zuplo 6.67.32 → 6.68.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +9 -0
- package/docs/_index.md +44 -0
- package/docs/ai-gateway/apps.mdx +28 -0
- package/docs/ai-gateway/custom-providers.mdx +54 -0
- package/docs/ai-gateway/getting-started.mdx +224 -0
- package/docs/ai-gateway/guardrails.mdx +65 -0
- package/docs/ai-gateway/integrations/ai-sdk.mdx +109 -0
- package/docs/ai-gateway/integrations/claude-code.mdx +49 -0
- package/docs/ai-gateway/integrations/codex.mdx +78 -0
- package/docs/ai-gateway/integrations/goose.mdx +104 -0
- package/docs/ai-gateway/integrations/langchain.mdx +66 -0
- package/docs/ai-gateway/integrations/openai.mdx +99 -0
- package/docs/ai-gateway/introduction.mdx +85 -0
- package/docs/ai-gateway/managing-apps.mdx +46 -0
- package/docs/ai-gateway/managing-providers.mdx +66 -0
- package/docs/ai-gateway/managing-teams.mdx +63 -0
- package/docs/ai-gateway/policies/akamai-ai-firewall.mdx +125 -0
- package/docs/ai-gateway/policies/comet-opik-tracing.mdx +139 -0
- package/docs/ai-gateway/policies/galileo-tracing.mdx +147 -0
- package/docs/ai-gateway/providers.mdx +32 -0
- package/docs/ai-gateway/teams.mdx +38 -0
- package/docs/ai-gateway/universal-api.mdx +43 -0
- package/docs/ai-gateway/usage-limits.mdx +89 -0
- package/docs/api-management/introduction.md +127 -0
- package/docs/articles/accounts/audit-logs.mdx +227 -0
- package/docs/articles/accounts/billing.mdx +25 -0
- package/docs/articles/accounts/default-api-key.mdx +30 -0
- package/docs/articles/accounts/delete-account.mdx +36 -0
- package/docs/articles/accounts/enterprise-sso.mdx +116 -0
- package/docs/articles/accounts/managing-account-members.mdx +45 -0
- package/docs/articles/accounts/managing-project-members.mdx +37 -0
- package/docs/articles/accounts/members-and-roles.mdx +21 -0
- package/docs/articles/accounts/roles-and-permissions.mdx +115 -0
- package/docs/articles/accounts/zuplo-api-keys.mdx +94 -0
- package/docs/articles/add-api-to-backstage.mdx +216 -0
- package/docs/articles/advanced-path-matching.mdx +139 -0
- package/docs/articles/api-key-administration.mdx +47 -0
- package/docs/articles/api-key-api.mdx +220 -0
- package/docs/articles/api-key-authentication.mdx +195 -0
- package/docs/articles/api-key-buckets.mdx +61 -0
- package/docs/articles/api-key-end-users.mdx +52 -0
- package/docs/articles/api-key-leak-detection.mdx +75 -0
- package/docs/articles/api-key-management.mdx +100 -0
- package/docs/articles/api-key-react-component.mdx +90 -0
- package/docs/articles/api-key-service-limits.mdx +14 -0
- package/docs/articles/archiving-requests-to-storage.mdx +119 -0
- package/docs/articles/branch-based-deployments.mdx +184 -0
- package/docs/articles/bypass-policy-for-testing.mdx +117 -0
- package/docs/articles/check-ip-address.mdx +17 -0
- package/docs/articles/ci-cd-azure/basic-deployment.mdx +49 -0
- package/docs/articles/ci-cd-azure/deploy-and-test.mdx +47 -0
- package/docs/articles/ci-cd-azure/local-testing.mdx +59 -0
- package/docs/articles/ci-cd-azure/multi-stage-deployment.mdx +88 -0
- package/docs/articles/ci-cd-azure/pr-preview-environments.mdx +50 -0
- package/docs/articles/ci-cd-azure/tag-based-releases.mdx +37 -0
- package/docs/articles/ci-cd-bitbucket/basic-deployment.mdx +27 -0
- package/docs/articles/ci-cd-bitbucket/deploy-and-test.mdx +41 -0
- package/docs/articles/ci-cd-bitbucket/local-testing.mdx +34 -0
- package/docs/articles/ci-cd-bitbucket/multi-stage-deployment.mdx +52 -0
- package/docs/articles/ci-cd-bitbucket/pr-preview-environments.mdx +46 -0
- package/docs/articles/ci-cd-bitbucket/tag-based-releases.mdx +27 -0
- package/docs/articles/ci-cd-circleci/basic-deployment.mdx +34 -0
- package/docs/articles/ci-cd-circleci/deploy-and-test.mdx +44 -0
- package/docs/articles/ci-cd-circleci/local-testing.mdx +50 -0
- package/docs/articles/ci-cd-circleci/multi-stage-deployment.mdx +82 -0
- package/docs/articles/ci-cd-circleci/pr-preview-environments.mdx +47 -0
- package/docs/articles/ci-cd-circleci/tag-based-releases.mdx +38 -0
- package/docs/articles/ci-cd-github/basic-deployment.mdx +48 -0
- package/docs/articles/ci-cd-github/cleanup-on-branch-delete.mdx +123 -0
- package/docs/articles/ci-cd-github/deploy-and-test.mdx +82 -0
- package/docs/articles/ci-cd-github/local-testing.mdx +102 -0
- package/docs/articles/ci-cd-github/multi-stage-deployment.mdx +136 -0
- package/docs/articles/ci-cd-github/pr-preview-environments.mdx +106 -0
- package/docs/articles/ci-cd-github/tag-based-releases.mdx +99 -0
- package/docs/articles/ci-cd-gitlab/basic-deployment.mdx +28 -0
- package/docs/articles/ci-cd-gitlab/deploy-and-test.mdx +44 -0
- package/docs/articles/ci-cd-gitlab/local-testing.mdx +39 -0
- package/docs/articles/ci-cd-gitlab/mr-preview-environments.mdx +52 -0
- package/docs/articles/ci-cd-gitlab/multi-stage-deployment.mdx +64 -0
- package/docs/articles/ci-cd-gitlab/tag-based-releases.mdx +28 -0
- package/docs/articles/composite-policy-reference.mdx +284 -0
- package/docs/articles/configuring-auth0-for-mcp-auth.mdx +186 -0
- package/docs/articles/configuring-okta-for-mcp-auth.mdx +208 -0
- package/docs/articles/convert-urls-to-openapi.mdx +62 -0
- package/docs/articles/cors.mdx +447 -0
- package/docs/articles/custom-audit-log-policy.mdx +95 -0
- package/docs/articles/custom-ci-cd-azure.mdx +81 -0
- package/docs/articles/custom-ci-cd-bitbucket.mdx +80 -0
- package/docs/articles/custom-ci-cd-circleci.mdx +78 -0
- package/docs/articles/custom-ci-cd-github.mdx +99 -0
- package/docs/articles/custom-ci-cd-gitlab.mdx +79 -0
- package/docs/articles/custom-ci-cd.mdx +82 -0
- package/docs/articles/custom-code-patterns.md +418 -0
- package/docs/articles/custom-domains.mdx +258 -0
- package/docs/articles/custom-logging-example.mdx +139 -0
- package/docs/articles/ddos-protection.mdx +138 -0
- package/docs/articles/development-options.mdx +49 -0
- package/docs/articles/environment-variables.mdx +134 -0
- package/docs/articles/environments.mdx +143 -0
- package/docs/articles/fastly-zuplo-host-setup.mdx +41 -0
- package/docs/articles/github-deployment-testing.mdx +101 -0
- package/docs/articles/gke-with-upstream-auth-policy.mdx +192 -0
- package/docs/articles/graphql-security.mdx +180 -0
- package/docs/articles/handling-form-data.mdx +61 -0
- package/docs/articles/health-checks.mdx +109 -0
- package/docs/articles/hosting-options.mdx +70 -0
- package/docs/articles/lazy-load-configuration-into-cache.mdx +92 -0
- package/docs/articles/limits.mdx +98 -0
- package/docs/articles/local-development-debugging.mdx +44 -0
- package/docs/articles/local-development-env-variables.mdx +23 -0
- package/docs/articles/local-development-installing-packages.mdx +23 -0
- package/docs/articles/local-development-routes-designer.mdx +27 -0
- package/docs/articles/local-development-services.mdx +40 -0
- package/docs/articles/local-development-troubleshooting.mdx +56 -0
- package/docs/articles/local-development.mdx +81 -0
- package/docs/articles/log-plugin-aws-cloudwatch.mdx +83 -0
- package/docs/articles/log-plugin-datadog.mdx +84 -0
- package/docs/articles/log-plugin-dynatrace.mdx +75 -0
- package/docs/articles/log-plugin-gcp.mdx +75 -0
- package/docs/articles/log-plugin-loki.mdx +136 -0
- package/docs/articles/log-plugin-new-relic.mdx +84 -0
- package/docs/articles/log-plugin-splunk.mdx +104 -0
- package/docs/articles/log-plugin-sumo.mdx +73 -0
- package/docs/articles/log-plugin-vmware-log-insight.mdx +154 -0
- package/docs/articles/log-request-response-data.mdx +398 -0
- package/docs/articles/logging.mdx +115 -0
- package/docs/articles/manual-mcp-oauth-testing.mdx +193 -0
- package/docs/articles/mcp-quickstart.mdx +135 -0
- package/docs/articles/metrics-plugins.mdx +371 -0
- package/docs/articles/migrate-from-apigee.md +408 -0
- package/docs/articles/migrate-from-aws-api-gateway.md +248 -0
- package/docs/articles/migrate-from-azure-apim.md +292 -0
- package/docs/articles/migrate-from-kong.md +300 -0
- package/docs/articles/migration-overview.md +81 -0
- package/docs/articles/monetization/api-access.mdx +69 -0
- package/docs/articles/monetization/billing-models.md +520 -0
- package/docs/articles/monetization/developer-portal.md +167 -0
- package/docs/articles/monetization/features.mdx +98 -0
