zuplo 6.67.32 → 6.68.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +9 -0
- package/docs/_index.md +44 -0
- package/docs/ai-gateway/apps.mdx +28 -0
- package/docs/ai-gateway/custom-providers.mdx +54 -0
- package/docs/ai-gateway/getting-started.mdx +224 -0
- package/docs/ai-gateway/guardrails.mdx +65 -0
- package/docs/ai-gateway/integrations/ai-sdk.mdx +109 -0
- package/docs/ai-gateway/integrations/claude-code.mdx +49 -0
- package/docs/ai-gateway/integrations/codex.mdx +78 -0
- package/docs/ai-gateway/integrations/goose.mdx +104 -0
- package/docs/ai-gateway/integrations/langchain.mdx +66 -0
- package/docs/ai-gateway/integrations/openai.mdx +99 -0
- package/docs/ai-gateway/introduction.mdx +85 -0
- package/docs/ai-gateway/managing-apps.mdx +46 -0
- package/docs/ai-gateway/managing-providers.mdx +66 -0
- package/docs/ai-gateway/managing-teams.mdx +63 -0
- package/docs/ai-gateway/policies/akamai-ai-firewall.mdx +125 -0
- package/docs/ai-gateway/policies/comet-opik-tracing.mdx +139 -0
- package/docs/ai-gateway/policies/galileo-tracing.mdx +147 -0
- package/docs/ai-gateway/providers.mdx +32 -0
- package/docs/ai-gateway/teams.mdx +38 -0
- package/docs/ai-gateway/universal-api.mdx +43 -0
- package/docs/ai-gateway/usage-limits.mdx +89 -0
- package/docs/api-management/introduction.md +127 -0
- package/docs/articles/accounts/audit-logs.mdx +227 -0
- package/docs/articles/accounts/billing.mdx +25 -0
- package/docs/articles/accounts/default-api-key.mdx +30 -0
- package/docs/articles/accounts/delete-account.mdx +36 -0
- package/docs/articles/accounts/enterprise-sso.mdx +116 -0
- package/docs/articles/accounts/managing-account-members.mdx +45 -0
- package/docs/articles/accounts/managing-project-members.mdx +37 -0
- package/docs/articles/accounts/members-and-roles.mdx +21 -0
- package/docs/articles/accounts/roles-and-permissions.mdx +115 -0
- package/docs/articles/accounts/zuplo-api-keys.mdx +94 -0
- package/docs/articles/add-api-to-backstage.mdx +216 -0
- package/docs/articles/advanced-path-matching.mdx +139 -0
- package/docs/articles/api-key-administration.mdx +47 -0
- package/docs/articles/api-key-api.mdx +220 -0
- package/docs/articles/api-key-authentication.mdx +195 -0
- package/docs/articles/api-key-buckets.mdx +61 -0
- package/docs/articles/api-key-end-users.mdx +52 -0
- package/docs/articles/api-key-leak-detection.mdx +75 -0
- package/docs/articles/api-key-management.mdx +100 -0
- package/docs/articles/api-key-react-component.mdx +90 -0
- package/docs/articles/api-key-service-limits.mdx +14 -0
- package/docs/articles/archiving-requests-to-storage.mdx +119 -0
- package/docs/articles/branch-based-deployments.mdx +184 -0
- package/docs/articles/bypass-policy-for-testing.mdx +117 -0
- package/docs/articles/check-ip-address.mdx +17 -0
- package/docs/articles/ci-cd-azure/basic-deployment.mdx +49 -0
- package/docs/articles/ci-cd-azure/deploy-and-test.mdx +47 -0
- package/docs/articles/ci-cd-azure/local-testing.mdx +59 -0
- package/docs/articles/ci-cd-azure/multi-stage-deployment.mdx +88 -0
- package/docs/articles/ci-cd-azure/pr-preview-environments.mdx +50 -0
- package/docs/articles/ci-cd-azure/tag-based-releases.mdx +37 -0
- package/docs/articles/ci-cd-bitbucket/basic-deployment.mdx +27 -0
- package/docs/articles/ci-cd-bitbucket/deploy-and-test.mdx +41 -0
- package/docs/articles/ci-cd-bitbucket/local-testing.mdx +34 -0
- package/docs/articles/ci-cd-bitbucket/multi-stage-deployment.mdx +52 -0
- package/docs/articles/ci-cd-bitbucket/pr-preview-environments.mdx +46 -0
- package/docs/articles/ci-cd-bitbucket/tag-based-releases.mdx +27 -0
- package/docs/articles/ci-cd-circleci/basic-deployment.mdx +34 -0
- package/docs/articles/ci-cd-circleci/deploy-and-test.mdx +44 -0
- package/docs/articles/ci-cd-circleci/local-testing.mdx +50 -0
- package/docs/articles/ci-cd-circleci/multi-stage-deployment.mdx +82 -0
- package/docs/articles/ci-cd-circleci/pr-preview-environments.mdx +47 -0
- package/docs/articles/ci-cd-circleci/tag-based-releases.mdx +38 -0
- package/docs/articles/ci-cd-github/basic-deployment.mdx +48 -0
- package/docs/articles/ci-cd-github/cleanup-on-branch-delete.mdx +123 -0
- package/docs/articles/ci-cd-github/deploy-and-test.mdx +82 -0
- package/docs/articles/ci-cd-github/local-testing.mdx +102 -0
- package/docs/articles/ci-cd-github/multi-stage-deployment.mdx +136 -0
- package/docs/articles/ci-cd-github/pr-preview-environments.mdx +106 -0
- package/docs/articles/ci-cd-github/tag-based-releases.mdx +99 -0
- package/docs/articles/ci-cd-gitlab/basic-deployment.mdx +28 -0
- package/docs/articles/ci-cd-gitlab/deploy-and-test.mdx +44 -0
- package/docs/articles/ci-cd-gitlab/local-testing.mdx +39 -0
- package/docs/articles/ci-cd-gitlab/mr-preview-environments.mdx +52 -0
- package/docs/articles/ci-cd-gitlab/multi-stage-deployment.mdx +64 -0
- package/docs/articles/ci-cd-gitlab/tag-based-releases.mdx +28 -0
- package/docs/articles/composite-policy-reference.mdx +284 -0
- package/docs/articles/configuring-auth0-for-mcp-auth.mdx +186 -0
- package/docs/articles/configuring-okta-for-mcp-auth.mdx +208 -0
- package/docs/articles/convert-urls-to-openapi.mdx +62 -0
- package/docs/articles/cors.mdx +447 -0
- package/docs/articles/custom-audit-log-policy.mdx +95 -0
- package/docs/articles/custom-ci-cd-azure.mdx +81 -0
- package/docs/articles/custom-ci-cd-bitbucket.mdx +80 -0
- package/docs/articles/custom-ci-cd-circleci.mdx +78 -0
- package/docs/articles/custom-ci-cd-github.mdx +99 -0
- package/docs/articles/custom-ci-cd-gitlab.mdx +79 -0
- package/docs/articles/custom-ci-cd.mdx +82 -0
- package/docs/articles/custom-code-patterns.md +418 -0
- package/docs/articles/custom-domains.mdx +258 -0
- package/docs/articles/custom-logging-example.mdx +139 -0
- package/docs/articles/ddos-protection.mdx +138 -0
- package/docs/articles/development-options.mdx +49 -0
- package/docs/articles/environment-variables.mdx +134 -0
- package/docs/articles/environments.mdx +143 -0
- package/docs/articles/fastly-zuplo-host-setup.mdx +41 -0
- package/docs/articles/github-deployment-testing.mdx +101 -0
- package/docs/articles/gke-with-upstream-auth-policy.mdx +192 -0
- package/docs/articles/graphql-security.mdx +180 -0
- package/docs/articles/handling-form-data.mdx +61 -0
- package/docs/articles/health-checks.mdx +109 -0
- package/docs/articles/hosting-options.mdx +70 -0
- package/docs/articles/lazy-load-configuration-into-cache.mdx +92 -0
- package/docs/articles/limits.mdx +98 -0
- package/docs/articles/local-development-debugging.mdx +44 -0
- package/docs/articles/local-development-env-variables.mdx +23 -0
- package/docs/articles/local-development-installing-packages.mdx +23 -0
- package/docs/articles/local-development-routes-designer.mdx +27 -0
- package/docs/articles/local-development-services.mdx +40 -0
- package/docs/articles/local-development-troubleshooting.mdx +56 -0
- package/docs/articles/local-development.mdx +81 -0
- package/docs/articles/log-plugin-aws-cloudwatch.mdx +83 -0
- package/docs/articles/log-plugin-datadog.mdx +84 -0
- package/docs/articles/log-plugin-dynatrace.mdx +75 -0
- package/docs/articles/log-plugin-gcp.mdx +75 -0
- package/docs/articles/log-plugin-loki.mdx +136 -0
- package/docs/articles/log-plugin-new-relic.mdx +84 -0
- package/docs/articles/log-plugin-splunk.mdx +104 -0
- package/docs/articles/log-plugin-sumo.mdx +73 -0
- package/docs/articles/log-plugin-vmware-log-insight.mdx +154 -0
- package/docs/articles/log-request-response-data.mdx +398 -0
- package/docs/articles/logging.mdx +115 -0
- package/docs/articles/manual-mcp-oauth-testing.mdx +193 -0
- package/docs/articles/mcp-quickstart.mdx +135 -0
- package/docs/articles/metrics-plugins.mdx +371 -0
- package/docs/articles/migrate-from-apigee.md +408 -0
- package/docs/articles/migrate-from-aws-api-gateway.md +248 -0
- package/docs/articles/migrate-from-azure-apim.md +292 -0
- package/docs/articles/migrate-from-kong.md +300 -0
- package/docs/articles/migration-overview.md +81 -0
- package/docs/articles/monetization/api-access.mdx +69 -0
- package/docs/articles/monetization/billing-models.md +520 -0
- package/docs/articles/monetization/developer-portal.md +167 -0
- package/docs/articles/monetization/features.mdx +98 -0
