Configuring API policies

Each application can have multiple cloud policy rules which are evaluated in a top down fashion until a match is found. All rule criteria must match for the actions to be applied.

Attention: If you are configuring FSM-based DLP policy control for API scanning, then review the limitations. See Understanding Forcepoint DLP data pattern in API setup and policies.

Note:

API cloud policies will also OCR and scan certain image files. PDF files that are only scanned images will be OCR'd and scanned. If a PDF contain any readable text, the PDF will not be OCR'd, instead the readable text will be scanned for DLP matches. In addition, Forcepoint ONE SSE will OCR and scan any .bmp, .jpe, .jpeg, .jpg, .png and .tiff image files.

To add a cloud policy, locate your app on Protect > Policies and click the green plus icon under the API section on the app to configure your cloud policy. The Cloud Policy dialog is broken down into two sections, that is Condition and Action.