- package/docs/articles/monetization/index.mdx +113 -0
- package/docs/articles/monetization/meters.mdx +135 -0
- package/docs/articles/monetization/monetization-policy.md +314 -0
- package/docs/articles/monetization/plan-examples.mdx +366 -0
- package/docs/articles/monetization/plans.mdx +266 -0
- package/docs/articles/monetization/pricing-models.mdx +225 -0
- package/docs/articles/monetization/private-plans.md +154 -0
- package/docs/articles/monetization/quickstart.md +355 -0
- package/docs/articles/monetization/rate-cards.mdx +171 -0
- package/docs/articles/monetization/stripe-integration.md +195 -0
- package/docs/articles/monetization/subscription-lifecycle.md +298 -0
- package/docs/articles/monetization/tax-collection.md +166 -0
- package/docs/articles/monetization/troubleshooting.md +272 -0
- package/docs/articles/monetization-custom.mdx +71 -0
- package/docs/articles/monetization-integrations.mdx +104 -0
- package/docs/articles/monitoring-your-gateway.mdx +53 -0
- package/docs/articles/monorepo-deployment.mdx +350 -0
- package/docs/articles/multiple-auth-policies.mdx +81 -0
- package/docs/articles/non-standard-ports.mdx +30 -0
- package/docs/articles/oauth-authentication.mdx +54 -0
- package/docs/articles/openapi-server-urls.mdx +60 -0
- package/docs/articles/openapi.mdx +130 -0
- package/docs/articles/opentelemetry.mdx +250 -0
- package/docs/articles/per-user-rate-limits-using-db.mdx +112 -0
- package/docs/articles/performance-testing.mdx +304 -0
- package/docs/articles/plugin-akamai-api-security.mdx +76 -0
- package/docs/articles/plugin-azure-blob.mdx +73 -0
- package/docs/articles/plugin-azure-event-hubs.mdx +64 -0
- package/docs/articles/plugin-hydrolix-traffic-peak.mdx +147 -0
- package/docs/articles/policies.mdx +33 -0
- package/docs/articles/rename-or-move-project.mdx +39 -0
- package/docs/articles/rick-and-morty-api-developer-portal-example.mdx +23 -0
- package/docs/articles/routing.mdx +193 -0
- package/docs/articles/s3-signed-url-uploads.mdx +521 -0
- package/docs/articles/secure-tunnel.mdx +84 -0
- package/docs/articles/securing-backend-mtls.mdx +268 -0
- package/docs/articles/securing-your-backend.mdx +148 -0
- package/docs/articles/security.mdx +105 -0
- package/docs/articles/sharing-code-across-projects.mdx +412 -0
- package/docs/articles/source-control-setup-azure.mdx +13 -0
- package/docs/articles/source-control-setup-bitbucket.mdx +43 -0
- package/docs/articles/source-control-setup-github.mdx +172 -0
- package/docs/articles/source-control-setup-gitlab.mdx +12 -0
- package/docs/articles/source-control.mdx +80 -0
- package/docs/articles/step-1-setup-basic-gateway-local.mdx +136 -0
- package/docs/articles/step-1-setup-basic-gateway.mdx +118 -0
- package/docs/articles/step-2-add-rate-limiting-local.mdx +126 -0
- package/docs/articles/step-2-add-rate-limiting.mdx +82 -0
- package/docs/articles/step-3-add-api-key-auth-local.mdx +199 -0
- package/docs/articles/step-3-add-api-key-auth.mdx +166 -0
- package/docs/articles/step-4-deploying-to-the-edge.mdx +220 -0
- package/docs/articles/step-5-dynamic-rate-limiting.mdx +167 -0
- package/docs/articles/support.mdx +144 -0
- package/docs/articles/terraform.mdx +114 -0
- package/docs/articles/testing-graphql.mdx +34 -0
- package/docs/articles/testing.mdx +522 -0
- package/docs/articles/troubleshooting-slow-responses.mdx +301 -0
- package/docs/articles/troubleshooting.md +302 -0
- package/docs/articles/tsconfig.mdx +105 -0
- package/docs/articles/tunnel-setup.mdx +195 -0
- package/docs/articles/tunnel-troubleshooting.mdx +50 -0
- package/docs/articles/update-zup-in-github-action.mdx +110 -0
- package/docs/articles/use-openapi-extension-data.mdx +79 -0
- package/docs/articles/users/multifactor-authentication.mdx +64 -0
- package/docs/articles/users/profile.mdx +13 -0
- package/docs/articles/versioning-on-zuplo.mdx +89 -0
- package/docs/articles/waf-ddos-akamai.md +133 -0
- package/docs/articles/waf-ddos-aws-waf-shield.mdx +85 -0
- package/docs/articles/waf-ddos-fastly.mdx +251 -0
- package/docs/articles/waf-ddos.mdx +140 -0
- package/docs/articles/zuplo-waf.mdx +156 -0
- package/docs/ask.mdx +3 -0
- package/docs/cli/authentication.mdx +56 -0
- package/docs/cli/connectivity.mdx +38 -0
- package/docs/cli/create-zuplo-api.mdx +80 -0
- package/docs/cli/delete.mdx +79 -0
- package/docs/cli/deploy.mdx +156 -0
- package/docs/cli/deploy.partial.mdx +46 -0
- package/docs/cli/dev.mdx +115 -0
- package/docs/cli/docs.mdx +66 -0
- package/docs/cli/editor.mdx +50 -0
- package/docs/cli/global-options.mdx +19 -0
- package/docs/cli/init.mdx +74 -0
- package/docs/cli/link.mdx +74 -0
- package/docs/cli/list.mdx +55 -0
- package/docs/cli/mtls-certificate-create.mdx +94 -0
- package/docs/cli/mtls-certificate-delete.mdx +55 -0
- package/docs/cli/mtls-certificate-describe.mdx +55 -0
- package/docs/cli/mtls-certificate-disable.mdx +55 -0
- package/docs/cli/mtls-certificate-list.mdx +47 -0
- package/docs/cli/mtls-certificate-update.mdx +72 -0
- package/docs/cli/openapi-convert.mdx +111 -0
- package/docs/cli/openapi-merge.mdx +138 -0
- package/docs/cli/openapi-merge.partial.mdx +29 -0
- package/docs/cli/openapi-overlay.mdx +123 -0
- package/docs/cli/overview.mdx +78 -0
- package/docs/cli/project-create.mdx +43 -0
- package/docs/cli/source-migrate.mdx +18 -0
- package/docs/cli/source-upgrade.mdx +41 -0
- package/docs/cli/test.mdx +70 -0
- package/docs/cli/test.partial.mdx +7 -0
- package/docs/cli/tunnel-create.mdx +53 -0
- package/docs/cli/tunnel-create.partial.mdx +9 -0
- package/docs/cli/tunnel-delete.mdx +35 -0
- package/docs/cli/tunnel-delete.partial.mdx +9 -0
- package/docs/cli/tunnel-describe.mdx +45 -0
- package/docs/cli/tunnel-describe.partial.mdx +5 -0
- package/docs/cli/tunnel-list.mdx +35 -0
- package/docs/cli/tunnel-list.partial.mdx +9 -0
- package/docs/cli/tunnel-rate-token.partial.mdx +9 -0
- package/docs/cli/tunnel-rotate-token.mdx +39 -0
- package/docs/cli/tunnel-services-describe.mdx +45 -0
- package/docs/cli/tunnel-services-describe.partial.mdx +9 -0
- package/docs/cli/tunnel-services-update.mdx +48 -0
- package/docs/cli/variable-create.mdx +91 -0
- package/docs/cli/variable-create.partial.mdx +5 -0
- package/docs/cli/variable-update.mdx +75 -0
- package/docs/cli/variable-update.partial.mdx +5 -0
- package/docs/concepts/api-keys.md +146 -0
- package/docs/concepts/authentication.mdx +109 -0
- package/docs/concepts/how-zuplo-works.mdx +120 -0
- package/docs/concepts/project-structure.mdx +174 -0
- package/docs/concepts/rate-limiting.md +246 -0
- package/docs/concepts/request-lifecycle.mdx +56 -0
- package/docs/concepts/source-control-and-deployment.mdx +229 -0
- package/docs/conferences/conference-prize-terms.mdx +80 -0
- package/docs/dedicated/akamai/ai-powered-applications.mdx +223 -0
- package/docs/dedicated/akamai/architecture.mdx +280 -0
- package/docs/dedicated/akamai/caching.mdx +212 -0
- package/docs/dedicated/akamai/cdn.mdx +156 -0
- package/docs/dedicated/architecture.mdx +208 -0
- package/docs/dedicated/custom-domains.mdx +31 -0
- package/docs/dedicated/federated-gateways.mdx +80 -0
- package/docs/dedicated/networking.mdx +69 -0
- package/docs/dedicated/overview.mdx +80 -0
- package/docs/dedicated/source-control.mdx +63 -0
- package/docs/dev-portal/dev-portal-create-consumer-on-auth.mdx +134 -0
- package/docs/dev-portal/introduction.mdx +65 -0
- package/docs/dev-portal/local-development.mdx +72 -0
- package/docs/dev-portal/migration.mdx +526 -0
- package/docs/dev-portal/node-modules.mdx +45 -0
- package/docs/dev-portal/updating.mdx +28 -0
- package/docs/dev-portal/zudoku/components/alert.mdx +130 -0
- package/docs/dev-portal/zudoku/components/badge.mdx +70 -0
- package/docs/dev-portal/zudoku/components/button.mdx +132 -0
- package/docs/dev-portal/zudoku/components/callout.mdx +112 -0
- package/docs/dev-portal/zudoku/components/card.mdx +104 -0
- package/docs/dev-portal/zudoku/components/checkbox.mdx +72 -0
- package/docs/dev-portal/zudoku/components/client-only.mdx +79 -0
- package/docs/dev-portal/zudoku/components/code-tabs.mdx +179 -0
- package/docs/dev-portal/zudoku/components/dialog.mdx +167 -0
- package/docs/dev-portal/zudoku/components/head.mdx +199 -0
- package/docs/dev-portal/zudoku/components/icons.mdx +27 -0
