@zuplo/runtime 6.69.10 → 6.70.0

package/out/types/index.d.ts

@@ -11,6 +11,7 @@ import type { ValidateFunction } from "ajv";
  *
  * @hidden
  * @title Anthropic to OpenAI Format Translator
+ * @product ai-gateway
  * @param request - The incoming ZuploRequest
  * @param context - The ZuploContext
  * @param options - The policy configuration options
@@ -33,6 +34,7 @@ export declare interface AIGatewayAnthropicToOpenAIInboundPolicyOptions {}
  * authenticated requests.
  * @hidden
  * @title AI Gateway Authentication
+ * @product ai-gateway
  * @public
  *
  * @param request - The incoming ZuploRequest
@@ -153,6 +155,7 @@ export declare function aiGatewayHandler(
  * You should only have one for your entire Gateway.
  *
  * @title AI Gateway Metering
+ * @product ai-gateway
  * @hidden
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -218,6 +221,7 @@ export declare interface AIGatewayMeteringInboundPolicyOptions {
  *
  * @hidden
  * @title OpenAI to Anthropic Format Translator
+ * @product ai-gateway
  * @param response - The response from the upstream service
  * @param request - The incoming ZuploRequest
  * @param context - The ZuploContext
@@ -243,6 +247,7 @@ export declare interface AIGatewayOpenAIToAnthropicOutboundPolicyOptions {}
  * what tolerance.
  *
  * @title AI Gateway Semantic Cache
+ * @product ai-gateway
  * @hidden
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -269,6 +274,7 @@ export declare interface AIGatewaySemanticCacheInboundPolicyOptions {}
  * streaming and non-streaming responses.
  *
  * @title AI Gateway Semantic Cache Outbound
+ * @product ai-gateway
  * @hidden
  * @param response - The response from the upstream service
  * @param request - The original request
@@ -309,6 +315,7 @@ export declare interface AIGatewayUsageTrackerOptions {}
  * - Adding usage headers to responses for debugging
  * @hidden
  * @title AI Gateway Usage Tracker
+ * @product ai-gateway
  * @param response - The response from the AI provider
  * @param request - The incoming ZuploRequest
  * @param context - The ZuploContext
@@ -467,11 +474,109 @@ export declare interface AkamaiApiSecurityPluginOptions {
   shouldLog?: ShouldLogFunction;
 }
 
+/**
+ * Inspects each incoming request with Akamai's Firewall for AI detect API
+ * and blocks the request if Akamai returns a `deny` rule. Useful in front of
+ * AI-powered APIs to filter prompt injection, jailbreaks, and other unsafe
+ * inputs before they reach the model.
+ *
+ * The body, headers, URL, and query string sent to Akamai are configurable;
+ * by default only the request body is captured. Bodies are read from a clone
+ * so the upstream handler still sees the original.
+ *
+ * @title Akamai Firewall for AI - Inbound
+ * @public
+ * @param request - The ZuploRequest
+ * @param context - The ZuploContext
+ * @param options - The policy options set in policies.json
+ * @param policyName - The name of the policy as set in policies.json
+ * @returns A Request or a Response
+ */
+export declare const AkamaiFirewallForAiInboundPolicy: InboundPolicyHandler<AkamaiFirewallForAiInboundPolicyOptions>;
+
+/**
+ * The options for the Akamai Firewall for AI inbound policy. Sends the incoming request to Akamai's Firewall for AI detect endpoint and blocks the request if any rule returns a 'deny' action.
+ * @public
+ */
+export declare interface AkamaiFirewallForAiInboundPolicyOptions {
+  /**
+   * Your Akamai Firewall for AI Configuration ID. This is the ID of the configuration in the Akamai Control Center that defines which detection rules to apply.
+   */
+  configurationId: string;
+  /**
+   * Your Akamai Firewall for AI API key, sent as the `Fai-Api-Key` header on each detect call.
