How to use the "return-response" Policy statement to build the response from scratch for an Azure API service operation?

The "return-response" Policy Statement allows you to stop the Azure API processing immediately and return with the given response.

The "forward-request" statement can be used in three ways:

1. Return an empty response with status of 200:

<return-response/>

2. Return a new response constructed with "set-status", "set-headers" and "set-body" child policy statements:

<return-response>
  <set-status... />  
  <set-header ... />  
  <set-body .../>  
</return-response>

For example, the following "inbound" policy returns a new response with status of 401:

<inbound>
   <return-response>  
      <set-status code="401" reason="Unauthorized"/>  
      <set-header name="WWW-Authenticate" exists-action="override">  
         <value>Bearer error="invalid_token"</value>  
      </set-header>  
   </return-response>  
<inbound>

3. Return an existing response created previously:

<return-response response-variable-name="existing context variable">
</return-response>

For example, the following "inbound" policy returns an existing response stored in a context variable:

<inbound>
<return-response response-variable-name="context.Variables["loginResponse"]">
</return-response>
<inbound>

⇒Policy to Control Backend Service

⇒⇒Microsoft Azure API Management Tutorials