- package/docs/dev-portal/zudoku/components/input.mdx +96 -0
- package/docs/dev-portal/zudoku/components/label.mdx +86 -0
- package/docs/dev-portal/zudoku/components/link.mdx +242 -0
- package/docs/dev-portal/zudoku/components/markdown.mdx +151 -0
- package/docs/dev-portal/zudoku/components/mermaid.mdx +81 -0
- package/docs/dev-portal/zudoku/components/playground.mdx +87 -0
- package/docs/dev-portal/zudoku/components/secret.mdx +78 -0
- package/docs/dev-portal/zudoku/components/select.mdx +176 -0
- package/docs/dev-portal/zudoku/components/shadcn.mdx +73 -0
- package/docs/dev-portal/zudoku/components/slider.mdx +108 -0
- package/docs/dev-portal/zudoku/components/slot.mdx +119 -0
- package/docs/dev-portal/zudoku/components/stepper.mdx +138 -0
- package/docs/dev-portal/zudoku/components/switch.mdx +96 -0
- package/docs/dev-portal/zudoku/components/syntax-highlight.mdx +602 -0
- package/docs/dev-portal/zudoku/components/textarea.mdx +78 -0
- package/docs/dev-portal/zudoku/components/tooltip.mdx +195 -0
- package/docs/dev-portal/zudoku/components/typography.mdx +61 -0
- package/docs/dev-portal/zudoku/configuration/ai-assistants.md +64 -0
- package/docs/dev-portal/zudoku/configuration/api-catalog.md +108 -0
- package/docs/dev-portal/zudoku/configuration/api-reference.md +397 -0
- package/docs/dev-portal/zudoku/configuration/authentication-auth0.md +173 -0
- package/docs/dev-portal/zudoku/configuration/authentication-azure-ad.md +238 -0
- package/docs/dev-portal/zudoku/configuration/authentication-clerk.md +110 -0
- package/docs/dev-portal/zudoku/configuration/authentication-firebase.md +61 -0
- package/docs/dev-portal/zudoku/configuration/authentication-pingfederate.md +136 -0
- package/docs/dev-portal/zudoku/configuration/authentication-supabase.md +225 -0
- package/docs/dev-portal/zudoku/configuration/authentication.md +199 -0
- package/docs/dev-portal/zudoku/configuration/build-configuration.mdx +147 -0
- package/docs/dev-portal/zudoku/configuration/docs.md +282 -0
- package/docs/dev-portal/zudoku/configuration/footer.mdx +214 -0
- package/docs/dev-portal/zudoku/configuration/llms.md +89 -0
- package/docs/dev-portal/zudoku/configuration/navigation.mdx +408 -0
- package/docs/dev-portal/zudoku/configuration/overview.md +380 -0
- package/docs/dev-portal/zudoku/configuration/protected-routes.md +149 -0
- package/docs/dev-portal/zudoku/configuration/search.md +169 -0
- package/docs/dev-portal/zudoku/configuration/sentry.mdx +44 -0
- package/docs/dev-portal/zudoku/configuration/site.md +124 -0
- package/docs/dev-portal/zudoku/configuration/slots.mdx +124 -0
- package/docs/dev-portal/zudoku/configuration/vite-config.md +18 -0
- package/docs/dev-portal/zudoku/custom-plugins.md +287 -0
- package/docs/dev-portal/zudoku/customization/colors-theme.mdx +275 -0
- package/docs/dev-portal/zudoku/customization/fonts.md +110 -0
- package/docs/dev-portal/zudoku/extending/events.md +124 -0
- package/docs/dev-portal/zudoku/guides/custom-pages.md +106 -0
- package/docs/dev-portal/zudoku/guides/environment-variables.md +99 -0
- package/docs/dev-portal/zudoku/guides/mermaid.mdx +70 -0
- package/docs/dev-portal/zudoku/guides/navigation-migration.md +87 -0
- package/docs/dev-portal/zudoku/guides/navigation-rules.mdx +197 -0
- package/docs/dev-portal/zudoku/guides/processors.mdx +234 -0
- package/docs/dev-portal/zudoku/guides/static-files.md +55 -0
- package/docs/dev-portal/zudoku/guides/transforming-examples.md +156 -0
- package/docs/dev-portal/zudoku/guides/using-multiple-apis.md +87 -0
- package/docs/dev-portal/zudoku/markdown/admonitions.md +128 -0
- package/docs/dev-portal/zudoku/markdown/code-blocks.md +196 -0
- package/docs/dev-portal/zudoku/markdown/frontmatter.md +172 -0
- package/docs/dev-portal/zudoku/markdown/mdx.md +68 -0
- package/docs/dev-portal/zudoku/markdown/overview.md +275 -0
- package/docs/dev-portal/zudoku/plugins.md +5 -0
- package/docs/dev-portal/zudoku/writing.mdx +72 -0
- package/docs/errors/bad-request.mdx +39 -0
- package/docs/errors/build-error.mdx +45 -0
- package/docs/errors/fatal-project-error.mdx +39 -0
- package/docs/errors/gateway-timeout.mdx +33 -0
- package/docs/errors/get-head-body-error.mdx +41 -0
- package/docs/errors/main-mod-error.mdx +40 -0
- package/docs/errors/no-project-set.mdx +41 -0
- package/docs/errors/not-found.mdx +43 -0
- package/docs/errors/rate-limit-exceeded.mdx +31 -0
- package/docs/errors/schema-validation-failed.mdx +51 -0
- package/docs/errors/system-configuration-error.mdx +44 -0
- package/docs/errors/unauthorized.mdx +50 -0
- package/docs/errors/unknown-error.mdx +42 -0
- package/docs/errors.mdx +14 -0
- package/docs/guides/canary-routing-for-employees.mdx +385 -0
- package/docs/guides/geolocation-backend-routing.mdx +404 -0
- package/docs/guides/modify-openapi-paths.mdx +371 -0
- package/docs/guides/openapi-overlays.mdx +492 -0
- package/docs/guides/overview.mdx +12 -0
- package/docs/guides/user-based-backend-routing.mdx +437 -0
- package/docs/handlers/aws-lambda.mdx +201 -0
- package/docs/handlers/custom-handler.mdx +112 -0
- package/docs/handlers/legacy-dev-portal-handler.mdx +135 -0
- package/docs/handlers/mcp-server.mdx +730 -0
- package/docs/handlers/openapi.mdx +78 -0
- package/docs/handlers/redirect.mdx +115 -0
- package/docs/handlers/system-handlers.mdx +41 -0
- package/docs/handlers/url-forward.mdx +204 -0
- package/docs/handlers/url-rewrite.mdx +224 -0
- package/docs/handlers/websocket-handler.mdx +154 -0
- package/docs/home.mdx +6 -0
- package/docs/managed-edge/overview.md +78 -0
- package/docs/mcp-server/configuration-migration-guide.mdx +344 -0
- package/docs/mcp-server/custom-tools.mdx +487 -0
- package/docs/mcp-server/graphql.mdx +241 -0
- package/docs/mcp-server/introduction.mdx +122 -0
- package/docs/mcp-server/openai-apps-sdk.mdx +160 -0
- package/docs/mcp-server/prompts.mdx +283 -0
- package/docs/mcp-server/resources.mdx +288 -0
- package/docs/mcp-server/testing.mdx +53 -0
- package/docs/mcp-server/tools.mdx +306 -0
- package/docs/policies/_index.md +92 -0
- package/docs/policies/ab-test-inbound/intro.md +8 -0
- package/docs/policies/ab-test-inbound/policy.ts +14 -0
- package/docs/policies/ab-test-inbound/schema.json +27 -0
- package/docs/policies/ab-test-outbound/intro.md +8 -0
- package/docs/policies/ab-test-outbound/policy.ts +26 -0
- package/docs/policies/ab-test-outbound/schema.json +27 -0
- package/docs/policies/acl-policy-inbound/intro.md +5 -0
- package/docs/policies/acl-policy-inbound/policy.ts +32 -0
- package/docs/policies/acl-policy-inbound/schema.json +52 -0
- package/docs/policies/akamai-ai-firewall/schema.json +98 -0
- package/docs/policies/amberflo-metering-inbound/doc.md +183 -0
- package/docs/policies/amberflo-metering-inbound/intro.md +20 -0
- package/docs/policies/amberflo-metering-inbound/schema.json +108 -0
- package/docs/policies/api-key-inbound/doc.md +77 -0
- package/docs/policies/api-key-inbound/intro.md +30 -0
- package/docs/policies/api-key-inbound/schema.json +84 -0
- package/docs/policies/archive-request-aws-s3-inbound/intro.md +4 -0
- package/docs/policies/archive-request-aws-s3-inbound/policy.ts +58 -0
- package/docs/policies/archive-request-aws-s3-inbound/schema.json +68 -0
- package/docs/policies/archive-request-azure-storage-inbound/doc.md +31 -0
- package/docs/policies/archive-request-azure-storage-inbound/intro.md +4 -0
- package/docs/policies/archive-request-azure-storage-inbound/policy.ts +54 -0
- package/docs/policies/archive-request-azure-storage-inbound/schema.json +53 -0
- package/docs/policies/archive-request-gcp-storage-inbound/doc.md +63 -0
- package/docs/policies/archive-request-gcp-storage-inbound/intro.md +4 -0
- package/docs/policies/archive-request-gcp-storage-inbound/policy.ts +68 -0
- package/docs/policies/archive-request-gcp-storage-inbound/schema.json +47 -0
- package/docs/policies/archive-response-aws-s3-outbound/intro.md +2 -0
- package/docs/policies/archive-response-aws-s3-outbound/policy.ts +59 -0
- package/docs/policies/archive-response-aws-s3-outbound/schema.json +68 -0
- package/docs/policies/archive-response-azure-storage-outbound/doc.md +31 -0
- package/docs/policies/archive-response-azure-storage-outbound/intro.md +3 -0
- package/docs/policies/archive-response-azure-storage-outbound/policy.ts +54 -0