- package/docs/articles/monetization/index.mdx +113 -0
- package/docs/articles/monetization/meters.mdx +135 -0
- package/docs/articles/monetization/monetization-policy.md +314 -0
- package/docs/articles/monetization/plan-examples.mdx +366 -0
- package/docs/articles/monetization/plans.mdx +266 -0
- package/docs/articles/monetization/pricing-models.mdx +225 -0
- package/docs/articles/monetization/private-plans.md +154 -0
- package/docs/articles/monetization/quickstart.md +355 -0
- package/docs/articles/monetization/rate-cards.mdx +171 -0
- package/docs/articles/monetization/stripe-integration.md +195 -0
- package/docs/articles/monetization/subscription-lifecycle.md +298 -0
- package/docs/articles/monetization/tax-collection.md +166 -0
- package/docs/articles/monetization/troubleshooting.md +272 -0
- package/docs/articles/monetization-custom.mdx +71 -0
- package/docs/articles/monetization-integrations.mdx +104 -0
- package/docs/articles/monitoring-your-gateway.mdx +53 -0
- package/docs/articles/monorepo-deployment.mdx +350 -0
- package/docs/articles/multiple-auth-policies.mdx +81 -0
- package/docs/articles/non-standard-ports.mdx +30 -0
- package/docs/articles/oauth-authentication.mdx +54 -0
- package/docs/articles/openapi-server-urls.mdx +60 -0
- package/docs/articles/openapi.mdx +130 -0
- package/docs/articles/opentelemetry.mdx +250 -0
- package/docs/articles/per-user-rate-limits-using-db.mdx +112 -0
- package/docs/articles/performance-testing.mdx +304 -0
- package/docs/articles/plugin-akamai-api-security.mdx +76 -0
- package/docs/articles/plugin-azure-blob.mdx +73 -0
- package/docs/articles/plugin-azure-event-hubs.mdx +64 -0
- package/docs/articles/plugin-hydrolix-traffic-peak.mdx +147 -0
- package/docs/articles/policies.mdx +33 -0
- package/docs/articles/rename-or-move-project.mdx +39 -0
- package/docs/articles/rick-and-morty-api-developer-portal-example.mdx +23 -0
- package/docs/articles/routing.mdx +193 -0
- package/docs/articles/s3-signed-url-uploads.mdx +521 -0
- package/docs/articles/secure-tunnel.mdx +84 -0
- package/docs/articles/securing-backend-mtls.mdx +268 -0
- package/docs/articles/securing-your-backend.mdx +148 -0
- package/docs/articles/security.mdx +105 -0
- package/docs/articles/sharing-code-across-projects.mdx +412 -0
- package/docs/articles/source-control-setup-azure.mdx +13 -0
- package/docs/articles/source-control-setup-bitbucket.mdx +43 -0
- package/docs/articles/source-control-setup-github.mdx +172 -0
- package/docs/articles/source-control-setup-gitlab.mdx +12 -0
- package/docs/articles/source-control.mdx +80 -0
- package/docs/articles/step-1-setup-basic-gateway-local.mdx +136 -0
- package/docs/articles/step-1-setup-basic-gateway.mdx +118 -0
- package/docs/articles/step-2-add-rate-limiting-local.mdx +126 -0
- package/docs/articles/step-2-add-rate-limiting.mdx +82 -0
- package/docs/articles/step-3-add-api-key-auth-local.mdx +199 -0
- package/docs/articles/step-3-add-api-key-auth.mdx +166 -0
- package/docs/articles/step-4-deploying-to-the-edge.mdx +220 -0
- package/docs/articles/step-5-dynamic-rate-limiting.mdx +167 -0
- package/docs/articles/support.mdx +144 -0
- package/docs/articles/terraform.mdx +114 -0
- package/docs/articles/testing-graphql.mdx +34 -0
- package/docs/articles/testing.mdx +522 -0
- package/docs/articles/troubleshooting-slow-responses.mdx +301 -0
- package/docs/articles/troubleshooting.md +302 -0
- package/docs/articles/tsconfig.mdx +105 -0
- package/docs/articles/tunnel-setup.mdx +195 -0
- package/docs/articles/tunnel-troubleshooting.mdx +50 -0
- package/docs/articles/update-zup-in-github-action.mdx +110 -0
- package/docs/articles/use-openapi-extension-data.mdx +79 -0
- package/docs/articles/users/multifactor-authentication.mdx +64 -0
- package/docs/articles/users/profile.mdx +13 -0
- package/docs/articles/versioning-on-zuplo.mdx +89 -0
- package/docs/articles/waf-ddos-akamai.md +133 -0
- package/docs/articles/waf-ddos-aws-waf-shield.mdx +85 -0
- package/docs/articles/waf-ddos-fastly.mdx +251 -0
- package/docs/articles/waf-ddos.mdx +140 -0
- package/docs/articles/zuplo-waf.mdx +156 -0
- package/docs/ask.mdx +3 -0
- package/docs/cli/authentication.mdx +56 -0
- package/docs/cli/connectivity.mdx +38 -0
- package/docs/cli/create-zuplo-api.mdx +80 -0
- package/docs/cli/delete.mdx +79 -0
- package/docs/cli/deploy.mdx +156 -0
- package/docs/cli/deploy.partial.mdx +46 -0
- package/docs/cli/dev.mdx +115 -0
- package/docs/cli/docs.mdx +66 -0
- package/docs/cli/editor.mdx +50 -0
- package/docs/cli/global-options.mdx +19 -0
- package/docs/cli/init.mdx +74 -0
- package/docs/cli/link.mdx +74 -0
- package/docs/cli/list.mdx +55 -0
- package/docs/cli/mtls-certificate-create.mdx +94 -0
- package/docs/cli/mtls-certificate-delete.mdx +55 -0
- package/docs/cli/mtls-certificate-describe.mdx +55 -0
- package/docs/cli/mtls-certificate-disable.mdx +55 -0
- package/docs/cli/mtls-certificate-list.mdx +47 -0
- package/docs/cli/mtls-certificate-update.mdx +72 -0
- package/docs/cli/openapi-convert.mdx +111 -0
- package/docs/cli/openapi-merge.mdx +138 -0
- package/docs/cli/openapi-merge.partial.mdx +29 -0
- package/docs/cli/openapi-overlay.mdx +123 -0
- package/docs/cli/overview.mdx +78 -0
- package/docs/cli/project-create.mdx +43 -0
- package/docs/cli/source-migrate.mdx +18 -0
- package/docs/cli/source-upgrade.mdx +41 -0
- package/docs/cli/test.mdx +70 -0
- package/docs/cli/test.partial.mdx +7 -0
- package/docs/cli/tunnel-create.mdx +53 -0
- package/docs/cli/tunnel-create.partial.mdx +9 -0
- package/docs/cli/tunnel-delete.mdx +35 -0
- package/docs/cli/tunnel-delete.partial.mdx +9 -0
- package/docs/cli/tunnel-describe.mdx +45 -0
- package/docs/cli/tunnel-describe.partial.mdx +5 -0
- package/docs/cli/tunnel-list.mdx +35 -0
- package/docs/cli/tunnel-list.partial.mdx +9 -0
- package/docs/cli/tunnel-rate-token.partial.mdx +9 -0
- package/docs/cli/tunnel-rotate-token.mdx +39 -0
- package/docs/cli/tunnel-services-describe.mdx +45 -0
- package/docs/cli/tunnel-services-describe.partial.mdx +9 -0
- package/docs/cli/tunnel-services-update.mdx +48 -0
- package/docs/cli/variable-create.mdx +91 -0
- package/docs/cli/variable-create.partial.mdx +5 -0
- package/docs/cli/variable-update.mdx +75 -0
- package/docs/cli/variable-update.partial.mdx +5 -0
- package/docs/concepts/api-keys.md +146 -0
- package/docs/concepts/authentication.mdx +109 -0
- package/docs/concepts/how-zuplo-works.mdx +120 -0
- package/docs/concepts/project-structure.mdx +174 -0
- package/docs/concepts/rate-limiting.md +246 -0
- package/docs/concepts/request-lifecycle.mdx +56 -0
- package/docs/concepts/source-control-and-deployment.mdx +229 -0
- package/docs/conferences/conference-prize-terms.mdx +80 -0
- package/docs/dedicated/akamai/ai-powered-applications.mdx +223 -0
- package/docs/dedicated/akamai/architecture.mdx +280 -0
- package/docs/dedicated/akamai/caching.mdx +212 -0
- package/docs/dedicated/akamai/cdn.mdx +156 -0
- package/docs/dedicated/architecture.mdx +208 -0
- package/docs/dedicated/custom-domains.mdx +31 -0
- package/docs/dedicated/federated-gateways.mdx +80 -0
- package/docs/dedicated/networking.mdx +69 -0
- package/docs/dedicated/overview.mdx +80 -0
- package/docs/dedicated/source-control.mdx +63 -0
- package/docs/dev-portal/dev-portal-create-consumer-on-auth.mdx +134 -0
- package/docs/dev-portal/introduction.mdx +65 -0
- package/docs/dev-portal/local-development.mdx +72 -0
- package/docs/dev-portal/migration.mdx +526 -0
- package/docs/dev-portal/node-modules.mdx +45 -0
- package/docs/dev-portal/updating.mdx +28 -0
- package/docs/dev-portal/zudoku/components/alert.mdx +130 -0
- package/docs/dev-portal/zudoku/components/badge.mdx +70 -0
- package/docs/dev-portal/zudoku/components/button.mdx +132 -0
- package/docs/dev-portal/zudoku/components/callout.mdx +112 -0
- package/docs/dev-portal/zudoku/components/card.mdx +104 -0
- package/docs/dev-portal/zudoku/components/checkbox.mdx +72 -0
- package/docs/dev-portal/zudoku/components/client-only.mdx +79 -0
- package/docs/dev-portal/zudoku/components/code-tabs.mdx +179 -0
- package/docs/dev-portal/zudoku/components/dialog.mdx +167 -0
- package/docs/dev-portal/zudoku/components/head.mdx +199 -0