+   */
+  "api-key": string;
+  capture?: CaptureSettings;
+  /**
+   * Behavior when Akamai returns a rule with `action: "alert"` (Akamai's Monitor mode). `log` writes a warning and lets the request through, `block` treats the alert like a deny, `none` is silent.
+   */
+  onWarn?: "log" | "block" | "none";
+  /**
+   * If true (the default), the policy throws when the Akamai detect call itself fails (network error, 5xx, malformed response). Set to false to fail open and allow the request through when Akamai is unreachable.
+   */
+  throwOnError?: boolean;
+  /**
+   * Override the Akamai Firewall for AI detect endpoint URL. The literal `{configurationId}` is replaced with the configured ID. Defaults to `https://aisec.akamai.com/fai/v1/fai-configurations/{configurationId}/detect`. Useful for regional Akamai endpoints or for pointing tests at a mock server.
+   */
+  detectUrl?: string;
+}
+
+/**
+ * Inspects each upstream response with Akamai's Firewall for AI detect API
+ * and replaces the response with a `403 Forbidden` if Akamai returns a `deny`
+ * rule. Useful behind AI-powered APIs to filter unsafe completions, sensitive
+ * data exposure, and toxic content before they reach the client.
+ *
+ * The body, headers, URL, and query string sent to Akamai are configurable;
+ * by default only the response body is captured. Bodies are read from a clone
+ * so the client still receives the original.
+ *
+ * @title Akamai Firewall for AI - Outbound
+ * @public
+ * @param response - The outgoing Response from the handler
+ * @param request - The original incoming Request
+ * @param context - The current context of the Request
+ * @param options - The configuration options for the policy
+ * @param policyName - The name of the policy as set in policies.json
+ * @returns A Response
+ */
+export declare const AkamaiFirewallForAiOutboundPolicy: OutboundPolicyHandler<AkamaiFirewallForAiOutboundPolicyOptions>;
+
+/**
+ * The options for the Akamai Firewall for AI outbound policy. Sends the upstream response to Akamai's Firewall for AI detect endpoint and blocks the response if any rule returns a 'deny' action.
+ * @public
+ */
+export declare interface AkamaiFirewallForAiOutboundPolicyOptions {
+  /**
+   * Your Akamai Firewall for AI Configuration ID. This is the ID of the configuration in the Akamai Control Center that defines which detection rules to apply.
+   */
+  configurationId: string;
+  /**
+   * Your Akamai Firewall for AI API key, sent as the `Fai-Api-Key` header on each detect call.
+   */
+  "api-key": string;
+  capture?: CaptureSettings_2;
+  /**
+   * Behavior when Akamai returns a rule with `action: "alert"` (Akamai's Monitor mode). `log` writes a warning and lets the response through, `block` treats the alert like a deny, `none` is silent.
+   */
+  onWarn?: "log" | "block" | "none";
+  /**
+   * If true (the default), the policy throws when the Akamai detect call itself fails (network error, 5xx, malformed response). Set to false to fail open and allow the response through when Akamai is unreachable.
+   */
+  throwOnError?: boolean;
+  /**
+   * Override the Akamai Firewall for AI detect endpoint URL. The literal `{configurationId}` is replaced with the configured ID. Defaults to `https://aisec.akamai.com/fai/v1/fai-configurations/{configurationId}/detect`. Useful for regional Akamai endpoints or for pointing tests at a mock server.
+   */
+  detectUrl?: string;
+}
+
 /**
  * Amberflo is a usage metering and billing service. This policy allows
  * you to send metering calls for each API to their meter ingest endpoint.
  *
  * @title Amberflo Metering / Billing
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -561,6 +666,7 @@ declare interface AmberfloMeteringProperties extends Omit<
  * version of Zuplo.
  * @hidden
  * @title API Key Authentication
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -670,6 +776,7 @@ export declare interface ApiKeyConsumerClientOptions {
  * and automatically adds user information to authenticated requests.