- package/docs/policies/archive-response-azure-storage-outbound/schema.json +53 -0
- package/docs/policies/audit-log-inbound/doc.md +78 -0
- package/docs/policies/audit-log-inbound/intro.md +10 -0
- package/docs/policies/audit-log-inbound/schema.json +81 -0
- package/docs/policies/auth0-jwt-auth-inbound/doc.md +125 -0
- package/docs/policies/auth0-jwt-auth-inbound/intro.md +17 -0
- package/docs/policies/auth0-jwt-auth-inbound/schema.json +74 -0
- package/docs/policies/authzen-inbound/doc.md +24 -0
- package/docs/policies/authzen-inbound/intro.md +31 -0
- package/docs/policies/authzen-inbound/schema.json +126 -0
- package/docs/policies/axiomatics-authz-inbound/doc.md +144 -0
- package/docs/policies/axiomatics-authz-inbound/intro.md +11 -0
- package/docs/policies/axiomatics-authz-inbound/schema.json +161 -0
- package/docs/policies/basic-auth-inbound/intro.md +9 -0
- package/docs/policies/basic-auth-inbound/schema.json +99 -0
- package/docs/policies/bot-detection-inbound/intro.md +4 -0
- package/docs/policies/bot-detection-inbound/schema.json +56 -0
- package/docs/policies/brownout-inbound/doc.md +55 -0
- package/docs/policies/brownout-inbound/intro.md +12 -0
- package/docs/policies/brownout-inbound/schema.json +115 -0
- package/docs/policies/caching-inbound/doc.md +209 -0
- package/docs/policies/caching-inbound/intro.md +23 -0
- package/docs/policies/caching-inbound/schema.json +98 -0
- package/docs/policies/change-method-inbound/schema.json +56 -0
- package/docs/policies/clear-headers-inbound/schema.json +59 -0
- package/docs/policies/clear-headers-outbound/schema.json +59 -0
- package/docs/policies/clerk-jwt-auth-inbound/doc.md +85 -0
- package/docs/policies/clerk-jwt-auth-inbound/intro.md +4 -0
- package/docs/policies/clerk-jwt-auth-inbound/schema.json +68 -0
- package/docs/policies/cognito-jwt-auth-inbound/intro.md +7 -0
- package/docs/policies/cognito-jwt-auth-inbound/schema.json +74 -0
- package/docs/policies/comet-opik-tracing-inbound/schema.json +65 -0
- package/docs/policies/complex-rate-limit-inbound/doc.md +20 -0
- package/docs/policies/complex-rate-limit-inbound/intro.md +23 -0
- package/docs/policies/complex-rate-limit-inbound/schema.json +142 -0
- package/docs/policies/composite-inbound/doc.md +69 -0
- package/docs/policies/composite-inbound/intro.md +15 -0
- package/docs/policies/composite-inbound/schema.json +59 -0
- package/docs/policies/composite-outbound/intro.md +6 -0
- package/docs/policies/composite-outbound/schema.json +59 -0
- package/docs/policies/curity-phantom-token-inbound/doc.md +109 -0
- package/docs/policies/curity-phantom-token-inbound/intro.md +3 -0
- package/docs/policies/curity-phantom-token-inbound/schema.json +68 -0
- package/docs/policies/custom-code-inbound/doc.md +267 -0
- package/docs/policies/custom-code-inbound/intro.md +2 -0
- package/docs/policies/custom-code-inbound/schema.json +48 -0
- package/docs/policies/custom-code-outbound/doc.md +235 -0
- package/docs/policies/custom-code-outbound/intro.md +2 -0
- package/docs/policies/custom-code-outbound/schema.json +43 -0
- package/docs/policies/firebase-jwt-inbound/intro.md +6 -0
- package/docs/policies/firebase-jwt-inbound/schema.json +68 -0
- package/docs/policies/formdata-to-json-inbound/schema.json +60 -0
- package/docs/policies/galileo-tracing-inbound/schema.json +65 -0
- package/docs/policies/geo-filter-inbound/doc.md +33 -0
- package/docs/policies/geo-filter-inbound/schema.json +108 -0
- package/docs/policies/graphql-complexity-limit-inbound/doc.md +48 -0
- package/docs/policies/graphql-complexity-limit-inbound/intro.md +2 -0
- package/docs/policies/graphql-complexity-limit-inbound/schema.json +90 -0
- package/docs/policies/graphql-disable-introspection-inbound/doc.md +66 -0
- package/docs/policies/graphql-disable-introspection-inbound/intro.md +15 -0
- package/docs/policies/graphql-disable-introspection-inbound/schema.json +48 -0
- package/docs/policies/graphql-introspection-filter-outbound/doc.md +148 -0
- package/docs/policies/graphql-introspection-filter-outbound/schema.json +79 -0
- package/docs/policies/hmac-auth-inbound/doc.md +30 -0
- package/docs/policies/hmac-auth-inbound/intro.md +10 -0
- package/docs/policies/hmac-auth-inbound/policy.ts +70 -0
- package/docs/policies/hmac-auth-inbound/schema.json +53 -0
- package/docs/policies/http-deprecation-outbound/doc.md +73 -0
- package/docs/policies/http-deprecation-outbound/schema.json +83 -0
- package/docs/policies/ip-restriction-inbound/intro.md +8 -0
- package/docs/policies/ip-restriction-inbound/policy.ts +40 -0
- package/docs/policies/ip-restriction-inbound/schema.json +58 -0
- package/docs/policies/jwt-scopes-inbound/schema.json +59 -0
- package/docs/policies/ldap-auth-inbound/schema.json +56 -0
- package/docs/policies/mock-api-inbound/schema.json +72 -0
- package/docs/policies/moesif-inbound/doc.md +44 -0
- package/docs/policies/moesif-inbound/intro.md +6 -0
- package/docs/policies/moesif-inbound/schema.json +68 -0
- package/docs/policies/monetization-inbound/doc.md +87 -0
- package/docs/policies/monetization-inbound/intro.md +6 -0
- package/docs/policies/monetization-inbound/schema.json +102 -0
- package/docs/policies/mtls-auth-inbound/intro.md +6 -0
- package/docs/policies/mtls-auth-inbound/schema.json +68 -0
- package/docs/policies/okta-fga-authz-inbound/doc.md +181 -0
- package/docs/policies/okta-fga-authz-inbound/intro.md +20 -0
- package/docs/policies/okta-fga-authz-inbound/schema.json +104 -0
- package/docs/policies/okta-jwt-auth-inbound/intro.md +7 -0
- package/docs/policies/okta-jwt-auth-inbound/schema.json +74 -0
- package/docs/policies/open-id-jwt-auth-inbound/doc.md +58 -0
- package/docs/policies/open-id-jwt-auth-inbound/intro.md +30 -0
- package/docs/policies/open-id-jwt-auth-inbound/schema.json +128 -0
- package/docs/policies/openfga-authz-inbound/doc.md +207 -0
- package/docs/policies/openfga-authz-inbound/intro.md +17 -0
- package/docs/policies/openfga-authz-inbound/schema.json +191 -0
- package/docs/policies/openmeter-inbound/doc.md +163 -0
- package/docs/policies/openmeter-inbound/intro.md +18 -0
- package/docs/policies/openmeter-inbound/schema.json +183 -0
- package/docs/policies/prompt-injection-outbound/doc.md +106 -0
- package/docs/policies/prompt-injection-outbound/intro.md +4 -0
- package/docs/policies/prompt-injection-outbound/schema.json +74 -0
- package/docs/policies/propel-auth-jwt-inbound/doc.md +88 -0
- package/docs/policies/propel-auth-jwt-inbound/intro.md +4 -0
- package/docs/policies/propel-auth-jwt-inbound/schema.json +74 -0
- package/docs/policies/query-param-to-header-inbound/doc.md +70 -0
- package/docs/policies/query-param-to-header-inbound/intro.md +5 -0
- package/docs/policies/query-param-to-header-inbound/schema.json +74 -0
- package/docs/policies/quota-inbound/doc.md +235 -0
- package/docs/policies/quota-inbound/intro.md +7 -0
- package/docs/policies/quota-inbound/schema.json +133 -0
- package/docs/policies/rate-limit-inbound/doc.md +78 -0
- package/docs/policies/rate-limit-inbound/intro.md +30 -0
- package/docs/policies/rate-limit-inbound/schema.json +134 -0
- package/docs/policies/rbac-policy-inbound/intro.md +3 -0
- package/docs/policies/rbac-policy-inbound/policy.ts +42 -0
- package/docs/policies/rbac-policy-inbound/schema.json +52 -0
- package/docs/policies/readme-metrics-inbound/doc.md +1 -0
- package/docs/policies/readme-metrics-inbound/intro.md +3 -0
- package/docs/policies/readme-metrics-inbound/schema.json +84 -0
- package/docs/policies/remove-headers-inbound/schema.json +59 -0
- package/docs/policies/remove-headers-outbound/schema.json +59 -0
- package/docs/policies/remove-query-params-inbound/schema.json +59 -0
- package/docs/policies/replace-string-outbound/schema.json +69 -0
- package/docs/policies/request-size-limit-inbound/schema.json +60 -0
- package/docs/policies/request-validation-inbound/doc.md +72 -0
- package/docs/policies/request-validation-inbound/intro.md +24 -0
- package/docs/policies/request-validation-inbound/schema.json +98 -0
- package/docs/policies/require-origin-inbound/intro.md +12 -0
- package/docs/policies/require-origin-inbound/schema.json +65 -0
- package/docs/policies/secret-masking-outbound/doc.md +41 -0