- package/docs/dev-portal/zudoku/components/icons.mdx +27 -0
- package/docs/dev-portal/zudoku/components/input.mdx +96 -0
- package/docs/dev-portal/zudoku/components/label.mdx +86 -0
- package/docs/dev-portal/zudoku/components/link.mdx +242 -0
- package/docs/dev-portal/zudoku/components/markdown.mdx +151 -0
- package/docs/dev-portal/zudoku/components/mermaid.mdx +81 -0
- package/docs/dev-portal/zudoku/components/playground.mdx +87 -0
- package/docs/dev-portal/zudoku/components/secret.mdx +78 -0
- package/docs/dev-portal/zudoku/components/select.mdx +176 -0
- package/docs/dev-portal/zudoku/components/shadcn.mdx +73 -0
- package/docs/dev-portal/zudoku/components/slider.mdx +108 -0
- package/docs/dev-portal/zudoku/components/slot.mdx +119 -0
- package/docs/dev-portal/zudoku/components/stepper.mdx +138 -0
- package/docs/dev-portal/zudoku/components/switch.mdx +96 -0
- package/docs/dev-portal/zudoku/components/syntax-highlight.mdx +602 -0
- package/docs/dev-portal/zudoku/components/textarea.mdx +78 -0
- package/docs/dev-portal/zudoku/components/tooltip.mdx +195 -0
- package/docs/dev-portal/zudoku/components/typography.mdx +61 -0
- package/docs/dev-portal/zudoku/configuration/ai-assistants.md +64 -0
- package/docs/dev-portal/zudoku/configuration/api-catalog.md +108 -0
- package/docs/dev-portal/zudoku/configuration/api-reference.md +397 -0
- package/docs/dev-portal/zudoku/configuration/authentication-auth0.md +173 -0
- package/docs/dev-portal/zudoku/configuration/authentication-azure-ad.md +238 -0
- package/docs/dev-portal/zudoku/configuration/authentication-clerk.md +110 -0
- package/docs/dev-portal/zudoku/configuration/authentication-firebase.md +61 -0
- package/docs/dev-portal/zudoku/configuration/authentication-pingfederate.md +136 -0
- package/docs/dev-portal/zudoku/configuration/authentication-supabase.md +225 -0
- package/docs/dev-portal/zudoku/configuration/authentication.md +199 -0
- package/docs/dev-portal/zudoku/configuration/build-configuration.mdx +147 -0
- package/docs/dev-portal/zudoku/configuration/docs.md +282 -0
- package/docs/dev-portal/zudoku/configuration/footer.mdx +214 -0
- package/docs/dev-portal/zudoku/configuration/llms.md +89 -0
- package/docs/dev-portal/zudoku/configuration/navigation.mdx +408 -0
- package/docs/dev-portal/zudoku/configuration/overview.md +380 -0
- package/docs/dev-portal/zudoku/configuration/protected-routes.md +149 -0
- package/docs/dev-portal/zudoku/configuration/search.md +169 -0
- package/docs/dev-portal/zudoku/configuration/sentry.mdx +44 -0
- package/docs/dev-portal/zudoku/configuration/site.md +124 -0
- package/docs/dev-portal/zudoku/configuration/slots.mdx +124 -0
- package/docs/dev-portal/zudoku/configuration/vite-config.md +18 -0
- package/docs/dev-portal/zudoku/custom-plugins.md +287 -0
- package/docs/dev-portal/zudoku/customization/colors-theme.mdx +275 -0
- package/docs/dev-portal/zudoku/customization/fonts.md +110 -0
- package/docs/dev-portal/zudoku/extending/events.md +124 -0
- package/docs/dev-portal/zudoku/guides/custom-pages.md +106 -0
- package/docs/dev-portal/zudoku/guides/environment-variables.md +99 -0
- package/docs/dev-portal/zudoku/guides/mermaid.mdx +70 -0
- package/docs/dev-portal/zudoku/guides/navigation-migration.md +87 -0
- package/docs/dev-portal/zudoku/guides/navigation-rules.mdx +197 -0
- package/docs/dev-portal/zudoku/guides/processors.mdx +234 -0
- package/docs/dev-portal/zudoku/guides/static-files.md +55 -0
- package/docs/dev-portal/zudoku/guides/transforming-examples.md +156 -0
- package/docs/dev-portal/zudoku/guides/using-multiple-apis.md +87 -0
- package/docs/dev-portal/zudoku/markdown/admonitions.md +128 -0
- package/docs/dev-portal/zudoku/markdown/code-blocks.md +196 -0
- package/docs/dev-portal/zudoku/markdown/frontmatter.md +172 -0
- package/docs/dev-portal/zudoku/markdown/mdx.md +68 -0
- package/docs/dev-portal/zudoku/markdown/overview.md +275 -0
- package/docs/dev-portal/zudoku/plugins.md +5 -0
- package/docs/dev-portal/zudoku/writing.mdx +72 -0
- package/docs/errors/bad-request.mdx +39 -0
- package/docs/errors/build-error.mdx +45 -0
- package/docs/errors/fatal-project-error.mdx +39 -0
- package/docs/errors/gateway-timeout.mdx +33 -0
- package/docs/errors/get-head-body-error.mdx +41 -0
- package/docs/errors/main-mod-error.mdx +40 -0
- package/docs/errors/no-project-set.mdx +41 -0
- package/docs/errors/not-found.mdx +43 -0
- package/docs/errors/rate-limit-exceeded.mdx +31 -0
- package/docs/errors/schema-validation-failed.mdx +51 -0
- package/docs/errors/system-configuration-error.mdx +44 -0
- package/docs/errors/unauthorized.mdx +50 -0
- package/docs/errors/unknown-error.mdx +42 -0
- package/docs/errors.mdx +14 -0
- package/docs/guides/canary-routing-for-employees.mdx +385 -0
- package/docs/guides/geolocation-backend-routing.mdx +404 -0
- package/docs/guides/modify-openapi-paths.mdx +371 -0
- package/docs/guides/openapi-overlays.mdx +492 -0
- package/docs/guides/overview.mdx +12 -0
- package/docs/guides/user-based-backend-routing.mdx +437 -0
- package/docs/handlers/aws-lambda.mdx +201 -0
- package/docs/handlers/custom-handler.mdx +112 -0
- package/docs/handlers/legacy-dev-portal-handler.mdx +135 -0
- package/docs/handlers/mcp-server.mdx +730 -0
- package/docs/handlers/openapi.mdx +78 -0
- package/docs/handlers/redirect.mdx +115 -0
- package/docs/handlers/system-handlers.mdx +41 -0
- package/docs/handlers/url-forward.mdx +204 -0
- package/docs/handlers/url-rewrite.mdx +224 -0
- package/docs/handlers/websocket-handler.mdx +154 -0
- package/docs/home.mdx +6 -0
- package/docs/managed-edge/overview.md +78 -0
- package/docs/mcp-server/configuration-migration-guide.mdx +344 -0
- package/docs/mcp-server/custom-tools.mdx +487 -0
- package/docs/mcp-server/graphql.mdx +241 -0
- package/docs/mcp-server/introduction.mdx +122 -0
- package/docs/mcp-server/openai-apps-sdk.mdx +160 -0
- package/docs/mcp-server/prompts.mdx +283 -0
- package/docs/mcp-server/resources.mdx +288 -0
- package/docs/mcp-server/testing.mdx +53 -0
- package/docs/mcp-server/tools.mdx +306 -0
- package/docs/policies/_index.md +92 -0
- package/docs/policies/ab-test-inbound/intro.md +8 -0
- package/docs/policies/ab-test-inbound/policy.ts +14 -0
- package/docs/policies/ab-test-inbound/schema.json +27 -0
- package/docs/policies/ab-test-outbound/intro.md +8 -0
- package/docs/policies/ab-test-outbound/policy.ts +26 -0
- package/docs/policies/ab-test-outbound/schema.json +27 -0
- package/docs/policies/acl-policy-inbound/intro.md +5 -0
- package/docs/policies/acl-policy-inbound/policy.ts +32 -0
- package/docs/policies/acl-policy-inbound/schema.json +52 -0
- package/docs/policies/akamai-ai-firewall/schema.json +98 -0
- package/docs/policies/amberflo-metering-inbound/doc.md +183 -0
- package/docs/policies/amberflo-metering-inbound/intro.md +20 -0
- package/docs/policies/amberflo-metering-inbound/schema.json +108 -0
- package/docs/policies/api-key-inbound/doc.md +77 -0
- package/docs/policies/api-key-inbound/intro.md +30 -0
- package/docs/policies/api-key-inbound/schema.json +84 -0
- package/docs/policies/archive-request-aws-s3-inbound/intro.md +4 -0
- package/docs/policies/archive-request-aws-s3-inbound/policy.ts +58 -0
- package/docs/policies/archive-request-aws-s3-inbound/schema.json +68 -0
- package/docs/policies/archive-request-azure-storage-inbound/doc.md +31 -0
- package/docs/policies/archive-request-azure-storage-inbound/intro.md +4 -0
- package/docs/policies/archive-request-azure-storage-inbound/policy.ts +54 -0
- package/docs/policies/archive-request-azure-storage-inbound/schema.json +53 -0
- package/docs/policies/archive-request-gcp-storage-inbound/doc.md +63 -0
- package/docs/policies/archive-request-gcp-storage-inbound/intro.md +4 -0
- package/docs/policies/archive-request-gcp-storage-inbound/policy.ts +68 -0
- package/docs/policies/archive-request-gcp-storage-inbound/schema.json +47 -0
- package/docs/policies/archive-response-aws-s3-outbound/intro.md +2 -0
- package/docs/policies/archive-response-aws-s3-outbound/policy.ts +59 -0
- package/docs/policies/archive-response-aws-s3-outbound/schema.json +68 -0
- package/docs/policies/archive-response-azure-storage-outbound/doc.md +31 -0
- package/docs/policies/archive-response-azure-storage-outbound/intro.md +3 -0