  *
  * @title API Key Authentication
+ * @product api-gateway
  * @public
  *
  * @param request - The incoming ZuploRequest
@@ -979,6 +1086,7 @@ declare interface AuditLogRequestFilter {
  * Authenticate users using Auth0 issued JWT tokens.
  *
  * @title Auth0 JWT Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -1015,6 +1123,7 @@ export declare interface Auth0JwtInboundPolicyOptions {
  * Authorize requests using an AuthZEN compatible PDP
  *
  * @title AuthZEN Authorization
+ * @product api-gateway
  * @beta
  * @enterprise
  * @param request - The ZuploRequest
@@ -1334,6 +1443,7 @@ export declare class AWSLoggingPlugin extends LogPlugin {
  * Authorize requests using Axiomatics Policy Server.
  *
  * @title Axiomatics Authorization
+ * @product api-gateway
  * @beta
  * @enterprise
  * @param request - The ZuploRequest
@@ -1653,6 +1763,7 @@ declare interface BasicAuthAccount {
  * Authenticate requests using basic auth (i.e. username and password)
  *
  * @title Basic Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -1701,6 +1812,7 @@ declare interface BatchDispatcherOptions {
  * The brownout policy allows performing scheduled downtime on your API
  *
  * @title Brown Out
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -1807,6 +1919,7 @@ declare interface CacheOptions {
  * Respond to matched incoming requests with cached content
  *
  * @title Caching
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -1852,6 +1965,68 @@ export declare interface CachingInboundPolicyOptions {
   statusCodes?: number[];
 }
 
+/**
+ * Controls which parts of the incoming request are sent to Akamai for inspection. Akamai's detect endpoint receives the captured fields concatenated into a single labeled text payload as `llmInput`.
+ * @public
+ */
+declare interface CaptureSettings {
+  /**
+   * Include the request body. Only text-based content types (JSON, XML, form-encoded, text/*) are sent; binary bodies are skipped. The body is read from a clone of the request so the upstream still receives it unchanged.
+   */
+  body?: boolean;
+  /**
+   * Include the request headers. By default `Authorization`, `Proxy-Authorization`, `Cookie`, and `Set-Cookie` are stripped — see the `dangerouslyInclude*` flags to override.
+   */
+  headers?: boolean;
+  /**
+   * Include the request URL (origin and path, query string excluded). Enable `queryString` separately if you also want the query string.
+   */
+  url?: boolean;
+  /**
+   * Include the request query string. Query strings sometimes contain credentials or session tokens — leave this off unless you want Akamai to see them.
+   */
+  queryString?: boolean;
+  /**
+   * If `headers` is true, also include the `Authorization` and `Proxy-Authorization` headers. Off by default because these typically contain bearer tokens.
+   */
+  dangerouslyIncludeAuthorizationHeader?: boolean;
+  /**
+   * If `headers` is true, also include the `Cookie` header. Off by default because cookies often carry session credentials.
+   */
+  dangerouslyIncludeCookieHeader?: boolean;
+}
+
+/**
+ * Controls which parts of the upstream response (and the originating request URL) are sent to Akamai for inspection. Akamai's detect endpoint receives the captured fields concatenated into a single labeled text payload as `llmOutput`.
+ * @public
+ */
+declare interface CaptureSettings_2 {
+  /**
+   * Include the response body. Only text-based content types (JSON, XML, form-encoded, text/*) are sent; binary bodies are skipped. The body is read from a clone of the response so the client still receives it unchanged.
+   */
+  body?: boolean;
+  /**
+   * Include the response headers. By default `Set-Cookie` is stripped — see `dangerouslyIncludeCookieHeader` to override.
+   */
+  headers?: boolean;
+  /**
+   * Include the originating request URL (origin and path, query string excluded). Useful as context for the response.
+   */
+  url?: boolean;
+  /**
+   * Include the originating request's query string. Query strings sometimes contain credentials or session tokens — leave this off unless you want Akamai to see them.