- package/docs/policies/secret-masking-outbound/intro.md +13 -0
- package/docs/policies/secret-masking-outbound/schema.json +65 -0
- package/docs/policies/semantic-cache-inbound/doc.md +63 -0
- package/docs/policies/semantic-cache-inbound/intro.md +4 -0
- package/docs/policies/semantic-cache-inbound/schema.json +179 -0
- package/docs/policies/set-body-inbound/intro.md +7 -0
- package/docs/policies/set-body-inbound/schema.json +56 -0
- package/docs/policies/set-headers-inbound/doc.md +41 -0
- package/docs/policies/set-headers-inbound/intro.md +2 -0
- package/docs/policies/set-headers-inbound/schema.json +83 -0
- package/docs/policies/set-headers-outbound/schema.json +83 -0
- package/docs/policies/set-query-params-inbound/schema.json +83 -0
- package/docs/policies/set-status-outbound/schema.json +62 -0
- package/docs/policies/sleep-inbound/schema.json +56 -0
- package/docs/policies/stripe-webhook-verification-inbound/intro.md +2 -0
- package/docs/policies/stripe-webhook-verification-inbound/schema.json +60 -0
- package/docs/policies/supabase-jwt-auth-inbound/doc.md +29 -0
- package/docs/policies/supabase-jwt-auth-inbound/intro.md +12 -0
- package/docs/policies/supabase-jwt-auth-inbound/schema.json +86 -0
- package/docs/policies/transform-body-inbound/intro.md +8 -0
- package/docs/policies/transform-body-inbound/policy.ts +16 -0
- package/docs/policies/transform-body-inbound/schema.json +27 -0
- package/docs/policies/transform-body-outbound/intro.md +8 -0
- package/docs/policies/transform-body-outbound/policy.ts +19 -0
- package/docs/policies/transform-body-outbound/schema.json +27 -0
- package/docs/policies/upstream-azure-ad-service-auth-inbound/doc.md +82 -0
- package/docs/policies/upstream-azure-ad-service-auth-inbound/intro.md +20 -0
- package/docs/policies/upstream-azure-ad-service-auth-inbound/schema.json +84 -0
- package/docs/policies/upstream-firebase-admin-auth-inbound/intro.md +10 -0
- package/docs/policies/upstream-firebase-admin-auth-inbound/schema.json +68 -0
- package/docs/policies/upstream-firebase-user-auth-inbound/intro.md +2 -0
- package/docs/policies/upstream-firebase-user-auth-inbound/schema.json +113 -0
- package/docs/policies/upstream-gcp-federated-auth-inbound/doc.md +139 -0
- package/docs/policies/upstream-gcp-federated-auth-inbound/intro.md +21 -0
- package/docs/policies/upstream-gcp-federated-auth-inbound/schema.json +96 -0
- package/docs/policies/upstream-gcp-jwt-inbound/intro.md +10 -0
- package/docs/policies/upstream-gcp-jwt-inbound/schema.json +62 -0
- package/docs/policies/upstream-gcp-service-auth-inbound/doc.md +132 -0
- package/docs/policies/upstream-gcp-service-auth-inbound/intro.md +25 -0
- package/docs/policies/upstream-gcp-service-auth-inbound/schema.json +95 -0
- package/docs/policies/upstream-zuplo-jwt-auth-inbound/doc.md +213 -0
- package/docs/policies/upstream-zuplo-jwt-auth-inbound/intro.md +16 -0
- package/docs/policies/upstream-zuplo-jwt-auth-inbound/schema.json +101 -0
- package/docs/policies/validate-json-schema-inbound/doc.md +129 -0
- package/docs/policies/validate-json-schema-inbound/intro.md +7 -0
- package/docs/policies/validate-json-schema-inbound/schema.json +56 -0
- package/docs/policies/web-bot-auth-inbound/doc.md +104 -0
- package/docs/policies/web-bot-auth-inbound/intro.md +16 -0
- package/docs/policies/web-bot-auth-inbound/schema.json +76 -0
- package/docs/policies/xml-to-json-outbound/doc.md +71 -0
- package/docs/policies/xml-to-json-outbound/intro.md +4 -0
- package/docs/policies/xml-to-json-outbound/schema.json +117 -0
- package/docs/programmable-api/audit-log.mdx +74 -0
- package/docs/programmable-api/background-dispatcher.mdx +124 -0
- package/docs/programmable-api/background-loader.mdx +104 -0
- package/docs/programmable-api/cache.mdx +186 -0
- package/docs/programmable-api/compatibility-dates.mdx +201 -0
- package/docs/programmable-api/console-logging.mdx +48 -0
- package/docs/programmable-api/context-data.mdx +127 -0
- package/docs/programmable-api/custom-cors-policy.mdx +64 -0
- package/docs/programmable-api/environment.mdx +328 -0
- package/docs/programmable-api/hooks.mdx +569 -0
- package/docs/programmable-api/http-problems.mdx +385 -0
- package/docs/programmable-api/jwt-service-plugin.mdx +420 -0
- package/docs/programmable-api/logger.mdx +223 -0
- package/docs/programmable-api/memory-zone-read-through-cache.mdx +96 -0
- package/docs/programmable-api/node-modules.mdx +67 -0
- package/docs/programmable-api/not-found-handler.mdx +47 -0
- package/docs/programmable-api/oauth-protected-resource-plugin.mdx +46 -0
- package/docs/programmable-api/overview.mdx +213 -0
- package/docs/programmable-api/problem-response-formatter.mdx +183 -0
- package/docs/programmable-api/request-user.mdx +289 -0
- package/docs/programmable-api/reusing-code.mdx +26 -0
- package/docs/programmable-api/route-raw.mdx +55 -0
- package/docs/programmable-api/runtime-behaviors.mdx +25 -0
- package/docs/programmable-api/runtime-errors.mdx +246 -0
- package/docs/programmable-api/runtime-extensions.mdx +340 -0
- package/docs/programmable-api/safely-clone-a-request-or-response.mdx +57 -0
- package/docs/programmable-api/streaming-zone-cache.mdx +155 -0
- package/docs/programmable-api/web-crypto-apis.mdx +219 -0
- package/docs/programmable-api/web-standard-apis.mdx +109 -0
- package/docs/programmable-api/zone-cache.mdx +131 -0
- package/docs/programmable-api/zp-body-removed.mdx +32 -0
- package/docs/programmable-api/zuplo-context.mdx +414 -0
- package/docs/programmable-api/zuplo-id-token.mdx +90 -0
- package/docs/programmable-api/zuplo-json.mdx +91 -0
- package/docs/programmable-api/zuplo-request.mdx +200 -0
- package/docs/sample-apis.mdx +78 -0
- package/docs/self-hosted/overview.md +60 -0
- package/package.json +6 -5
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
The Request Validation Inbound policy validates incoming requests against your
|
|
2
|
+
OpenAPI schema definitions. This ensures that all requests to your API conform
|
|
3
|
+
to your specified data structure and types before they reach your backend
|
|
4
|
+
services.
|
|
5
|
+
|
|
6
|
+
## How It Works
|
|
7
|
+
|
|
8
|
+
This policy automatically validates incoming requests based on the OpenAPI
|
|
9
|
+
schemas defined in your API specification. It checks:
|
|
10
|
+
|
|
11
|
+
- **Request Bodies**: Validates JSON/XML payloads against your schema
|
|
12
|
+
definitions
|
|
13
|
+
- **Query Parameters**: Ensures query parameters match expected types and
|
|
14
|
+
constraints
|
|
15
|
+
- **Path Parameters**: Validates URL path parameters against defined patterns
|
|
16
|
+
- **Headers**: Verifies required headers are present and conform to
|
|
17
|
+
specifications
|
|
18
|
+
|
|
19
|
+
When a request fails validation, the policy returns a detailed 400 Bad Request
|
|
20
|
+
response with specific information about which part of the request failed
|
|
21
|
+
validation and why.
|
|
22
|
+
|
|
23
|
+
## Configuration
|
|
24
|
+
|
|
25
|
+
The policy requires minimal configuration as it automatically uses your existing
|
|
26
|
+
OpenAPI schemas. You can enable or disable validation for specific parts of the
|
|
27
|
+
request (body, query parameters, headers) through the policy options.
|
|
28
|
+
|
|
29
|
+
## OpenAPI Schema Example
|
|
30
|
+
|
|
31
|
+
Here's an example of how to specify a schema for validation in a request body in
|
|
32
|
+
your OpenAPI specification:
|
|
33
|
+
|
|
34
|
+
```json
|
|
35
|
+
"requestBody": {
|
|
36
|
+
"description": "user to add to the system",
|
|
37
|
+
"content": {
|
|
38
|
+
"application/json": {
|
|
39
|
+
"schema": {
|
|
40
|
+
"type": "object",
|
|
41
|
+
"properties": {
|
|
42
|
+
"name": {
|
|
43
|
+
"type": "string"
|
|
44
|
+
},
|
|
45
|
+
"age": {
|
|
46
|
+
"type": "integer"
|
|
47
|
+
}
|
|
48
|
+
},
|
|
49
|
+
"required": [
|
|
50
|
+
"name",
|
|
51
|
+
"age"
|
|
52
|
+
]
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
```
|
|
58
|
+
|
|
59
|
+
## Advanced Validation
|
|
60
|
+
|
|
61
|
+
The policy supports the full range of OpenAPI schema validation features,
|
|
62
|
+
including:
|
|
63
|
+
|
|
64
|
+
- Type validation (string, number, boolean, array, object)
|
|
65
|
+
- Format validation (date, date-time, email, etc.)