- package/docs/policies/archive-response-azure-storage-outbound/policy.ts +54 -0
- package/docs/policies/archive-response-azure-storage-outbound/schema.json +53 -0
- package/docs/policies/audit-log-inbound/doc.md +78 -0
- package/docs/policies/audit-log-inbound/intro.md +10 -0
- package/docs/policies/audit-log-inbound/schema.json +81 -0
- package/docs/policies/auth0-jwt-auth-inbound/doc.md +125 -0
- package/docs/policies/auth0-jwt-auth-inbound/intro.md +17 -0
- package/docs/policies/auth0-jwt-auth-inbound/schema.json +74 -0
- package/docs/policies/authzen-inbound/doc.md +24 -0
- package/docs/policies/authzen-inbound/intro.md +31 -0
- package/docs/policies/authzen-inbound/schema.json +126 -0
- package/docs/policies/axiomatics-authz-inbound/doc.md +144 -0
- package/docs/policies/axiomatics-authz-inbound/intro.md +11 -0
- package/docs/policies/axiomatics-authz-inbound/schema.json +161 -0
- package/docs/policies/basic-auth-inbound/intro.md +9 -0
- package/docs/policies/basic-auth-inbound/schema.json +99 -0
- package/docs/policies/bot-detection-inbound/intro.md +4 -0
- package/docs/policies/bot-detection-inbound/schema.json +56 -0
- package/docs/policies/brownout-inbound/doc.md +55 -0
- package/docs/policies/brownout-inbound/intro.md +12 -0
- package/docs/policies/brownout-inbound/schema.json +115 -0
- package/docs/policies/caching-inbound/doc.md +209 -0
- package/docs/policies/caching-inbound/intro.md +23 -0
- package/docs/policies/caching-inbound/schema.json +98 -0
- package/docs/policies/change-method-inbound/schema.json +56 -0
- package/docs/policies/clear-headers-inbound/schema.json +59 -0
- package/docs/policies/clear-headers-outbound/schema.json +59 -0
- package/docs/policies/clerk-jwt-auth-inbound/doc.md +85 -0
- package/docs/policies/clerk-jwt-auth-inbound/intro.md +4 -0
- package/docs/policies/clerk-jwt-auth-inbound/schema.json +68 -0
- package/docs/policies/cognito-jwt-auth-inbound/intro.md +7 -0
- package/docs/policies/cognito-jwt-auth-inbound/schema.json +74 -0
- package/docs/policies/comet-opik-tracing-inbound/schema.json +65 -0
- package/docs/policies/complex-rate-limit-inbound/doc.md +20 -0
- package/docs/policies/complex-rate-limit-inbound/intro.md +23 -0
- package/docs/policies/complex-rate-limit-inbound/schema.json +142 -0
- package/docs/policies/composite-inbound/doc.md +69 -0
- package/docs/policies/composite-inbound/intro.md +15 -0
- package/docs/policies/composite-inbound/schema.json +59 -0
- package/docs/policies/composite-outbound/intro.md +6 -0
- package/docs/policies/composite-outbound/schema.json +59 -0
- package/docs/policies/curity-phantom-token-inbound/doc.md +109 -0
- package/docs/policies/curity-phantom-token-inbound/intro.md +3 -0
- package/docs/policies/curity-phantom-token-inbound/schema.json +68 -0
- package/docs/policies/custom-code-inbound/doc.md +267 -0
- package/docs/policies/custom-code-inbound/intro.md +2 -0
- package/docs/policies/custom-code-inbound/schema.json +48 -0
- package/docs/policies/custom-code-outbound/doc.md +235 -0
- package/docs/policies/custom-code-outbound/intro.md +2 -0
- package/docs/policies/custom-code-outbound/schema.json +43 -0
- package/docs/policies/firebase-jwt-inbound/intro.md +6 -0
- package/docs/policies/firebase-jwt-inbound/schema.json +68 -0
- package/docs/policies/formdata-to-json-inbound/schema.json +60 -0
- package/docs/policies/galileo-tracing-inbound/schema.json +65 -0
- package/docs/policies/geo-filter-inbound/doc.md +33 -0
- package/docs/policies/geo-filter-inbound/schema.json +108 -0
- package/docs/policies/graphql-complexity-limit-inbound/doc.md +48 -0
- package/docs/policies/graphql-complexity-limit-inbound/intro.md +2 -0
- package/docs/policies/graphql-complexity-limit-inbound/schema.json +90 -0
- package/docs/policies/graphql-disable-introspection-inbound/doc.md +66 -0
- package/docs/policies/graphql-disable-introspection-inbound/intro.md +15 -0
- package/docs/policies/graphql-disable-introspection-inbound/schema.json +48 -0
- package/docs/policies/graphql-introspection-filter-outbound/doc.md +148 -0
- package/docs/policies/graphql-introspection-filter-outbound/schema.json +79 -0
- package/docs/policies/hmac-auth-inbound/doc.md +30 -0
- package/docs/policies/hmac-auth-inbound/intro.md +10 -0
- package/docs/policies/hmac-auth-inbound/policy.ts +70 -0
- package/docs/policies/hmac-auth-inbound/schema.json +53 -0
- package/docs/policies/http-deprecation-outbound/doc.md +73 -0
- package/docs/policies/http-deprecation-outbound/schema.json +83 -0
- package/docs/policies/ip-restriction-inbound/intro.md +8 -0
- package/docs/policies/ip-restriction-inbound/policy.ts +40 -0
- package/docs/policies/ip-restriction-inbound/schema.json +58 -0
- package/docs/policies/jwt-scopes-inbound/schema.json +59 -0
- package/docs/policies/ldap-auth-inbound/schema.json +56 -0
- package/docs/policies/mock-api-inbound/schema.json +72 -0
- package/docs/policies/moesif-inbound/doc.md +44 -0
- package/docs/policies/moesif-inbound/intro.md +6 -0
- package/docs/policies/moesif-inbound/schema.json +68 -0
- package/docs/policies/monetization-inbound/doc.md +87 -0
- package/docs/policies/monetization-inbound/intro.md +6 -0
- package/docs/policies/monetization-inbound/schema.json +102 -0
- package/docs/policies/mtls-auth-inbound/intro.md +6 -0
- package/docs/policies/mtls-auth-inbound/schema.json +68 -0
- package/docs/policies/okta-fga-authz-inbound/doc.md +181 -0
- package/docs/policies/okta-fga-authz-inbound/intro.md +20 -0
- package/docs/policies/okta-fga-authz-inbound/schema.json +104 -0
- package/docs/policies/okta-jwt-auth-inbound/intro.md +7 -0
- package/docs/policies/okta-jwt-auth-inbound/schema.json +74 -0
- package/docs/policies/open-id-jwt-auth-inbound/doc.md +58 -0
- package/docs/policies/open-id-jwt-auth-inbound/intro.md +30 -0
- package/docs/policies/open-id-jwt-auth-inbound/schema.json +128 -0
- package/docs/policies/openfga-authz-inbound/doc.md +207 -0
- package/docs/policies/openfga-authz-inbound/intro.md +17 -0
- package/docs/policies/openfga-authz-inbound/schema.json +191 -0
- package/docs/policies/openmeter-inbound/doc.md +163 -0
- package/docs/policies/openmeter-inbound/intro.md +18 -0
- package/docs/policies/openmeter-inbound/schema.json +183 -0
- package/docs/policies/prompt-injection-outbound/doc.md +106 -0
- package/docs/policies/prompt-injection-outbound/intro.md +4 -0
- package/docs/policies/prompt-injection-outbound/schema.json +74 -0
- package/docs/policies/propel-auth-jwt-inbound/doc.md +88 -0
- package/docs/policies/propel-auth-jwt-inbound/intro.md +4 -0
- package/docs/policies/propel-auth-jwt-inbound/schema.json +74 -0
- package/docs/policies/query-param-to-header-inbound/doc.md +70 -0
- package/docs/policies/query-param-to-header-inbound/intro.md +5 -0
- package/docs/policies/query-param-to-header-inbound/schema.json +74 -0
- package/docs/policies/quota-inbound/doc.md +235 -0
- package/docs/policies/quota-inbound/intro.md +7 -0
- package/docs/policies/quota-inbound/schema.json +133 -0
- package/docs/policies/rate-limit-inbound/doc.md +78 -0
- package/docs/policies/rate-limit-inbound/intro.md +30 -0
- package/docs/policies/rate-limit-inbound/schema.json +134 -0
- package/docs/policies/rbac-policy-inbound/intro.md +3 -0
- package/docs/policies/rbac-policy-inbound/policy.ts +42 -0
- package/docs/policies/rbac-policy-inbound/schema.json +52 -0
- package/docs/policies/readme-metrics-inbound/doc.md +1 -0
- package/docs/policies/readme-metrics-inbound/intro.md +3 -0
- package/docs/policies/readme-metrics-inbound/schema.json +84 -0
- package/docs/policies/remove-headers-inbound/schema.json +59 -0
- package/docs/policies/remove-headers-outbound/schema.json +59 -0
- package/docs/policies/remove-query-params-inbound/schema.json +59 -0
- package/docs/policies/replace-string-outbound/schema.json +69 -0
- package/docs/policies/request-size-limit-inbound/schema.json +60 -0
- package/docs/policies/request-validation-inbound/doc.md +72 -0
- package/docs/policies/request-validation-inbound/intro.md +24 -0
- package/docs/policies/request-validation-inbound/schema.json +98 -0
- package/docs/policies/require-origin-inbound/intro.md +12 -0