+   */
+  queryString?: boolean;
+  /**
+   * If `headers` is true, also include any `Authorization` or `Proxy-Authorization` headers on the response. Rarely set on responses but stripped by default for safety.
+   */
+  dangerouslyIncludeAuthorizationHeader?: boolean;
+  /**
+   * If `headers` is true, also include the `Set-Cookie` header on the response. Off by default because Set-Cookie typically carries session credentials.
+   */
+  dangerouslyIncludeCookieHeader?: boolean;
+}
+
 declare interface Category {
   Id?: string;
   CategoryId?: string;
@@ -1863,6 +2038,7 @@ declare interface Category {
  * Changes the HTTP method of the incoming request.
  *
  * @title Change Method
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -1893,6 +2069,7 @@ declare type CheckIntervalMs = number;
  * Removes all headers from the incoming request except for those in the exclude list.
  *
  * @title Clear Request Headers
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -1917,6 +2094,7 @@ export declare interface ClearHeadersInboundPolicyOptions {
  * Removes all headers from the response except for those in the exclude list.
  *
  * @title Clear Response Headers
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -1941,6 +2119,7 @@ export declare interface ClearHeadersOutboundPolicyOptions {
  * Authenticate users using Clerk issued JWT tokens.
  *
  * @title Clerk JWT Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -2002,6 +2181,7 @@ declare interface ClientCredentialsConfig {
  * Authenticate requests with JWT tokens issued by AWS Cognito.
  *
  * @title AWS Cognito JWT Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -2184,6 +2364,7 @@ export declare type ComplexRateLimitFunction =
  * let's you set rate limits based on custom counters (not just requests)
  *
  * @title Complex Rate Limiting
+ * @product api-gateway
  * @enterprise
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -2254,6 +2435,7 @@ export declare interface ComplexRateLimitInboundPolicyOptions {
  * Creates a composite, or group policy - composed of other inbound policies. For reuse across routes.
  *
  * @title Composite Inbound (Group Policies)
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -2278,6 +2460,7 @@ export declare interface CompositeInboundPolicyOptions {
  * Creates a composite, or group policy - composed of other outbound policies. For reuse across routes.
  *
  * @title Composite Outbound (Group Policies)
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -2572,6 +2755,7 @@ export declare class CryptoBeta extends BaseCryptoBeta {
  * Authenticate users using the Curity Phantom Token Pattern.
  *
  * @title Curity Phantom Token Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -2785,6 +2969,44 @@ declare const EventType: {
   readonly AI_GATEWAY_LATENCY_HISTOGRAM: "ai_gateway_latency_histogram";
   readonly AI_GATEWAY_WARNING_COUNT: "ai_gateway_warning_count";
   readonly AI_GATEWAY_BLOCKED_COUNT: "ai_gateway_blocked_count";
+  readonly MCP_GATEWAY_REQUEST_RECEIVED: "mcp_gateway_request_received";
+  readonly MCP_GATEWAY_REQUEST_COMPLETED: "mcp_gateway_request_completed";
+  readonly MCP_GATEWAY_REQUEST_REJECTED: "mcp_gateway_request_rejected";
+  readonly MCP_GATEWAY_INITIALIZE_NEGOTIATED: "mcp_gateway_initialize_negotiated";