|
|
66
|
+
- Pattern matching with regular expressions
|
|
67
|
+
- Numeric constraints (minimum, maximum, multipleOf)
|
|
68
|
+
- String constraints (minLength, maxLength)
|
|
69
|
+
- Array constraints (minItems, maxItems, uniqueItems)
|
|
70
|
+
- Required properties
|
|
71
|
+
- Enum values
|
|
72
|
+
- Complex schemas with allOf, anyOf, oneOf, and not
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
The Request Validation policy validates incoming requests against your OpenAPI
|
|
2
|
+
schema definitions, ensuring that all requests conform to your API's expected
|
|
3
|
+
structure and data types before they reach your backend services.
|
|
4
|
+
|
|
5
|
+
With this policy, you'll benefit from:
|
|
6
|
+
|
|
7
|
+
- **Data Integrity Protection**: Prevent malformed or invalid data from reaching
|
|
8
|
+
your backend systems
|
|
9
|
+
- **Automatic Schema Enforcement**: Leverage your existing OpenAPI definitions
|
|
10
|
+
for validation without additional code
|
|
11
|
+
- **Comprehensive Validation**: Validate request bodies, query parameters, path
|
|
12
|
+
parameters, and headers
|
|
13
|
+
- **Detailed Error Responses**: Return clear, actionable error messages that
|
|
14
|
+
help API consumers fix invalid requests
|
|
15
|
+
- **Developer-Friendly Experience**: Improve the developer experience by
|
|
16
|
+
providing immediate feedback on request issues
|
|
17
|
+
- **Reduced Backend Errors**: Minimize crashes and unexpected behavior caused by
|
|
18
|
+
invalid input data
|
|
19
|
+
- **API Contract Enforcement**: Ensure all API consumers adhere to your
|
|
20
|
+
documented API contract
|
|
21
|
+
|
|
22
|
+
When configured, any requests that do not conform to your OpenAPI schema will be
|
|
23
|
+
rejected with a `400: Bad Request` response containing a detailed error message
|
|
24
|
+
(in JSON) explaining why the request was not accepted.
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft-07/schema",
|
|
3
|
+
"$id": "http://zuplo.com/schemas/policies/auth0-jwt-auth-inbound.json",
|
|
4
|
+
"type": "object",
|
|
5
|
+
"title": "Request Validation",
|
|
6
|
+
"isDeprecated": false,
|
|
7
|
+
"isPaidAddOn": false,
|
|
8
|
+
"isEnterprise": false,
|
|
9
|
+
"isInternal": false,
|
|
10
|
+
"isBeta": false,
|
|
11
|
+
"isHidden": false,
|
|
12
|
+
"products": ["api-gateway"],
|
|
13
|
+
"description": "Validates incoming requests against your OpenAPI specification. Checks query parameters, path parameters, headers, and request body to ensure they match the defined schema before processing.",
|
|
14
|
+
"deprecatedMessage": "",
|
|
15
|
+
"required": ["handler"],
|
|
16
|
+
"properties": {
|
|
17
|
+
"handler": {
|
|
18
|
+
"type": "object",
|
|
19
|
+
"default": {},
|
|
20
|
+
"required": ["export", "module", "options"],
|
|
21
|
+
"properties": {
|
|
22
|
+
"export": {
|
|
23
|
+
"const": "RequestValidationInboundPolicy",
|
|
24
|
+
"description": "The name of the exported type"
|
|
25
|
+
},
|
|
26
|
+
"module": {
|
|
27
|
+
"const": "$import(@zuplo/runtime)",
|
|
28
|
+
"description": "The module containing the policy"
|
|
29
|
+
},
|
|
30
|
+
"options": {
|
|
31
|
+
"title": "RequestValidationInboundPolicyOptions",
|
|
32
|
+
"type": "object",
|
|
33
|
+
"description": "The options for this policy.",
|
|
34
|
+
"additionalProperties": false,
|
|
35
|
+
"required": [],
|
|
36
|
+
"properties": {
|
|
37
|
+
"logLevel": {
|
|
38
|
+
"type": "string",
|
|
39
|
+
"default": "info",
|
|
40
|
+
"description": "The log level to use when logging validation errors.",
|
|
41
|
+
"enum": ["error", "warn", "info", "debug"]
|
|
42
|
+
},
|
|
43
|
+
"validateBody": {
|
|
44
|
+
"examples": ["reject-and-log"],
|
|
45
|
+
"type": "string",
|
|
46
|
+
"title": "ValidationOptions",
|
|
47
|
+
"default": "none",
|
|
48
|
+
"description": "The action to perform when validation fails.",
|
|
49
|
+
"enum": ["none", "log-only", "reject-and-log", "reject-only"]
|
|
50
|
+
},
|
|
51
|
+
"validateQueryParameters": {
|
|
52
|
+
"examples": ["log-only"],
|
|
53
|
+
"type": "string",
|
|
54
|
+
"title": "ValidationOptions",
|
|
55
|
+
"default": "none",
|
|
56
|
+
"description": "The action to perform when validation fails.",
|
|
57
|
+
"enum": ["none", "log-only", "reject-and-log", "reject-only"]
|
|
58
|
+
},
|
|
59
|
+
"validatePathParameters": {
|
|
60
|
+
"examples": ["log-only"],
|
|
61
|
+
"type": "string",
|
|
62
|
+
"title": "ValidationOptions",
|
|
63
|
+
"default": "none",
|
|
64
|
+
"description": "The action to perform when validation fails.",
|
|
65
|
+
"enum": ["none", "log-only", "reject-and-log", "reject-only"]
|
|
66
|
+
},
|
|
67
|
+
"validateHeaders": {
|
|
68
|
+
"type": "string",
|
|
69
|
+
"title": "ValidationOptions",
|
|
70
|
+
"default": "none",
|
|
71
|
+
"description": "The action to perform when validation fails.",
|
|
72
|
+
"enum": ["none", "log-only", "reject-and-log", "reject-only"]
|
|
73
|
+
},
|
|
74
|
+
"includeRequestInLogs": {
|
|
75
|
+
"type": "boolean",
|
|
76
|
+
"default": false,
|
|
77
|
+
"description": "Whether to include the request in the logs."
|
|
78
|
+
}
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
},
|
|
82
|
+
"examples": [
|
|
83
|
+
{
|
|
84
|
+
"export": "RequestValidationInboundPolicy",
|
|
85
|
+
"module": "$import(@zuplo/runtime)",
|
|
86
|
+
"options": {
|
|
87
|
+
"includeRequestInLogs": false,
|
|
88
|
+
"logLevel": "info",
|
|
89
|
+
"validateBody": "reject-and-log",
|
|
90
|
+
"validateHeaders": "none",
|
|
91
|
+
"validatePathParameters": "log-only",
|
|
92
|
+
"validateQueryParameters": "log-only"
|
|
93
|
+
}
|
|
94
|
+
}
|
|
95
|
+
]
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
The Require Origin policy is used to enforce that the client is sending an
|
|
2
|
+
`origin` header that matches your allow-list specified in the policy options.
|
|
3
|
+
|
|
4
|
+
This is useful if you want to stop any browser traffic from different domains.
|
|
5
|
+
|
|
6
|
+
However, it is important to note that it does not guarantee that traffic is only
|
|
7
|
+
coming from a browser. Somebody could simulate a browser request from a backend
|
|
8
|
+
server and set any origin they like.
|
|
9
|
+
|
|
10
|
+
If the incoming origin is missing, or not allowed - a 400 Forbidden Problem
|
|
11
|
+
Response will be sent to the client. You can customize the `detail` property in
|
|
12
|
+
the policy options.
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft-07/schema",
|
|
3
|
+
"$id": "http://zuplo.com/schemas/policies/auth0-jwt-auth-inbound.json",
|
|
4
|
+
"type": "object",
|
|
5
|
+
"title": "Require Origin",
|
|
6
|
+
"isDeprecated": false,
|
|
7
|
+
"isPaidAddOn": false,
|
|
8
|
+
"isEnterprise": false,
|
|
9
|
+
"isInternal": false,
|
|
10
|
+
"isBeta": false,
|
|
11
|
+
"isHidden": false,
|
|
12
|
+
"products": ["api-gateway"],
|
|
13
|
+
"description": "Sets an allow-list for an origin header",
|
|
14
|
+
"deprecatedMessage": "",
|
|
15
|
+
"required": ["handler"],
|
|
16
|
+
"properties": {
|
|
17
|
+
"handler": {
|
|
18
|
+
"type": "object",
|
|
19
|
+
"default": {},
|
|
20
|
+
"required": ["export", "module", "options"],
|
|
21
|
+
"properties": {
|
|
22
|
+
"export": {
|
|
23
|
+
"const": "RequireOriginInboundPolicy",
|
|
24
|
+
"description": "The name of the exported type"
|
|
25
|
+
},
|
|
26
|
+
"module": {
|
|
27
|
+
"const": "$import(@zuplo/runtime)",
|
|
28
|
+
"description": "The module containing the policy"
|
|
29
|
+
},
|
|
30
|
+
"options": {
|
|
31
|
+
"title": "RequireOriginInboundPolicyOptions",
|
|
32
|
+
"type": "object",
|
|
33
|
+
"description": "The options for this policy.",
|
|
34
|
+
"additionalProperties": false,
|
|
35
|
+
"required": ["origins"],
|
|
36
|
+
"properties": {
|
|
37
|
+
"origins": {
|
|
38
|
+
"type": "string",
|
|
39
|
+
"examples": ["https://example.com, https://example.org"],
|
|
40
|
+
"description": "A comma separated string containing valid origins."
|
|
41
|
+
},
|
|
42
|
+
"failureDetail": {
|
|
43
|
+
"type": "string",
|
|
44
|
+
"default": "Forbidden",
|
|
45
|
+
"examples": [
|
|
46
|
+
"Your origin is not authorized to make this request."
|
|
47
|
+
],
|
|
48
|
+
"description": "The `detail` of the HTTP Problem response, if the origin is missing or disallowed."
