Can we set CORS rules to permit set of cross domain origins?
Yes, You can do that. You can compare the request against set of valid domains using Javascript in Apigee & Then use CORS policy with a reference variable to allowed domain. See example here.
what all are the possible transformations ? is it possible to mapping/restrict response fields(inpayload) from target endpoints?
Yes, You can do any transformation of request & response in Apigee Edge. You will have full control of request & response.
Use mediation policies / extension policies like javascript or java to modify the response payload & add / remove response payload fields.
Out of the box transformations include JSON2XML , XML2JSON. You can extract information using extract variables policy & modify the payload using Javascript, Assign Message Policy.
Is it possible to setup alerts if the configured target endpoints are not available. Something like to check the health of the target endpoints?
Yes, It’s possible. Find out more about same here.
You can implement a custom solution to send out email / any other alert in response pipe line. Similar thread here.
@RamaKrishna , Yes, It does. You can encode , decode base 64 credentials using Basic Authentication Policy. You will encode the username & password if your backend expects basic authentication, You will decode same in edge to extract username, password & validate against ldap or service using service callout policy.
@ramakrishna it might serve your team well to also attend one of our DevJam’s or Training sessions. If you go check out apigee.com you can see upcoming events.