+  readonly MCP_GATEWAY_CLIENT_UNSUPPORTED_BEHAVIOR: "mcp_gateway_client_unsupported_behavior";
+  readonly MCP_GATEWAY_CATALOG_LISTED: "mcp_gateway_catalog_listed";
+  readonly MCP_GATEWAY_CATALOG_IMPORTED: "mcp_gateway_catalog_imported";
+  readonly MCP_GATEWAY_CATALOG_DRIFT_DETECTED: "mcp_gateway_catalog_drift_detected";
+  readonly MCP_GATEWAY_CAPABILITY_LISTED: "mcp_gateway_capability_listed";
+  readonly MCP_GATEWAY_CAPABILITY_INVOKED: "mcp_gateway_capability_invoked";
+  readonly MCP_GATEWAY_CAPABILITY_COMPLETED: "mcp_gateway_capability_completed";
+  readonly MCP_GATEWAY_CAPABILITY_FAILED: "mcp_gateway_capability_failed";
+  readonly MCP_GATEWAY_CAPABILITY_CONNECT_REQUIRED: "mcp_gateway_capability_connect_required";
+  readonly MCP_GATEWAY_AUTH_DOWNSTREAM_TOKEN_VALIDATED: "mcp_gateway_auth_downstream_token_validated";
+  readonly MCP_GATEWAY_AUTH_DOWNSTREAM_TOKEN_REJECTED: "mcp_gateway_auth_downstream_token_rejected";
+  readonly MCP_GATEWAY_OAUTH_CLIENT_REGISTERED: "mcp_gateway_oauth_client_registered";
+  readonly MCP_GATEWAY_OAUTH_AUTHORIZE_STARTED: "mcp_gateway_oauth_authorize_started";
+  readonly MCP_GATEWAY_OAUTH_AUTHORIZE_AWAITING_SETUP: "mcp_gateway_oauth_authorize_awaiting_setup";
+  readonly MCP_GATEWAY_OAUTH_TOKEN_ISSUED: "mcp_gateway_oauth_token_issued";
+  readonly MCP_GATEWAY_OAUTH_TOKEN_REFRESH_ROTATED: "mcp_gateway_oauth_token_refresh_rotated";
+  readonly MCP_GATEWAY_OAUTH_TOKEN_REVOKED: "mcp_gateway_oauth_token_revoked";
+  readonly MCP_GATEWAY_AUTH_UPSTREAM_CONNECT_REQUIRED: "mcp_gateway_auth_upstream_connect_required";
+  readonly MCP_GATEWAY_AUTH_UPSTREAM_CONNECT_STARTED: "mcp_gateway_auth_upstream_connect_started";
+  readonly MCP_GATEWAY_AUTH_UPSTREAM_CALLBACK_RECEIVED: "mcp_gateway_auth_upstream_callback_received";
+  readonly MCP_GATEWAY_AUTH_UPSTREAM_TOKEN_EXCHANGE_SUCCEEDED: "mcp_gateway_auth_upstream_token_exchange_succeeded";
+  readonly MCP_GATEWAY_AUTH_UPSTREAM_TOKEN_EXCHANGE_FAILED: "mcp_gateway_auth_upstream_token_exchange_failed";
+  readonly MCP_GATEWAY_AUTH_UPSTREAM_CREDENTIAL_RESOLVED: "mcp_gateway_auth_upstream_credential_resolved";
+  readonly MCP_GATEWAY_AUTH_UPSTREAM_CREDENTIAL_MISSING: "mcp_gateway_auth_upstream_credential_missing";
+  readonly MCP_GATEWAY_AUTH_UPSTREAM_RECONSENT_REQUIRED: "mcp_gateway_auth_upstream_reconsent_required";
+  readonly MCP_GATEWAY_POLICY_DECISION: "mcp_gateway_policy_decision";
+  readonly MCP_GATEWAY_GUARDRAIL_DECISION: "mcp_gateway_guardrail_decision";
+  readonly MCP_GATEWAY_RATE_LIMIT_DECISION: "mcp_gateway_rate_limit_decision";
+  readonly MCP_GATEWAY_UPSTREAM_REQUEST_SENT: "mcp_gateway_upstream_request_sent";
+  readonly MCP_GATEWAY_UPSTREAM_REQUEST_COMPLETED: "mcp_gateway_upstream_request_completed";
+  readonly MCP_GATEWAY_UPSTREAM_REQUEST_FAILED: "mcp_gateway_upstream_request_failed";
+  readonly MCP_GATEWAY_AUDIT_VIRTUAL_SERVER_CREATED: "mcp_gateway_audit_virtual_server_created";
+  readonly MCP_GATEWAY_AUDIT_VIRTUAL_SERVER_UPDATED: "mcp_gateway_audit_virtual_server_updated";
+  readonly MCP_GATEWAY_AUDIT_VIRTUAL_SERVER_DELETED: "mcp_gateway_audit_virtual_server_deleted";
 };
 
 declare type EventType = (typeof EventType)[keyof typeof EventType];
@@ -2799,6 +3021,7 @@ declare interface FetchOptions<T> {
  * Authenticate users using Firebase issued JWT tokens.