- package/docs/policies/require-origin-inbound/schema.json +65 -0
- package/docs/policies/secret-masking-outbound/doc.md +41 -0
- package/docs/policies/secret-masking-outbound/intro.md +13 -0
- package/docs/policies/secret-masking-outbound/schema.json +65 -0
- package/docs/policies/semantic-cache-inbound/doc.md +63 -0
- package/docs/policies/semantic-cache-inbound/intro.md +4 -0
- package/docs/policies/semantic-cache-inbound/schema.json +179 -0
- package/docs/policies/set-body-inbound/intro.md +7 -0
- package/docs/policies/set-body-inbound/schema.json +56 -0
- package/docs/policies/set-headers-inbound/doc.md +41 -0
- package/docs/policies/set-headers-inbound/intro.md +2 -0
- package/docs/policies/set-headers-inbound/schema.json +83 -0
- package/docs/policies/set-headers-outbound/schema.json +83 -0
- package/docs/policies/set-query-params-inbound/schema.json +83 -0
- package/docs/policies/set-status-outbound/schema.json +62 -0
- package/docs/policies/sleep-inbound/schema.json +56 -0
- package/docs/policies/stripe-webhook-verification-inbound/intro.md +2 -0
- package/docs/policies/stripe-webhook-verification-inbound/schema.json +60 -0
- package/docs/policies/supabase-jwt-auth-inbound/doc.md +29 -0
- package/docs/policies/supabase-jwt-auth-inbound/intro.md +12 -0
- package/docs/policies/supabase-jwt-auth-inbound/schema.json +86 -0
- package/docs/policies/transform-body-inbound/intro.md +8 -0
- package/docs/policies/transform-body-inbound/policy.ts +16 -0
- package/docs/policies/transform-body-inbound/schema.json +27 -0
- package/docs/policies/transform-body-outbound/intro.md +8 -0
- package/docs/policies/transform-body-outbound/policy.ts +19 -0
- package/docs/policies/transform-body-outbound/schema.json +27 -0
- package/docs/policies/upstream-azure-ad-service-auth-inbound/doc.md +82 -0
- package/docs/policies/upstream-azure-ad-service-auth-inbound/intro.md +20 -0
- package/docs/policies/upstream-azure-ad-service-auth-inbound/schema.json +84 -0
- package/docs/policies/upstream-firebase-admin-auth-inbound/intro.md +10 -0
- package/docs/policies/upstream-firebase-admin-auth-inbound/schema.json +68 -0
- package/docs/policies/upstream-firebase-user-auth-inbound/intro.md +2 -0
- package/docs/policies/upstream-firebase-user-auth-inbound/schema.json +113 -0
- package/docs/policies/upstream-gcp-federated-auth-inbound/doc.md +139 -0
- package/docs/policies/upstream-gcp-federated-auth-inbound/intro.md +21 -0
- package/docs/policies/upstream-gcp-federated-auth-inbound/schema.json +96 -0
- package/docs/policies/upstream-gcp-jwt-inbound/intro.md +10 -0
- package/docs/policies/upstream-gcp-jwt-inbound/schema.json +62 -0
- package/docs/policies/upstream-gcp-service-auth-inbound/doc.md +132 -0
- package/docs/policies/upstream-gcp-service-auth-inbound/intro.md +25 -0
- package/docs/policies/upstream-gcp-service-auth-inbound/schema.json +95 -0
- package/docs/policies/upstream-zuplo-jwt-auth-inbound/doc.md +213 -0
- package/docs/policies/upstream-zuplo-jwt-auth-inbound/intro.md +16 -0
- package/docs/policies/upstream-zuplo-jwt-auth-inbound/schema.json +101 -0
- package/docs/policies/validate-json-schema-inbound/doc.md +129 -0
- package/docs/policies/validate-json-schema-inbound/intro.md +7 -0
- package/docs/policies/validate-json-schema-inbound/schema.json +56 -0
- package/docs/policies/web-bot-auth-inbound/doc.md +104 -0
- package/docs/policies/web-bot-auth-inbound/intro.md +16 -0
- package/docs/policies/web-bot-auth-inbound/schema.json +76 -0
- package/docs/policies/xml-to-json-outbound/doc.md +71 -0
- package/docs/policies/xml-to-json-outbound/intro.md +4 -0
- package/docs/policies/xml-to-json-outbound/schema.json +117 -0
- package/docs/programmable-api/audit-log.mdx +74 -0
- package/docs/programmable-api/background-dispatcher.mdx +124 -0
- package/docs/programmable-api/background-loader.mdx +104 -0
- package/docs/programmable-api/cache.mdx +186 -0
- package/docs/programmable-api/compatibility-dates.mdx +201 -0
- package/docs/programmable-api/console-logging.mdx +48 -0
- package/docs/programmable-api/context-data.mdx +127 -0
- package/docs/programmable-api/custom-cors-policy.mdx +64 -0
- package/docs/programmable-api/environment.mdx +328 -0
- package/docs/programmable-api/hooks.mdx +569 -0
- package/docs/programmable-api/http-problems.mdx +385 -0
- package/docs/programmable-api/jwt-service-plugin.mdx +420 -0
- package/docs/programmable-api/logger.mdx +223 -0
- package/docs/programmable-api/memory-zone-read-through-cache.mdx +96 -0
- package/docs/programmable-api/node-modules.mdx +67 -0
- package/docs/programmable-api/not-found-handler.mdx +47 -0
- package/docs/programmable-api/oauth-protected-resource-plugin.mdx +46 -0
- package/docs/programmable-api/overview.mdx +213 -0
- package/docs/programmable-api/problem-response-formatter.mdx +183 -0
- package/docs/programmable-api/request-user.mdx +289 -0
- package/docs/programmable-api/reusing-code.mdx +26 -0
- package/docs/programmable-api/route-raw.mdx +55 -0
- package/docs/programmable-api/runtime-behaviors.mdx +25 -0
- package/docs/programmable-api/runtime-errors.mdx +246 -0
- package/docs/programmable-api/runtime-extensions.mdx +340 -0
- package/docs/programmable-api/safely-clone-a-request-or-response.mdx +57 -0
- package/docs/programmable-api/streaming-zone-cache.mdx +155 -0
- package/docs/programmable-api/web-crypto-apis.mdx +219 -0
- package/docs/programmable-api/web-standard-apis.mdx +109 -0
- package/docs/programmable-api/zone-cache.mdx +131 -0
- package/docs/programmable-api/zp-body-removed.mdx +32 -0
- package/docs/programmable-api/zuplo-context.mdx +414 -0
- package/docs/programmable-api/zuplo-id-token.mdx +90 -0
- package/docs/programmable-api/zuplo-json.mdx +91 -0
- package/docs/programmable-api/zuplo-request.mdx +200 -0
- package/docs/sample-apis.mdx +78 -0
- package/docs/self-hosted/overview.md +60 -0
- package/package.json +6 -5
|
@@ -0,0 +1,420 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: JWT Service Plugin
|
|
3
|
+
---
|
|
4
|
+
|
|
5
|
+
<EnterpriseFeature name="JWT Service Plugin" />
|
|
6
|
+
|
|
7
|
+
The JWT Service Plugin allows you to create and issue short-lived JSON Web
|
|
8
|
+
Tokens (JWTs) within your Zuplo API. This plugin is useful for scenarios where
|
|
9
|
+
you need to issue tokens for authentication, authorization, or other purposes.
|
|
10
|
+
|
|
11
|
+
The plugin essentially turns your Zuplo API into its own identity provider that
|
|
12
|
+
can issue JWTs. Your Zuplo API will also serve the standard
|
|
13
|
+
`/.well-known/openid-configuration` endpoint and associated JWKS endpoint which
|
|
14
|
+
can be used by clients to discover the public keys used to verify the JWTs
|
|
15
|
+
issued by your API.
|
|
16
|
+
|
|
17
|
+
:::note{title="Beta Feature"}
|
|
18
|
+
|
|
19
|
+
This plugin is in Beta - please use with care and provide feedback to the team
|
|
20
|
+
if you encounter any issues.
|
|
21
|
+
|
|
22
|
+
:::
|
|
23
|
+
|
|
24
|
+
## JWT Token
|
|
25
|
+
|
|
26
|
+
This service currently issues JWTs using the EdDSA algorithm. This is the
|
|
27
|
+
recommended algorithm for new applications due to its strong security properties
|
|
28
|
+
and performance characteristics. However, it's important to note that not every
|
|
29
|
+
library supports EdDSA, so you should ensure that your
|
|
30
|
+
[client library](https://jwt.io/libraries) can handle this algorithm.
|
|
31
|
+
|
|
32
|
+
## Use Cases
|
|
33
|
+
|
|
34
|
+
Some of the common use cases for the JWT service plugin include:
|
|
35
|
+
|
|
36
|
+
- Securing downstream APIs by issuing JWTs that can be used to verify that the
|
|
37
|
+
request is coming from your Zuplo API
|
|
38
|
+
- Securing requests to other Zuplo API gateways (for example, when using the
|
|
39
|
+
[Federated Gateway](../dedicated/federated-gateways.mdx) capability on Zuplo
|
|
40
|
+
managed dedicated deployments.)
|
|
41
|
+
- Calling third-party APIs that can be configured with federated identity such
|
|
42
|
+
as AWS, Azure, or Google Cloud.
|
|
43
|
+
- Issuing short lived tokens for client side applications
|
|
44
|
+
|
|
45
|
+
## Setup
|
|
46
|
+
|
|
47
|
+
To set up the JWT Service Plugin, you need to register it in your
|
|
48
|
+
`zuplo.runtime.ts` file.