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
},
|
|
53
|
+
"examples": [
|
|
54
|
+
{
|
|
55
|
+
"export": "RequireOriginInboundPolicy",
|
|
56
|
+
"module": "$import(@zuplo/runtime)",
|
|
57
|
+
"options": {
|
|
58
|
+
"failureDetail": "Your origin is not authorized to make this request.",
|
|
59
|
+
"origins": "https://example.com, https://example.org"
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
]
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
This policy masks sensitive secrets in outgoing requests to prevent exposure to
|
|
2
|
+
downstream consumers. This is especially useful for AI agents and MCP clients
|
|
3
|
+
(where LLMs should not consume potentially sensitive user generated information
|
|
4
|
+
or poisoned agents are attempting to leak information they have access to).
|
|
5
|
+
|
|
6
|
+
## Configuration
|
|
7
|
+
|
|
8
|
+
- `mask`: The mask to use when redacting information. **Default:** `[REDACTED]`
|
|
9
|
+
- `additionalPatterns`: Additional Regex patterns to mask secrets with (make
|
|
10
|
+
sure to correctly escape "meta escape" characters: i.e., `\b` should be
|
|
11
|
+
escaped `\\b` to avoid a JSON parsing error. Otherwise, you may see build
|
|
12
|
+
errors).
|
|
13
|
+
|
|
14
|
+
## Usage
|
|
15
|
+
|
|
16
|
+
Apply this policy to outbound requests in your route configuration:
|
|
17
|
+
|
|
18
|
+
```json
|
|
19
|
+
{
|
|
20
|
+
"policies": [
|
|
21
|
+
{
|
|
22
|
+
"name": "secret-masking-policy",
|
|
23
|
+
"policyType": "secret-masking-outbound",
|
|
24
|
+
"handler": {
|
|
25
|
+
"export": "SecretMaskingOutboundPolicy",
|
|
26
|
+
"module": "$import(@zuplo/runtime)",
|
|
27
|
+
"options": {
|
|
28
|
+
"mask": "<SECRET MASKED>",
|
|
29
|
+
"additionalPatterns": ["\\b(\\w+)=\\w+\\b"]
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
]
|
|
34
|
+
}
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
# Masked secrets
|
|
38
|
+
|
|
39
|
+
- Zuplo API keys (i.e. `zpka_xxx`)
|
|
40
|
+
- GitHub Tokens and Personal Access Tokens (i.e. `ghp_xxx`)
|
|
41
|
+
- Private key blocks (i.e. `BEGIN PRIVATE KEY` and `END PRIVATE KEY`)
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
The Secret Masking policy searches for and masks common secrets and replaces
|
|
2
|
+
them with a placeholder. Secrets that are automatically masked include:
|
|
3
|
+
|
|
4
|
+
- Zuplo API keys
|
|
5
|
+
- GitHub Tokens and Personal Access Tokens
|
|
6
|
+
- Private key blocks
|
|
7
|
+
- And more!
|
|
8
|
+
|
|
9
|
+
See the [policy documentation](https://zuplo.com/docs/policies/overview) for a
|
|
10
|
+
full description of secrets that are masked via this policy.
|
|
11
|
+
|
|
12
|
+
This is especially useful as an outbound policy for MCP servers, APIs that
|
|
13
|
+
interface with user generated content, or AI consumers.
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft-07/schema",
|
|
3
|
+
"$id": "http://zuplo.com/schemas/policies/auth0-jwt-auth-inbound.json",
|
|
4
|
+
"type": "object",
|
|
5
|
+
"title": "Secret Masking",
|
|
6
|
+
"isDeprecated": false,
|
|
7
|
+
"isPaidAddOn": false,
|
|
8
|
+
"isEnterprise": false,
|
|
9
|
+
"isInternal": false,
|
|
10
|
+
"isBeta": false,
|
|
11
|
+
"isHidden": false,
|
|
12
|
+
"products": ["api-gateway"],
|
|
13
|
+
"description": "Masks common secrets like Zuplo API keys, GitHub tokens, or SSH private key in the response body.",
|
|
14
|
+
"deprecatedMessage": "",
|
|
15
|
+
"required": ["handler"],
|
|
16
|
+
"properties": {
|
|
17
|
+
"handler": {
|
|
18
|
+
"type": "object",
|
|
19
|
+
"default": {},
|
|
20
|
+
"required": ["export", "module", "options"],
|
|
21
|
+
"properties": {
|
|
22
|
+
"export": {
|
|
23
|
+
"const": "SecretMaskingOutboundPolicy",
|
|
24
|
+
"description": "The name of the exported type"
|
|
25
|
+
},
|
|
26
|
+
"module": {
|
|
27
|
+
"const": "$import(@zuplo/runtime)",
|
|
28
|
+
"description": "The module containing the policy"
|
|
29
|
+
},
|
|
30
|
+
"options": {
|
|
31
|
+
"title": "SecretMaskingOutboundPolicyOptions",
|
|
32
|
+
"type": "object",
|
|
33
|
+
"description": "The options for the secret masking policy.",
|
|
34
|
+
"additionalProperties": false,
|
|
35
|
+
"required": [],
|
|
36
|
+
"properties": {
|
|
37
|
+
"mask": {
|
|
38
|
+
"type": "string",
|
|
39
|
+
"description": "The string to replace detected secrets with.",
|
|
40
|
+
"examples": ["[REDACTED]"],
|
|
41
|
+
"default": "[REDACTED]"
|
|
42
|
+
},
|
|
43
|
+
"additionalPatterns": {
|
|
44
|
+
"type": "array",
|
|
45
|
+
"description": "Extra regex patterns for secrets to mask.",
|
|
46
|
+
"items": {
|
|
47
|
+
"type": "string"
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
},
|
|
53
|
+
"examples": [
|
|
54
|
+
{
|
|
55
|
+
"export": "SecretMaskingOutboundPolicy",
|
|
56
|
+
"module": "$import(@zuplo/runtime)",
|
|
57
|
+
"options": {
|
|
58
|
+
"additionalPatterns": [],
|
|
59
|
+
"mask": "[REDACTED]"
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
]
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
}
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
## How it works
|
|
2
|
+
|
|
3
|
+
1. **Cache Key Generation**: The policy generates a cache key either through a
|
|
4
|
+
custom function or by extracting a value from the request body using a
|
|
5
|
+
property path.
|
|
6
|
+
|
|
7
|
+
2. **Semantic Matching**: When a request comes in, the policy checks the
|
|
8
|
+
semantic cache service to find semantically similar cache keys based on the
|
|
9
|
+
configured similarity tolerance.
|
|
10
|
+
|
|
11
|
+
3. **Response Caching**: Successful responses are cached in the semantic cache
|
|
12
|
+
service with the generated cache key.
|
|
13
|
+
|
|
14
|
+
4. **LLM-powered Similarity**: The cache matching uses Large Language Model
|
|
15
|
+
(LLM) embeddings to determine semantic similarity between cache keys.
|
|
16
|
+
|
|
17
|
+
## Configuration
|
|
18
|
+
|
|
19
|
+
The policy supports two modes for cache key generation:
|
|
20
|
+
|
|
21
|
+
- **Function Mode**: Use a custom function to generate cache keys
|
|
22
|
+
- **Property Path Mode**: Extract cache keys from JSON request body using a
|
|
23
|
+
property path
|
|
24
|
+
|
|
25
|
+
### Key Parameters
|
|
26
|
+
|
|
27
|
+
- **semanticTolerance** (optional): A number between 0 and 1 that controls how
|
|
28
|
+
similar cache keys need to be for a match. Default is 0.8. Higher values
|
|
29
|
+
(closer to 1) require more similarity, while lower values allow more flexible
|
|
30
|
+
matching. Can be overridden by custom functions when using
|
|
31
|
+
`cacheBy: "function"`.
|
|
32
|
+
- **expirationSecondsTtl** (optional): Cache expiration time in seconds. Default
|
|
33
|
+
is 3600 (1 hour). Can be overridden by custom functions when using
|
|
34
|
+
`cacheBy: "function"`.
|
|
35
|
+
- **namespace** (optional): An optional string to isolate cache entries within a
|
|
36
|
+
specific namespace. This is useful for multi-tenant scenarios or when you want
|
|
37
|
+
to separate different cache contexts. When specified, only cache entries
|
|
38
|
+
within the same namespace will be matched and retrieved.
|
|
39
|
+
|
|
40
|
+
### Custom Functions
|
|
41
|
+
|
|
42
|
+
When using `cacheBy: "function"`, your custom function should return an object
|
|
43
|
+
with the following structure:
|
|
44
|
+
|
|
45
|
+
```typescript
|
|
46
|
+
{
|
|
47
|
+
cacheKey: string; // Required: The cache key for semantic matching
|
|
48
|
+
semanticTolerance?: number; // Optional: Override the policy's similarity tolerance
|
|
49
|
+
expirationSecondsTtl?: number; // Optional: Override the policy's cache expiration time
|
|
50
|
+
}
|
|
51
|
+
```
|
|
52
|
+
|
|
53
|
+
This allows for dynamic configuration where different requests can have
|
|
54
|
+
different caching behaviors based on your custom logic.