  *
  * @title Firebase JWT Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -2831,6 +3054,7 @@ export declare interface FirebaseJwtInboundPolicyOptions {
  * Converts form data in the incoming request to JSON.
  *
  * @title Form Data to JSON
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -2921,6 +3145,7 @@ export declare interface GenerateRequestLoggerEntry<T> {
  * Block requests based on geo-location parameters: country, region code, and ASN
  *
  * @title Geo-location filtering
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -3098,6 +3323,7 @@ declare interface HeaderCredentialsConfig {
  * headers.
  *
  * @title HTTP Deprecation
+ * @product api-gateway
  * @public
  * @param response - The Response
  * @param request - The ZuploRequest
@@ -5129,6 +5355,7 @@ declare type JsonValue = JsonPrimitive | JsonObject | JsonArray;
  * Validates that the JWT token includes specific scopes
  *
  * @title JWT Scope Validation
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -5851,6 +6078,7 @@ export declare interface MockApiInboundOptions {
  * Returns example responses from the OpenAPI document associated with this route.
  *
  * @title Mock API Response
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -5875,6 +6103,7 @@ declare interface MoesifContext {
  * send metering calls for each API to their events batch endpoint.
  *
  * @title Moesif Analytics & Billing
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -5912,6 +6141,7 @@ export declare interface MoesifInboundPolicyOptions {
  * Monetization inbound policy for API key validation and usage metering.
  *
  * @title Monetization
+ * @product api-gateway
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
  * @param options - The policy options set in policies.json
@@ -6153,6 +6383,7 @@ export declare interface OAuthProtectedResourcePluginOptions {
  * Authorize requests using Okta FGA.
  *
  * @title Okta FGA Authorization
+ * @product api-gateway
  * @beta
  * @enterprise
  * @param request - The ZuploRequest
@@ -6203,6 +6434,7 @@ export declare interface OktaFGAAuthZInboundPolicyOptions {
  * Authenticate users using Okta issued JWT tokens.
  *
  * @title Okta JWT Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -6866,6 +7098,7 @@ declare namespace OpenAPIV3_1 {
  * Authorize requests using OpenFGA.
  *
  * @title OpenFGA Authorization
+ * @product api-gateway
  * @beta
  * @enterprise
  * @param request - The ZuploRequest
@@ -6931,6 +7164,7 @@ declare interface OpenFGACheck {
  * requests using an Open ID compliant bearer token.
  *
  * @title JWT Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -7000,6 +7234,7 @@ export declare interface OpenIdJwtInboundPolicyOptions {
  * It also supports entitlement checking to verify if a subject has access to a feature.
  *
  * @title OpenMeter
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -7297,6 +7532,28 @@ export declare interface ParameterDefinition extends ParameterBaseObject {
   in: string;
 }
 
+/**
+ * This is the parsed values of the Cors configuration. All
+ * values in the parsed configuration are in the format that the headers
+ * use them (i.e. everything is converted to a string)
+ */
+declare interface ParsedCorsPolicyConfiguration {
+  name: string;
+  allowCredentials: string | undefined;
+  maxAge: string | undefined;
+  allowedOrigins: string[];
+  allowedMethods?: string;
+  allowedHeaders?: string;
+  exposeHeaders?: string;
+}
+
+/**
+ * @public
+ */
+declare interface ParsedRouteData extends Omit<RouteData, "corsPolicies"> {
+  corsPolicies: ParsedCorsPolicyConfiguration[];
+}
+
 /**
  * The base class for inbound and outbound policies.
