JSONP

2025-02-16

APPLIES TO: All API Management tiers

The jsonp policy adds JSON with padding (JSONP) support to an operation or an API to allow cross-___domain calls from JavaScript browser-based clients. JSONP is a method used in JavaScript programs to request data from a server in a different ___domain. JSONP bypasses the limitation enforced by most web browsers where access to web pages must be in the same ___domain.

Note

Set the policy's elements and child elements in the order provided in the policy statement. Learn more about how to set or edit API Management policies.

Policy statement

<jsonp callback-parameter-name="callback function name" />

Attributes

Name	Description	Required	Default
callback-parameter-name	The cross-___domain JavaScript function call prefixed with the fully qualified ___domain name where the function resides. Policy expressions are allowed.	Yes	N/A

Usage

Policy sections: outbound
Policy scopes: global, workspace, product, API, operation
Gateways: classic, v2, consumption, self-hosted, workspace

Usage notes

This policy can only be used once in a policy section.

Example

<jsonp callback-parameter-name="cb" />

If you call the method without the callback parameter ?cb=XXX, it will return plain JSON (without a function call wrapper).

If you add the callback parameter ?cb=XXX, it will return a JSONP result, wrapping the original JSON results around the callback function like XYZ('<json result goes here>');

Cross-___domain

For more information about working with policies, see:

Tutorial: Transform and protect your API
Policy reference for a full list of policy statements and their settings
Policy expressions
Set or edit policies
Reuse policy configurations
Policy snippets repo
Azure API Management policy toolkit
Get Copilot assistance to create, explain, and troubleshoot policies

Share via

JSONP

Policy statement

Attributes

Usage

Usage notes

Example

Related policies

Related content

Feedback

Additional resources