|
|
55
|
+
|
|
56
|
+
## Use Cases
|
|
57
|
+
|
|
58
|
+
- Caching API responses where requests may be semantically similar but not
|
|
59
|
+
identical
|
|
60
|
+
- Natural language query caching where similar questions should return the same
|
|
61
|
+
response
|
|
62
|
+
- User-specific caching where slight variations in user identifiers map to the
|
|
63
|
+
same cache entry
|
|
@@ -0,0 +1,179 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft-07/schema",
|
|
3
|
+
"$id": "http://zuplo.com/schemas/policies/auth0-jwt-auth-inbound.json",
|
|
4
|
+
"type": "object",
|
|
5
|
+
"title": "Semantic Cache",
|
|
6
|
+
"isDeprecated": false,
|
|
7
|
+
"isPaidAddOn": false,
|
|
8
|
+
"isEnterprise": true,
|
|
9
|
+
"isInternal": false,
|
|
10
|
+
"isBeta": true,
|
|
11
|
+
"isHidden": false,
|
|
12
|
+
"products": ["api-gateway"],
|
|
13
|
+
"description": "Respond to matched incoming requests with semantically cached content\n\nThe Semantic Cache Inbound policy caches responses based on semantic similarity of cache keys rather than exact matches. This allows for more flexible caching where similar requests can return cached responses even if the cache key is not exactly the same.\n\nThe policy uses Large Language Model (LLM) embeddings to determine semantic similarity between cache keys based on a configurable similarity tolerance.\n\nOptions: - semanticTolerance: The semantic similarity threshold for semantic cache matches (0-1, default: 0.2). Values closer to 0 require higher similarity. Can be overridden by custom functions. - expirationSecondsTtl: The timeout of the cache in seconds (default: 3600, 1 hour). Can be overridden by custom functions. - namespace: Optional namespace to isolate cache entries (default: \"default\"). Useful for multi-tenant scenarios or different cache contexts. - cacheBy: Determines how cache keys are generated: 'function' for custom logic or 'propertyPath' to extract from JSON body.",
|
|
14
|
+
"deprecatedMessage": "",
|
|
15
|
+
"required": ["handler"],
|
|
16
|
+
"properties": {
|
|
17
|
+
"handler": {
|
|
18
|
+
"type": "object",
|
|
19
|
+
"default": {},
|
|
20
|
+
"required": ["export", "module", "options"],
|
|
21
|
+
"properties": {
|
|
22
|
+
"export": {
|
|
23
|
+
"const": "SemanticCacheInboundPolicy",
|
|
24
|
+
"description": "The name of the exported type"
|
|
25
|
+
},
|
|
26
|
+
"module": {
|
|
27
|
+
"const": "$import(@zuplo/runtime)",
|
|
28
|
+
"description": "The module containing the policy"
|
|
29
|
+
},
|
|
30
|
+
"options": {
|
|
31
|
+
"title": "SemanticCacheInboundPolicyOptions",
|
|
32
|
+
"type": "object",
|
|
33
|
+
"description": "The options for this policy.",
|
|
34
|
+
"additionalProperties": false,
|
|
35
|
+
"required": ["cacheBy"],
|
|
36
|
+
"properties": {
|
|
37
|
+
"semanticTolerance": {
|
|
38
|
+
"type": "number",
|
|
39
|
+
"default": 0.2,
|
|
40
|
+
"minimum": 0,
|
|
41
|
+
"maximum": 1,
|
|
42
|
+
"description": "The semantic similarity threshold for semantic cache matches. Values closer to 0 require closer similarity, while larger values allow more flexible matching. Default is 0.2."
|
|
43
|
+
},
|
|
44
|
+
"expirationSecondsTtl": {
|
|
45
|
+
"type": "number",
|
|
46
|
+
"default": 3600,
|
|
47
|
+
"minimum": 60,
|
|
48
|
+
"description": "The timeout of the cache in seconds. Defaults to 1 hour."
|
|
49
|
+
},
|
|
50
|
+
"namespace": {
|
|
51
|
+
"type": "string",
|
|
52
|
+
"default": "default",
|
|
53
|
+
"description": "Optional namespace to isolate cache entries. Useful for multi-tenant scenarios or different cache contexts."
|
|
54
|
+
},
|
|
55
|
+
"cacheBy": {
|
|
56
|
+
"type": "string",
|
|
57
|
+
"enum": ["function", "propertyPath"],
|
|
58
|
+
"description": "Determines how the cache key is generated. Use 'function' for custom logic or 'propertyPath' to extract from JSON body."
|
|
59
|
+
},
|
|
60
|
+
"cacheByFunction": {
|
|
61
|
+
"type": "object",
|
|
62
|
+
"additionalProperties": false,
|
|
63
|
+
"description": "The function that returns dynamic cache key data. Used only with `cacheBy=function`.",
|
|
64
|
+
"required": ["export", "module"],
|
|
65
|
+
"properties": {
|
|
66
|
+
"export": {
|
|
67
|
+
"type": "string",
|
|
68
|
+
"description": "Specifies the export to load your custom cache key function, e.g. `default`, `cacheKeyIdentifier`.",
|
|
69
|
+
"examples": ["default", "cacheKeyIdentifier"]
|
|
70
|
+
},
|
|
71
|
+
"module": {
|
|
72
|
+
"type": "string",
|
|
73
|
+
"description": "Specifies the module to load your custom cache key function, in the format `$import(./modules/my-module)`.",
|
|
74
|
+
"examples": ["$import(./modules/my-module)"]
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
},
|
|
78
|
+
"cacheByPropertyPath": {
|
|
79
|
+
"type": "string",
|
|
80
|
+
"description": "The path to the property in the request body (JSON) to use as cache key. For example '.userId' would read the 'userId' property from the request body. Only works with cacheBy=propertyPath.",
|
|
81
|
+
"examples": [".userId", ".data.customerId"]
|
|
82
|
+
},
|
|
83
|
+
"statusCodes": {
|
|
84
|
+
"type": "array",
|
|
85
|
+
"items": {
|
|
86
|
+
"type": "number"
|
|
87
|
+
},
|
|
88
|
+
"examples": [[200, 201]],
|
|
89
|
+
"default": [200, 206, 301, 302, 303, 410],
|
|
90
|
+
"description": "Response status codes to be cached."
|
|
91
|
+
},
|
|
92
|
+
"returnCacheStatusHeader": {
|
|
93
|
+
"type": "boolean",
|
|
94
|
+
"default": false,
|
|
95
|
+
"description": "If true, the policy will return a custom header with the cache status. The default header name is `zp-semantic-cache`."
|
|
96
|
+
},
|
|
97
|
+
"cacheStatusHeaderName": {
|
|
98
|
+
"type": "string",
|
|
99
|
+
"default": "zp-semantic-cache",
|
|
100
|
+
"description": "The name of the header to return the cache status. Only used if `returnCacheStatusHeader` is true."
|
|
101
|
+
}
|
|
102
|
+
},
|
|
103
|
+
"allOf": [
|
|
104
|
+
{
|
|
105
|
+
"if": {
|
|
106
|
+
"properties": {
|
|
107
|
+
"cacheBy": {
|
|
108
|
+
"const": "function"
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
},
|
|
112
|
+
"then": {
|
|
113
|
+
"required": ["cacheByFunction"]
|
|
114
|
+
}
|
|
115
|
+
},
|
|
116
|
+
{
|
|
117
|
+
"if": {
|
|
118
|
+
"properties": {
|
|
119
|
+
"cacheBy": {
|
|
120
|
+
"const": "propertyPath"
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
},
|
|
124
|
+
"then": {
|
|
125
|
+
"required": ["cacheByPropertyPath"]
|
|
126
|
+
}
|
|
127
|
+
}
|
|
128
|
+
],
|
|
129
|
+
"examples": [
|
|
130
|
+
{
|
|
131
|
+
"cacheBy": "propertyPath",
|
|
132
|
+
"cacheByPropertyPath": ".userId",
|
|
133
|
+
"semanticTolerance": 0.8,
|
|
134
|
+
"expirationSecondsTtl": 3600,
|
|
135
|
+
"namespace": "user-cache"
|
|
136
|
+
},
|
|
137
|
+
{
|
|
138
|
+
"cacheBy": "function",
|
|
139
|
+
"cacheByFunction": {
|
|
140
|
+
"export": "cacheKeyFunction",
|
|
141
|
+
"module": "$import(./modules/cache-key)"
|
|
142
|
+
},
|
|
143
|
+
"semanticTolerance": 0.9,
|
|
144
|
+
"expirationSecondsTtl": 1800,
|
|
145
|
+
"namespace": "api-cache"
|
|
146
|
+
}
|
|
147
|
+
]
|
|
148
|
+
}
|
|
149
|
+
},
|
|
150
|
+
"examples": [
|
|
151
|
+
{
|
|
152
|
+
"export": "SemanticCacheInboundPolicy",
|
|
153
|
+
"module": "$import(@zuplo/runtime)",
|
|
154
|
+
"options": {
|
|
155
|
+
"cacheBy": "propertyPath",
|
|
156
|
+
"cacheByPropertyPath": ".userId",
|
|
157
|
+
"expirationSecondsTtl": 3600,
|
|
158
|
+
"namespace": "user-cache",
|
|
159
|
+
"semanticTolerance": 0.8
|
|
160
|
+
}
|
|
161
|
+
},
|
|
162
|
+
{
|
|
163
|
+
"export": "SemanticCacheInboundPolicy",
|
|
164
|
+
"module": "$import(@zuplo/runtime)",
|
|
165
|
+
"options": {
|
|
166
|
+
"cacheBy": "function",
|
|
167
|
+
"cacheByFunction": {
|
|
168
|
+
"export": "cacheKeyFunction",
|
|
169
|
+
"module": "$import(./modules/cache-key)"
|
|
170
|
+
},
|
|
171
|
+
"expirationSecondsTtl": 1800,
|
|
172
|
+
"namespace": "api-cache",
|
|
173
|
+
"semanticTolerance": 0.9
|
|
174
|
+
}
|
|
175
|
+
}
|
|
176
|
+
]
|
|
177
|
+
}
|
|
178
|
+
}
|
|
179
|
+
}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
The Set Body policy allows you to set or override the incoming request body.
|
|
2
|
+
[GET or HEAD requests do not support bodies on Zuplo](https://zuplo.com/docs/articles/zp-body-removed),
|
|
3
|
+
so be sure to use the
|
|
4
|
+
[Change Method](https://zuplo.com/docs/policies/change-method-inbound) policy to
|
|
5
|
+
update the method to a `POST` or whatever is appropriate. You might also need to
|
|
6
|
+
use the [Set Header](https://zuplo.com/docs/policies/set-headers-inbound) policy
|
|
7
|
+
to set a `content-type`.
|