  * Provides common functionality for all policy types.
@@ -7457,6 +7714,8 @@ export declare class ProblemResponseFormatter {
  * executed against them.
  *
  * @title Prompt Injection Detection
+ * @product ai-gateway
+ * @product mcp-gateway
  * @public
  * @enterprise
  * @param request - The ZuploRequest
@@ -7494,6 +7753,7 @@ export declare interface PromptInjectionDetectionOutboundPolicyOptions {
  * Authenticate users using PropelAuth issued JWT tokens.
  *
  * @title PropelAuth JWT Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -7530,6 +7790,7 @@ export declare interface PropelAuthJwtInboundPolicyOptions {
  * Extracts a query parameter and sets it as a header in the request.
  *
  * @title Query Parameter to Header
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -7573,6 +7834,7 @@ export declare interface QuotaDetail {
  * The Quota policy enables you to set monthly, weekly, daily or hourly quotas on your API.
  *
  * @title Quota
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -7677,6 +7939,7 @@ declare type RateLimitHeaderMode_2 = "none" | "retry-after";
  * can operate in strict or async mode for different performance characteristics.
  *
  * @title Rate Limiting
+ * @product api-gateway
  * @public
  *
  * @param request - The incoming ZuploRequest
@@ -7864,6 +8127,7 @@ declare interface ReadmeMeteringInboundPolicyOptions {
  * policy pushes logs to their API calls dashboard.
  *
  * @title Readme Metrics
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -7959,6 +8223,7 @@ declare interface RelationshipCondition {
  * Remove headers from the incoming request.
  *
  * @title Remove Request Headers
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -7983,6 +8248,7 @@ export declare interface RemoveHeadersInboundPolicyOptions {
  * Remove configured headers from the outgoing response.
  *
  * @title Remove Response Headers
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -8007,6 +8273,7 @@ export declare interface RemoveHeadersOutboundPolicyOptions {
  * Remove query parameters from the incoming request
  *
  * @title Remove Query Parameters
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -8031,6 +8298,7 @@ export declare interface RemoveQueryParamsInboundPolicyOptions {
  * Replace a string in the incoming request body
  *
  * @title Replace String in Response Body
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -8131,6 +8399,7 @@ declare interface RequestReference {
  * Enforces a maximum size in bytes of the incoming request.
  *
  * @title Request Size Limit
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -8186,6 +8455,7 @@ export declare interface RequestUser<TUserData> {
  * to ensure they match the defined schema before processing.
  *
  * @title Request Validation
+ * @product api-gateway
  * @public
  *
  * @param request - The incoming ZuploRequest
@@ -8296,6 +8566,7 @@ export declare interface RequestValidationInboundPolicyOptions {
  * Sets an allow-list for an origin header
  *
  * @title Require Origin
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -8528,6 +8799,7 @@ export declare const SchemaBasedRequestValidation: InboundPolicyHandler<RequestV
  * in the response body.
  *
  * @title Secret Masking
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -8572,6 +8844,7 @@ export declare interface SecretMaskingOutboundPolicyOptions {
  * - cacheBy: Determines how cache keys are generated: 'function' for custom logic or 'propertyPath' to extract from JSON body.
  *
  * @title Semantic Cache
+ * @product ai-gateway
  * @beta
  * @enterprise
  * @param request - The ZuploRequest
@@ -8658,6 +8931,7 @@ export declare interface ServiceProvider {
  * a GET/HEAD request to another method when using this policy.
  *
  * @title Set Body
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -8684,6 +8958,7 @@ export declare interface SetBodyInboundPolicyOptions {
  * Adds or sets headers on the incoming request.
