration_time</TimeOfDay></ExpirySettings>

Default:

N/A

Presence:

Optional

Type:

String

Attributes

AttributeDescriptionDefaultPresenceType
refVariable with the expiration time value.N/AOptionalString

<ExpirySettings>/<TimeoutInSec> element

Note: Deprecated. UseTimeoutInSeconds. If both theTimeoutInSec andTimeoutInSeconds elements are present, Apigee usesTimeoutInSeconds.

The number of seconds after which a cache entry should expire.

<ExpirySettings>/<TimeoutInSeconds> element

The number of seconds after which a cache entry should expire. When present, this element overrides its siblings,<TimeOfDay> and<ExpiryDate>.

<ExpirySettings><TimeoutInSecondsref="duration_variable">seconds_until_expiration</TimeoutInSeconds></ExpirySettings>
Note: Provide a default timeout value to use if the ref does not receive a value from theduration_variable.

Default:

N/A

Presence:

Optional

Type:

String

Attributes

AttributeDescriptionDefaultPresenceType
refVariable with the timeout value.
N/A
OptionalString

<Scope> element

Enumeration used to construct a prefix for a cache key when a<Prefix> element is not provided in the<CacheKey> element.

<Scope>scope_enumeration</Scope>

Default:

"Exclusive"

Presence:

Optional

Type:

String

The<Scope> setting determines a cache key that is prepended according to the<Scope> value. For example, a cache key would take the following form when scope is set toExclusive :orgName__envName__apiProxyName__proxy|TargetName__ [serializedCacheKey ].

If a<Prefix> element is present in<CacheKey>, it supersedes a<Scope> element value. Valid values include the enumerations below.

You use the<Scope> element in conjunction with<CacheKey> and<Prefix>. For more information, seeWorking with cache keys.

Acceptable values

Scope ValueDescription
Global

Cache key is shared across all API proxies deployed in the environment. Cache key is prepended in the formorgName __envName __.

If you define a<CacheKey> entry with the<KeyFragment> apiAccessToken and a<Global> scope, each entry is stored asorgName__envName__apiAccessToken, followed by the serialized value of the access token. For an API proxy deployed in an environment called 'test' in an organization called 'apifactory', access tokens would be stored under the following cache key:apifactory__test__apiAccessToken.

Application

API proxy name is used as the prefix.

Cache key is prepended in the formorgName__envName__apiProxyName.

Proxy

ProxyEndpoint configuration is used as the prefix.

Cache key is prepended in the formorgName__envName__apiProxyName__proxyEndpointName .

Target

TargetEndpoint configuration is used as the prefix.

Cache key prepended in the formorgName__envName__apiProxyName__targetEndpointName .

Exclusive

Default. This is the most specific, and therefore presents minimal risk of namespace collisions within a given cache.

Prefix is one of two forms:

  • If the policy is attached to theProxyEndpoint flow, prefix is of the formApiProxyName_ProxyEndpointName.
  • If the policy is attached atTargetEndpoint, prefix is of the formApiProxyName_TargetName.

Cache key prepended in the formorgName__envName__apiProxyName__proxyNameITargetName

For example, the full string might look like this:

apifactory__test__weatherapi__default__apiAccessToken
.

<SkipCacheLookup> element

Defines an expression that, if it evaluates to true at runtime, specifies that cache lookup should be skipped and the cache should be refreshed. See alsoUsing the ResponseCache policy video on the use ofSkipCacheLookup.

<SkipCacheLookup>variable_condition_expression</SkipCacheLookup>

Default:

N/A

Presence:

Optional

Type:

String

From the following example, if the bypass-cache variable is set to true in an incoming header, cache lookup is skipped and the cache is refreshed.

<SkipCacheLookup>request.header.bypass-cache = "true"</SkipCacheLookup>

<SkipCachePopulation> element

Defines an expression that, if it evaluates to true at runtime, specifies that a write to the cache should be skipped. See alsothis video on the use ofSkipCachePopulation.

<SkipCachePopulation>variable_condition_expression</SkipCachePopulation>

Default:

N/A

Presence:

Optional

Type:

String

For example, the following would skip the cache write if the response status code was 400 or higher:

<SkipCachePopulation>response.status.code >= 400</SkipCachePopulation>

<UseAcceptHeader> element

Set totrue to have a response cache entry's cache key appended with values from response Accept headers.

Apigee uses theAccept,Accept-Encoding,Accept-Language andAccept-Charset request headers when calculating the cache key. This approach prevents a client from getting a media type they did not ask for.

For example, consider if two requests come in from the same URL, where the first request accepts gzip and the second does not. The first request will be cached, and the cached entry will (probably) be a gzipped response. The second request will read the cached value and may then return a gzipped entry to a client that is not capable of reading gzip.