|
|
49
|
+
|
|
50
|
+
```ts title="modules/zuplo.runtime.ts"
|
|
51
|
+
import { RuntimeExtensions, JwtServicePlugin } from "@zuplo/runtime";
|
|
52
|
+
|
|
53
|
+
export function runtimeInit(runtime: RuntimeExtensions) {
|
|
54
|
+
// Default configuration (no options)
|
|
55
|
+
const jwtService = new JwtServicePlugin();
|
|
56
|
+
runtime.addPlugin(jwtService);
|
|
57
|
+
}
|
|
58
|
+
```
|
|
59
|
+
|
|
60
|
+
### Configuration Options
|
|
61
|
+
|
|
62
|
+
The JWT Service Plugin accepts optional configuration to customize its behavior.
|
|
63
|
+
You can pass a configuration object to the constructor:
|
|
64
|
+
|
|
65
|
+
```ts title="modules/zuplo.runtime.ts"
|
|
66
|
+
import {
|
|
67
|
+
RuntimeExtensions,
|
|
68
|
+
JwtServicePlugin,
|
|
69
|
+
JwtServicePluginOptions,
|
|
70
|
+
} from "@zuplo/runtime";
|
|
71
|
+
|
|
72
|
+
export function runtimeInit(runtime: RuntimeExtensions) {
|
|
73
|
+
// Example 1: Custom configuration with both options
|
|
74
|
+
const options: JwtServicePluginOptions = {
|
|
75
|
+
// Custom base path for the issuer endpoint (default: "/__zuplo/issuer")
|
|
76
|
+
basePath: "/custom",
|
|
77
|
+
|
|
78
|
+
// Token expiration time (default: 300 seconds)
|
|
79
|
+
// Can be a number (seconds) or a time span string
|
|
80
|
+
tokenExpiration: "5m", // or 300 for seconds
|
|
81
|
+
};
|
|
82
|
+
|
|
83
|
+
const jwtService = new JwtServicePlugin(options);
|
|
84
|
+
runtime.addPlugin(jwtService);
|
|
85
|
+
}
|
|
86
|
+
```
|
|
87
|
+
|
|
88
|
+
#### Available Options
|
|
89
|
+
|
|
90
|
+
- **`basePath`** (optional): The base path for the JWT issuer endpoint. Default
|
|
91
|
+
is `"/__zuplo/issuer"`. This affects the issuer URL and OIDC configuration
|
|
92
|
+
endpoints.
|
|
93
|
+
|
|
94
|
+
- **`tokenExpiration`** (optional): Sets the default expiration time for JWTs.
|
|
95
|
+
Can be either:
|
|
96
|
+
- A **number**: Direct value in seconds (for example, `300` for 5 minutes)
|
|
97
|
+
- A **string**: Time span format (for example, `"5 minutes"`, `"1 hour"`,
|
|
98
|
+
`"7 days"`)
|
|
99
|
+
|
|
100
|
+
Valid time units include:
|
|
101
|
+
- Seconds: `"sec"`, `"secs"`, `"second"`, `"seconds"`, `"s"`
|
|
102
|
+
- Minutes: `"minute"`, `"minutes"`, `"min"`, `"mins"`, `"m"`
|
|
103
|
+
- Hours: `"hour"`, `"hours"`, `"hr"`, `"hrs"`, `"h"`
|
|
104
|
+
- Days: `"day"`, `"days"`, `"d"`
|
|
105
|
+
- Weeks: `"week"`, `"weeks"`, `"w"`
|
|
106
|
+
- Years: `"year"`, `"years"`, `"yr"`, `"yrs"`, `"y"` (365.25 days)
|
|
107
|
+
|
|
108
|
+
Examples:
|
|
109
|
+
|
|
110
|
+
```ts
|
|
111
|
+
tokenExpiration: 300; // 300 seconds
|
|
112
|
+
tokenExpiration: "5 minutes"; // 5 minutes
|
|
113
|
+
tokenExpiration: "2 hours"; // 2 hours
|
|
114
|
+
tokenExpiration: "7 days"; // 7 days
|
|
115
|
+
tokenExpiration: "30 mins"; // 30 minutes
|
|
116
|
+
```
|
|
117
|
+
|
|
118
|
+
Note: Individual JWT creation can override this default by specifying
|
|
119
|
+
`expiresIn` in the `signJwt` method.
|
|
120
|
+
|
|
121
|
+
## Usage
|
|
122
|
+
|
|
123
|
+
Once the plugin is registered, you can use it to issue JWTs in custom handlers
|
|
124
|
+
or policies.
|
|
125
|
+
|
|
126
|
+
```ts title="modules/handlers/jwt-issue.ts"
|
|
127
|
+
import { ZuploRequest, ZuploContext, JwtServicePlugin } from "@zuplo/runtime";
|
|
128
|
+
|
|
129
|
+
export async function getJwt(request: ZuploRequest, context: ZuploContext) {
|
|
130
|
+
const jwt = await JwtServicePlugin.signJwt({
|
|
131
|
+
subject: "test-subject",
|
|
132
|
+
});
|
|
133
|
+
return new Response(jwt, {
|
|
134
|
+
headers: { "content-type": "text/plain" },
|
|
135
|
+
});
|
|
136
|
+
}
|
|
137
|
+
```
|
|
138
|
+
|
|
139
|
+
### JWT Issuer and OIDC Configuration
|
|
140
|
+
|
|
141
|
+
When the JWT Service Plugin is enabled, your Zuplo API acts as an identity
|
|
142
|
+
provider with the following endpoints:
|
|
143
|
+
|
|
144
|
+
- **Issuer URL**: `https://{deploymentName}.zuplo.com/__zuplo/issuer` (or your
|
|
145
|
+
custom domain if configured)
|
|
146
|
+
- **OIDC Configuration**:
|
|
147
|
+
`https://{deploymentName}.zuplo.com/__zuplo/issuer/.well-known/openid-configuration`
|
|
148
|
+
- **JWKS Endpoint**:
|
|
149
|
+
`https://{deploymentName}.zuplo.com/__zuplo/issuer/.well-known/jwks.json`
|
|
150
|
+
|
|
151
|
+
The OIDC configuration endpoint returns a standard OpenID Connect discovery
|
|
152
|
+
document that includes the JWKS URI for retrieving the public keys used to
|
|
153
|
+
verify JWTs.
|
|
154
|
+
|
|
155
|
+
### Creating a JWT Authorization Policy
|
|
156
|
+
|
|
157
|
+
A common pattern is to create a custom policy that automatically adds JWT tokens
|
|
158
|
+
to outbound requests. This is useful when calling downstream APIs that require
|
|
159
|
+
authentication.
|
|
160
|
+
|
|
161
|
+
Here's an example of a [custom policy](../policies/custom-code-inbound.mdx) that
|
|
162
|
+
adds a JWT to the Authorization header of outbound requests:
|
|
163
|
+
|
|
164
|
+
```ts title="modules/policies/jwt-auth-upstream.ts"
|
|
165
|
+
import {
|
|
166
|
+
ZuploRequest,
|
|
167
|
+
ZuploContext,
|
|
168
|
+
RequestHandlerPlugin,
|
|
169
|
+
JwtServicePlugin,
|
|
170
|
+
} from "@zuplo/runtime";
|
|
171
|
+
|
|
172
|
+
export default async function (request: ZuploRequest, context: ZuploContext) {
|
|
173
|
+
// Generate a JWT with the configured options
|
|
174
|
+
const jwt = await JwtServicePlugin.signJwt({
|
|
175
|
+
subject: request.user?.sub || "api-gateway",
|
|
176
|
+
audience: request.url,
|
|
177
|
+
});
|
|
178
|
+
|
|
179
|
+
// Add the JWT to the Authorization header of the request
|
|
180
|
+
const headers = new Headers(request.headers);
|
|
181
|
+
headers.set("Authorization", `Bearer ${jwt}`);
|
|
182
|
+
|
|
183
|
+
return new ZuploRequest(request, { headers });
|
|
184
|
+
}
|
|
185
|
+
```
|
|
186
|
+
|
|
187
|
+
## Validating JWTs in Upstream Services
|
|
188
|
+
|
|
189
|
+
Upstream services can validate the JWTs issued by your Zuplo API by verifying
|
|
190
|
+
the signature and claims. Here's an example of how to validate JWTs in different
|
|
191
|
+
environments:
|
|
192
|
+
|
|
193
|
+
### Node.js/Express Example
|
|
194
|
+
|
|
195
|
+
```js title="validate-jwt.js"
|
|
196
|
+
const jwt = require("jsonwebtoken");
|
|
197
|
+
const jwksClient = require("jwks-rsa");
|
|
198
|
+
|
|
199
|
+
// Replace with your actual Zuplo deployment name or custom domain
|
|
200
|
+
const ISSUER = "https://my-api.zuplo.com/__zuplo/issuer";
|
|
201
|
+
|
|
202
|
+
// Create a JWKS client to fetch public keys
|
|
203
|
+
const client = jwksClient({
|
|
204
|
+
jwksUri: `${ISSUER}/.well-known/jwks.json`,
|
|
205
|
+
cache: true,
|
|
206
|
+
cacheMaxAge: 600000, // 10 minutes
|
|
207
|
+
});
|
|
208
|
+
|
|
209
|
+
// Function to get the signing key
|
|
210
|
+
function getKey(header, callback) {
|
|
211
|
+
client.getSigningKey(header.kid, function (err, key) {
|
|
212
|
+
if (err) {
|
|
213
|
+
return callback(err);
|
|
214
|
+
}
|
|
215
|
+
const signingKey = key.getPublicKey();
|
|
216
|
+
callback(null, signingKey);
|
|
217
|
+
});
|
|
218
|
+
}
|
|
219
|
+
|
|
220
|
+
// Middleware to validate JWT
|
|
221
|
+
function validateJwt(req, res, next) {
|
|
222
|
+
const token = req.headers.authorization?.replace("Bearer ", "");
|
|
223
|
+
|
|
224
|
+
if (!token) {
|
|