  *
  * @title Add or Set Request Headers
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -8721,6 +8996,7 @@ export declare interface SetHeadersInboundPolicyOptions {
  * Adds or sets headers on the on the outgoing response.
  *
  * @title Set Headers
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -8769,6 +9045,7 @@ export declare function setMoesifContext(
  * Adds or sets query parameters on the incoming request.
  *
  * @title Add or Set Query Parameters
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -8806,6 +9083,7 @@ export declare interface SetQueryParamsInboundPolicyOptions {
  * Sets the status code on the on the outgoing response.
  *
  * @title Set Status Code
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -8850,6 +9128,7 @@ declare type ShouldLogFunction = (
  * Add a delay to the incoming request. Useful for testing.
  *
  * @title Sleep / Delay
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -9024,6 +9303,7 @@ export declare class StreamingZoneCache {
  * The Stripe Webhook policy validates the authenticity of an incoming Stripe webhook.
  *
  * @title Stripe Webhook Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -9082,6 +9362,7 @@ export declare class SumoLogicLoggingPlugin extends LogPlugin {
  * by Supabase.
  *
  * @title Supabase JWT Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -9203,6 +9484,7 @@ declare interface UnauthenticatedCredentialConfig {
  * in order to authenticate requests using Azure identity.
  *
  * @title Upstream Azure AD Service Auth
+ * @product api-gateway
  * @public
  * @enterprise
  * @param request - The ZuploRequest
@@ -9247,6 +9529,7 @@ export declare interface UpstreamAzureAdServiceAuthInboundPolicyOptions {
  * Useful when calling Firebase services as an administrator.
  *
  * @title Upstream Firebase Admin Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -9280,6 +9563,7 @@ export declare interface UpstreamFirebaseAdminAuthInboundPolicyOptions {
  * request. Useful when calling Firebase services as user.
  *
  * @title Upstream Firebase User Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -9331,6 +9615,7 @@ export declare interface UpstreamFirebaseUserAuthInboundPolicyOptions {
  * use of a service account private key.
  *
  * @title Upstream GCP Federated Auth
+ * @product api-gateway
  * @beta
  * @enterprise
  * @param request - The ZuploRequest
@@ -9397,6 +9682,7 @@ export declare interface UpstreamGcpFederatedAuthInboundPolicyOptions {
  * services like Cloud Endpoints / ESPv2
  *
  * @title Upstream GCP Self-Signed JWT
+ * @product api-gateway
  * @public
  * @enterprise
  * @param request - The ZuploRequest
@@ -9428,6 +9714,7 @@ export declare interface UpstreamGcpJwtInboundPolicyOptions {
  * secured with GCP IAM.
  *
  * @title Upstream GCP Service Auth
+ * @product api-gateway
  * @public
  * @enterprise
  * @param request - The ZuploRequest
@@ -9486,6 +9773,7 @@ export declare interface UpstreamGcpServiceAuthInboundPolicyOptions {
  * to the specified header for upstream authentication.
  *
  * @title Upstream Zuplo JWT
+ * @product api-gateway
  * @enterprise
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -9684,6 +9972,7 @@ declare type UserDataDefault = any;
  * Validates the body of an incoming request based on a JSON schema.
  *
  * @title JSON Body Validation
+ * @product api-gateway
  * @public
  * @deprecated Use the new {@link https://zuplo.com/docs/policies/request-validation-inbound|Request Validation Policy}.
  * The new policy validates JSON bodies like this policy, but also supports validation of parameters, query strings, etc.
@@ -9806,6 +10095,7 @@ declare interface WaitUntilFunc {
  * Authenticate bots using web-bot-auth HTTP Message Signatures.
  *
  * @title Web Bot Auth
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext
@@ -9932,6 +10222,7 @@ declare interface XacmlRequest {
  * Parses XML and converts it to JSON.
  *
  * @title XML to JSON Outbound
+ * @product api-gateway
  * @public
  * @param request - The ZuploRequest
  * @param context - The ZuploContext