SeeConfiguring a cache key for more.

<UseAcceptHeader>false</UseAcceptHeader>

Default:

false

Presence:

Optional

Type:

Boolean

<UseResponseCacheHeaders> element

Set totrue to have HTTP response headers considered when setting the "time to live" (TTL) of the response in the cache. When this is true, Apigee considers the values of the following response headers, comparing the values with those set by<ExpirySettings> when setting time to live:

  • Cache-Control s-maxage
  • Cache-Control max-age
  • Expires

SeeSetting cache entry expiration for more details.

<UseResponseCacheHeaders>false</UseResponseCacheHeaders>

Default:

false

Presence:

Optional

Type:

Boolean

Usage notes

The maximum size for each cached object is 256 KB. (For detailed information on how Apigee processes cache, seeCache internals.)

Through configuration in the ResponseCache policy, you can have Apigee include HTTP response headers in setting cache entry expiration and cache keys. This section describes you can use the policy with headers to manage cache expiration and cache keys.

For more about how Apigee handles response headers with the ResponseCache policy, seeSupport for HTTP response headers.

Note: For other best practice suggestions related to the ResponseCache policy, seeBest practices for API proxy design and development.

Setting cache entry expiration

As with thePopulateCache policy, you can set a response cache entry's expiration (its time to live) using the<ExpirySettings> element. In the ResponseCache policy, you can also have Apigee consider response headers when they're present.

To use response headers, you set the<UseResponseCacheHeaders> element value to true. That setting causes Apigee to consider the response headers, compare them with the value set by<ExpirySettings>, then use the lowest value between the two. When considering the response headers, Apigee chooses the value available as described in the following:

Diagram that shows what happens when you set UseResponseCacheHeaders to true.

For example, imagine a response is cached with the following values:

  • NoCache-Control s-maxage value
  • ACache-Control max-age value of 300
  • AnExpires date in three days
  • An<ExpirySettings>TimeoutInSeconds value of 600.

In this case, theCache-Controlmax-age value would be used for the TTL because it is lower than the<ExpirySettings> value and because there is noCache-Control s-maxage value (which takes precedence overmax-age).

Configuring a cache key

As with general purpose cache policies such as thePopulateCache policy, with ResponseCache you use<CacheKey> and<Scope> elements to configure cache key creation for cache entries. With ResponseCache you can also make cache keys more meaningful by having response Accept headers appended to key values.

For general information about configuring cache keys, seeWorking with cache keys. For information about using Accept headers, see<UseAcceptHeader>.

About cache encryption

Apigee and Apigee hybrid (version 1.4 and later): Cache and KVM data are always encrypted.

Flow variables

The following predefined Flow variables are populated when a ResponseCache policy is executed. For more information about Flow variables, seeFlow variables reference.

VariablesTypePermissionDescription
responsecache.{policy_name}.cachenameStringRead-OnlyReturns the cache used in the policy
responsecache.{policy_name}.cachekeyStringRead-OnlyReturns the key used
responsecache.{policy_name}.cachehitBooleanRead-OnlyTrue if the policy execution is successful
responsecache.{policy_name}.invalidentryBooleanRead-OnlyTrue if the cache entry in not valid

Error codes

This section describes the error messages and flow variables that are set when this policy triggers an error. This information is important to know if you are developing fault rules for a proxy. To learn more, seeWhat you need to know about policy errors andHandling faults.

Error code prefix

N/A

Runtime errors

This policy does not throw any runtime errors.

Deployment errors

These errors can occur when you deploy a proxy containing this policy.

Tip: Need help resolving an error? Clickin the Fix column for detailed troubleshooting information.
Error nameCauseFix
InvalidTimeoutIf the<CacheLookupTimeoutInSeconds> element of theResponseCache policy is set to a negative number, then the deployment of the API proxy fails.
InvalidCacheResourceReferenceThis error occurs if the<CacheResource> element in aResponseCache policy is set to a name that does not exist in the environment where the API proxy is being deployed.
ResponseCacheStepAttachmentNotAllowedReqThis error occurs if the sameResponseCache policy is attached to multiple request paths within any flows of an API proxy.
ResponseCacheStepAttachmentNotAllowedRespThis error occurs if the sameResponseCache policy is attached to multiple response paths within any flows of an API proxy.
InvalidMessagePatternForErrorCodeThis error occurs if either the<SkipCacheLookup> or the<SkipCachePopulation> element in aResponseCache policy contains an invalid condition.
CacheNotFoundThis error occurs if the specific cache mentioned in the error message has not been created on a specific Message Processor component.

Fault variables

N/A

Example error response

N/A

Schema

Each policy type is defined by an XML schema (.xsd). For reference,policy schemas are available on GitHub.

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2026-02-19 UTC.