225
|
+
return res.status(401).json({ error: "No token provided" });
|
|
226
|
+
}
|
|
227
|
+
|
|
228
|
+
jwt.verify(
|
|
229
|
+
token,
|
|
230
|
+
getKey,
|
|
231
|
+
{
|
|
232
|
+
issuer: ISSUER,
|
|
233
|
+
algorithms: ["RS256"],
|
|
234
|
+
},
|
|
235
|
+
(err, decoded) => {
|
|
236
|
+
if (err) {
|
|
237
|
+
return res
|
|
238
|
+
.status(401)
|
|
239
|
+
.json({ error: "Invalid token", details: err.message });
|
|
240
|
+
}
|
|
241
|
+
req.user = decoded;
|
|
242
|
+
next();
|
|
243
|
+
},
|
|
244
|
+
);
|
|
245
|
+
}
|
|
246
|
+
|
|
247
|
+
// Example usage
|
|
248
|
+
app.get("/protected", validateJwt, (req, res) => {
|
|
249
|
+
res.json({
|
|
250
|
+
message: "Access granted",
|
|
251
|
+
user: req.user,
|
|
252
|
+
});
|
|
253
|
+
});
|
|
254
|
+
```
|
|
255
|
+
|
|
256
|
+
### Python/FastAPI Example
|
|
257
|
+
|
|
258
|
+
```python title="validate_jwt.py"
|
|
259
|
+
from fastapi import FastAPI, Depends, HTTPException, Security
|
|
260
|
+
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
|
|
261
|
+
import jwt
|
|
262
|
+
from jwt import PyJWKClient
|
|
263
|
+
import requests
|
|
264
|
+
|
|
265
|
+
app = FastAPI()
|
|
266
|
+
security = HTTPBearer()
|
|
267
|
+
|
|
268
|
+
# Replace with your actual Zuplo deployment name or custom domain
|
|
269
|
+
ISSUER = "https://my-api.zuplo.com/__zuplo/issuer"
|
|
270
|
+
JWKS_URL = f"{ISSUER}/.well-known/jwks.json"
|
|
271
|
+
|
|
272
|
+
# Initialize JWKS client
|
|
273
|
+
jwks_client = PyJWKClient(JWKS_URL)
|
|
274
|
+
|
|
275
|
+
async def validate_token(credentials: HTTPAuthorizationCredentials = Security(security)):
|
|
276
|
+
token = credentials.credentials
|
|
277
|
+
|
|
278
|
+
try:
|
|
279
|
+
# Get the signing key from JWKS
|
|
280
|
+
signing_key = jwks_client.get_signing_key_from_jwt(token)
|
|
281
|
+
|
|
282
|
+
# Verify and decode the token
|
|
283
|
+
payload = jwt.decode(
|
|
284
|
+
token,
|
|
285
|
+
signing_key.key,
|
|
286
|
+
algorithms=["RS256"],
|
|
287
|
+
issuer=ISSUER,
|
|
288
|
+
options={"verify_exp": True}
|
|
289
|
+
)
|
|
290
|
+
|
|
291
|
+
return payload
|
|
292
|
+
except jwt.ExpiredSignatureError:
|
|
293
|
+
raise HTTPException(status_code=401, detail="Token has expired")
|
|
294
|
+
except jwt.InvalidTokenError as e:
|
|
295
|
+
raise HTTPException(status_code=401, detail=f"Invalid token: {str(e)}")
|
|
296
|
+
|
|
297
|
+
@app.get("/protected")
|
|
298
|
+
async def protected_route(token_data: dict = Depends(validate_token)):
|
|
299
|
+
return {
|
|
300
|
+
"message": "Access granted",
|
|
301
|
+
"user": token_data
|
|
302
|
+
}
|
|
303
|
+
```
|
|
304
|
+
|
|
305
|
+
### Dynamic OIDC Discovery
|
|
306
|
+
|
|
307
|
+
For more flexible JWT validation, you can use a library to dynamically discover
|
|
308
|
+
the OIDC configuration based on the issuer claim in the JWT. This example uses
|
|
309
|
+
the [`oauth4webapi`](https://github.com/panva/oauth4webapi) library.
|
|
310
|
+
|
|
311
|
+
:::warning{title="Security Warning"}
|
|
312
|
+
|
|
313
|
+
This approach is particularly useful when you have multiple Zuplo APIs with
|
|
314
|
+
different issuers or when the issuer URL might change (for example, between
|
|
315
|
+
environments). It's CRITICAL that you validate the issuer claim in the JWT to
|
|
316
|
+
ensure you are only allowing tokens from trusted issuers.
|
|
317
|
+
|
|
318
|
+
:::
|
|
319
|
+
|
|
320
|
+
```js title="validate-jwt-dynamic.js"
|
|
321
|
+
import * as oauth from "oauth4webapi";
|
|
322
|
+
|
|
323
|
+
const ALLOWED_ISSUERS = [
|
|
324
|
+
"https://my-api.zuplo.com/__zuplo/issuer",
|
|
325
|
+
"https://another-api.zuplo.com/__zuplo/issuer",
|
|
326
|
+
// Add more allowed issuers as needed
|
|
327
|
+
];
|
|
328
|
+
|
|
329
|
+
async function validateJwtDynamic(token) {
|
|
330
|
+
try {
|
|
331
|
+
// Decode the JWT header and payload without verification first
|
|
332
|
+
const parts = token.split(".");
|
|
333
|
+
if (parts.length !== 3) {
|
|
334
|
+
throw new Error("Invalid JWT format");
|
|
335
|
+
}
|
|
336
|
+
|
|
337
|
+
const payload = JSON.parse(
|
|
338
|
+
atob(parts[1].replace(/-/g, "+").replace(/_/g, "/")),
|
|
339
|
+
);
|
|
340
|
+
|
|
341
|
+
// Extract the issuer from the token
|
|
342
|
+
const issuer = payload.iss;
|
|
343
|
+
if (!issuer) {
|
|
344
|
+
throw new Error("No issuer claim in token");
|
|
345
|
+
}
|
|
346
|
+
|
|
347
|
+
// Validate the issuer against allowed issuers
|
|
348
|
+
if (!ALLOWED_ISSUERS.includes(issuer)) {
|
|
349
|
+
throw new Error(`Issuer ${issuer} isn't allowed`);
|
|
350
|
+
}
|
|
351
|
+
|
|
352
|
+
// Discover the OIDC configuration
|
|
353
|
+
const issuerUrl = new URL(issuer);
|
|
354
|
+
const as = await oauth
|
|
355
|
+
.discoveryRequest(issuerUrl)
|
|
356
|
+
.then((response) => oauth.processDiscoveryResponse(issuerUrl, response));
|
|
357
|
+
|
|
358
|
+
// Get the JWKS
|
|
359
|
+
const jwks = await oauth
|
|
360
|
+
.jwksRequest(as)
|
|
361
|
+
.then((response) => oauth.processJwksResponse(response));
|
|
362
|
+
|
|
363
|
+
// Import the JWT and validate it
|
|
364
|
+
const { payload: verifiedPayload, protectedHeader } =
|
|
365
|
+
await oauth.validateJwt(token, jwks, {
|
|
366
|
+
issuer: issuer,
|
|
367
|
+
audience: payload.aud, // Optional: validate audience
|
|
368
|
+
});
|
|
369
|
+
|
|
370
|
+
return verifiedPayload;
|
|
371
|
+
} catch (error) {
|
|
372
|
+
throw new Error(`JWT validation failed: ${error.message}`);
|
|
373
|
+
}
|
|
374
|
+
}
|
|
375
|
+
|
|
376
|
+
// Express middleware example
|
|
377
|
+
function validateJwtMiddleware(req, res, next) {
|
|
378
|
+
const token = req.headers.authorization?.replace("Bearer ", "");
|
|
379
|
+
|
|
380
|
+
if (!token) {
|
|
381
|
+
return res.status(401).json({ error: "No token provided" });
|
|
382
|
+
}
|
|
383
|
+
|
|
384
|
+
validateJwtDynamic(token)
|
|
385
|
+
.then((payload) => {
|
|
386
|
+
req.user = payload;
|
|
387
|
+
next();
|
|
388
|
+
})
|
|
389
|
+
.catch((error) => {
|
|
390
|
+
res.status(401).json({ error: error.message });
|
|
391
|
+
});
|
|
392
|
+
}
|
|
393
|
+
|
|
394
|
+
// Usage
|
|
395
|
+
app.get("/protected", validateJwtMiddleware, (req, res) => {
|
|
396
|
+
res.json({
|
|
397
|
+
message: "Access granted",
|
|
398
|
+
user: req.user,
|
|
399
|
+
});
|
|
400
|
+
});
|
|
401
|
+
```
|
|
402
|
+
|
|
403
|
+
This approach is particularly useful when:
|
|
404
|
+
|
|
405
|
+
- You need to validate JWTs from multiple Zuplo APIs with different issuers
|
|
406
|
+
- The issuer URL might change (for example, between environments)
|
|
407
|
+
- You want to leverage automatic OIDC discovery for configuration updates
|
|
408
|
+
|
|
409
|
+
### Important Validation Steps
|
|
410
|
+
|
|
411
|
+
When validating JWTs from Zuplo:
|
|
412
|
+
|
|
413
|
+
1. **Verify the signature** using the public keys from the JWKS endpoint
|
|
414
|
+
2. **Check the issuer** matches your Zuplo API's issuer URL
|
|
415
|
+
3. **Validate expiration** to ensure the token hasn't expired
|
|
416
|
+
4. **Verify audience** if your tokens include audience claims
|
|
417
|
+
5. **Check any custom claims** required by your application
|
|
418
|
+
|
|
419
|
+
The JWT Service Plugin handles key rotation automatically, so always fetch the
|
|
420
|
+
current public keys from the JWKS endpoint rather than hard coding them.
|
|
@@ -0,0 +1,223 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: Logger
|
|
3
|
+
---
|
|
4
|
+
|
|
5
|
+
The `Logger` interface provides structured logging capabilities throughout your
|
|
6
|
+
Zuplo API gateway. The logger is accessible via the `context.log` property and
|
|
7
|
+
supports multiple log levels.
|
|
8
|
+
|
|
9
|
+
## Interface
|
|
10
|
+
|
|
11
|
+
```ts
|
|
12
|
+
interface Logger {
|
|
13
|
+
debug(...messages: unknown[]): void;
|
|
14
|
+
info(...messages: unknown[]): void;
|
|
15
|
+
warn(...messages: unknown[]): void;
|
|
16
|
+
error(...messages: unknown[]): void;
|
|
17
|
+
log(...messages: unknown[]): void;
|
|
18
|
+
}
|
|
19
|
+
```
|
|
20
|
+
|
|
21
|
+
## Log Levels
|
|
22
|
+
|
|
23
|
+
The logger supports the following levels (from least to most severe):
|
|
24
|
+
|
|
25
|
+
- `debug` - Detailed information for debugging
|
|
26
|
+
- `info` - General informational messages
|
|
27
|
+
- `warn` - Warning messages for potentially problematic situations
|
|
28
|
+
- `error` - Error messages for failures and exceptions
|
|
29
|
+
- `log` - Alias for `info` level
|
|
30
|
+
|
|
31
|
+
## Usage
|
|
32
|
+
|
|
33
|
+
The logger is available on the [ZuploContext](./zuplo-context.mdx) object:
|
|
34
|
+
|
|
35
|
+
```ts
|
|
36
|
+
import { ZuploContext, ZuploRequest } from "@zuplo/runtime";
|
|
37
|
+
|
|
38
|
+
export default async function handler(
|
|
39
|
+
request: ZuploRequest,
|
|
40
|
+
context: ZuploContext,
|
|
41
|
+
) {
|
|
42
|
+
// Log at different levels
|
|
43
|
+
context.log.debug("Detailed debug information");
|
|
44
|
+
context.log.info("Request received", { path: request.url });
|
|
45
|
+
context.log.warn("Deprecated endpoint accessed");
|
|
46
|
+
context.log.error("Failed to process request", { error: "Invalid input" });
|
|
47
|
+
|
|
48
|
+
return new Response("OK");
|
|
49
|
+
}
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
## Structured Logging
|
|
53
|
+
|
|
54
|
+
The logger accepts multiple arguments and automatically serializes objects:
|
|
55
|
+
|
|
56
|
+
```ts
|
|
57
|
+
// Log simple strings
|
|
58
|
+
context.log.info("User authenticated");
|
|
59
|
+
|
|
60
|
+
// Log objects
|
|
61
|
+
context.log.info({
|
|
62
|
+
userId: "user-123",
|
|
63
|
+
action: "login",
|
|
64
|
+
timestamp: Date.now(),
|
|
65
|
+
});
|
|
66
|
+
|
|
67
|
+
// Log multiple arguments
|
|
68
|
+
context.log.info(
|
|
69
|
+
"Processing request",
|
|
70
|
+
{
|
|
71
|
+
method: request.method,
|
|
72
|
+
path: request.url,
|
|
73
|
+
},
|
|
74
|
+
"additional info",
|
|
75
|
+
);
|
|
76
|
+
|
|
77
|
+
// Log arrays
|
|
78
|
+
context.log.debug(["step1", "step2", "step3"]);
|
|
79
|
+
|
|
80
|
+
// Log errors
|
|
81
|
+
try {
|
|
82
|
+
await riskyOperation();
|
|
83
|
+
} catch (error) {
|
|
84
|
+
context.log.error("Operation failed", {
|
|
85
|
+
error: error.message,
|
|
86
|
+
stack: error.stack,
|
|
87
|
+
});
|
|
88
|
+
}
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
## Automatic Request ID
|
|
92
|
+
|
|
93
|
+
The logger automatically includes the request ID with every log entry:
|
|
94
|
+
|
|
95
|
+
```ts
|
|
96
|
+
context.log.info("Processing payment");
|
|
97
|
+
// Output includes: { "message": "Processing payment", "requestId": "req_abc123..." }
|
|
98
|
+
```
|
|
99
|
+
|
|
100
|
+
## Environment Configuration
|
|
101
|
+
|
|
102
|
+
Log levels vary by environment:
|
|
103
|
+
|
|
104
|
+
- **Development/Preview**: Typically set to `debug` or `info` level
|
|
105
|
+
- **Production**: Typically set to `error` level only
|
|
106
|
+
|
|
107
|
+
## Best Practices
|
|
108
|
+
|
|
109
|
+
### 1. Use Appropriate Log Levels
|
|
110
|
+
|
|
111
|
+
```ts
|
|
112
|
+
// Debug - detailed information for troubleshooting
|
|
113
|
+
context.log.debug("Cache lookup", { key: cacheKey, ttl: 300 });
|
|
114
|
+
|
|
115
|
+
// Info - general application flow
|
|
116
|
+
context.log.info("Order created", { orderId: "order-123", total: 99.99 });
|
|
117
|
+
|
|
118
|
+
// Warn - concerning but not critical
|
|
119
|
+
context.log.warn("Rate limit approaching", { current: 95, limit: 100 });
|
|
120
|
+
|
|
121
|
+
// Error - failures and exceptions
|
|
122
|
+
context.log.error("Payment failed", {
|
|
123
|
+
orderId: "order-123",
|
|
124
|
+
errorCode: "INSUFFICIENT_FUNDS",
|
|
125
|
+
});
|
|
126
|
+
```
|
|
127
|
+
|
|
128
|
+
### 2. Include Contextual Information
|
|
129
|
+
|
|
130
|
+
```ts
|
|
131
|
+
export default async function handler(
|
|
132
|
+
request: ZuploRequest,
|
|
133
|
+
context: ZuploContext,
|
|
134
|
+
) {
|
|
135
|
+
const startTime = Date.now();
|
|
136
|
+
const userId = request.user?.sub;
|
|
137
|
+
|
|
138
|
+
context.log.info("Request started", {
|
|
139
|
+
userId,
|
|
140
|
+
method: request.method,
|
|
141
|
+
path: new URL(request.url).pathname,
|
|
142
|
+
userAgent: request.headers.get("user-agent"),
|
|
143
|
+
});
|
|
144
|
+
|
|
145
|
+
try {
|
|
146
|
+
const result = await processRequest(request);
|
|
147
|
+
|
|
148
|
+
context.log.info("Request completed", {
|
|
149
|
+
userId,
|
|
150
|
+
duration: Date.now() - startTime,
|
|
151
|
+
status: "success",
|
|
152
|
+
});
|
|
153
|
+
|
|
154
|
+
return new Response(JSON.stringify(result));
|
|
155
|
+
} catch (error) {
|
|
156
|
+
context.log.error("Request failed", {
|
|
157
|
+
userId,
|
|
158
|
+
duration: Date.now() - startTime,
|
|
159
|
+
error: error.message,
|
|
160
|
+
stack: error.stack,
|
|
161
|
+
});
|
|
162
|
+
|
|
163
|
+
throw error;
|
|
164
|
+
}
|
|
165
|
+
}
|
|
166
|
+
```
|
|
167
|
+
|
|
168
|
+
### 3. Avoid Logging Sensitive Data
|
|
169
|
+
|
|
170
|
+
```ts
|
|
171
|
+
// DON'T log sensitive information
|
|
172
|
+
context.log.info("User login", {
|
|
173
|
+
email: user.email,
|
|
174
|
+
password: user.password, // Never log passwords!
|
|
175
|
+
});
|
|
176
|
+
|
|
177
|
+
// DO log safe identifiers
|
|
178
|
+
context.log.info("User login", {
|
|
179
|
+
userId: user.id,
|
|
180
|
+
email: user.email.replace(/(.{2}).*(@.*)/, "$1***$2"), // Partially masked
|
|
181
|
+
});
|
|
182
|
+
```
|
|
183
|
+
|
|
184
|
+
### 4. Use Structured Data for Better Querying
|
|
185
|
+
|
|
186
|
+
```ts
|
|
187
|
+
// Good - structured data that can be queried
|
|
188
|
+
context.log.info("API call completed", {
|
|
189
|
+
service: "payment-processor",
|
|
190
|
+
operation: "charge",
|
|
191
|
+
duration: 1234,
|
|
192
|
+
status: "success",
|
|
193
|
+
amount: 99.99,
|
|
194
|
+
currency: "USD",
|
|
195
|
+
});
|
|
196
|
+
|
|
197
|
+
// Less useful - unstructured string
|
|
198
|
+
context.log.info(`Payment of $99.99 USD processed in 1234ms`);
|
|
199
|
+
```
|
|
200
|
+
|
|
201
|
+
## Integration with Log Management
|
|
202
|
+
|
|
203
|
+
Logs are automatically forwarded to your configured log management solution
|
|
204
|
+
(Datadog, Loki, etc.). The structured format makes it easy to:
|
|
205
|
+
|
|
206
|
+
- Search and filter logs
|
|
207
|
+
- Create alerts based on log patterns
|
|
208
|
+
- Generate metrics from log data
|
|
209
|
+
- Trace requests across services
|
|
210
|
+
|
|
211
|
+
## Performance Considerations
|
|
212
|
+
|
|
213
|
+
- Logging has minimal performance impact
|
|
214
|
+
- Logs are processed asynchronously
|
|
215
|
+
- In production, use `error` level to reduce log volume
|
|
216
|
+
- Avoid logging large objects or sensitive data
|
|
217
|
+
|
|
218
|
+
## See Also
|
|
219
|
+
|
|
220
|
+
- [ZuploContext](./zuplo-context.mdx) - The context object that provides the
|
|
221
|
+
logger
|
|
222
|
+
- [Logging](../articles/logging.mdx) - General logging documentation
|
|
223
|
+
- [Log Export](../articles/logging.mdx) - Exporting logs to external services
|