zuplo 6.67.32 → 6.68.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (644) hide show
  1. package/README.md +9 -0
  2. package/docs/_index.md +44 -0
  3. package/docs/ai-gateway/apps.mdx +28 -0
  4. package/docs/ai-gateway/custom-providers.mdx +54 -0
  5. package/docs/ai-gateway/getting-started.mdx +224 -0
  6. package/docs/ai-gateway/guardrails.mdx +65 -0
  7. package/docs/ai-gateway/integrations/ai-sdk.mdx +109 -0
  8. package/docs/ai-gateway/integrations/claude-code.mdx +49 -0
  9. package/docs/ai-gateway/integrations/codex.mdx +78 -0
  10. package/docs/ai-gateway/integrations/goose.mdx +104 -0
  11. package/docs/ai-gateway/integrations/langchain.mdx +66 -0
  12. package/docs/ai-gateway/integrations/openai.mdx +99 -0
  13. package/docs/ai-gateway/introduction.mdx +85 -0
  14. package/docs/ai-gateway/managing-apps.mdx +46 -0
  15. package/docs/ai-gateway/managing-providers.mdx +66 -0
  16. package/docs/ai-gateway/managing-teams.mdx +63 -0
  17. package/docs/ai-gateway/policies/akamai-ai-firewall.mdx +125 -0
  18. package/docs/ai-gateway/policies/comet-opik-tracing.mdx +139 -0
  19. package/docs/ai-gateway/policies/galileo-tracing.mdx +147 -0
  20. package/docs/ai-gateway/providers.mdx +32 -0
  21. package/docs/ai-gateway/teams.mdx +38 -0
  22. package/docs/ai-gateway/universal-api.mdx +43 -0
  23. package/docs/ai-gateway/usage-limits.mdx +89 -0
  24. package/docs/api-management/introduction.md +127 -0
  25. package/docs/articles/accounts/audit-logs.mdx +227 -0
  26. package/docs/articles/accounts/billing.mdx +25 -0
  27. package/docs/articles/accounts/default-api-key.mdx +30 -0
  28. package/docs/articles/accounts/delete-account.mdx +36 -0
  29. package/docs/articles/accounts/enterprise-sso.mdx +116 -0
  30. package/docs/articles/accounts/managing-account-members.mdx +45 -0
  31. package/docs/articles/accounts/managing-project-members.mdx +37 -0
  32. package/docs/articles/accounts/members-and-roles.mdx +21 -0
  33. package/docs/articles/accounts/roles-and-permissions.mdx +115 -0
  34. package/docs/articles/accounts/zuplo-api-keys.mdx +94 -0
  35. package/docs/articles/add-api-to-backstage.mdx +216 -0
  36. package/docs/articles/advanced-path-matching.mdx +139 -0
  37. package/docs/articles/api-key-administration.mdx +47 -0
  38. package/docs/articles/api-key-api.mdx +220 -0
  39. package/docs/articles/api-key-authentication.mdx +195 -0
  40. package/docs/articles/api-key-buckets.mdx +61 -0
  41. package/docs/articles/api-key-end-users.mdx +52 -0
  42. package/docs/articles/api-key-leak-detection.mdx +75 -0
  43. package/docs/articles/api-key-management.mdx +100 -0
  44. package/docs/articles/api-key-react-component.mdx +90 -0
  45. package/docs/articles/api-key-service-limits.mdx +14 -0
  46. package/docs/articles/archiving-requests-to-storage.mdx +119 -0
  47. package/docs/articles/branch-based-deployments.mdx +184 -0
  48. package/docs/articles/bypass-policy-for-testing.mdx +117 -0
  49. package/docs/articles/check-ip-address.mdx +17 -0
  50. package/docs/articles/ci-cd-azure/basic-deployment.mdx +49 -0
  51. package/docs/articles/ci-cd-azure/deploy-and-test.mdx +47 -0
  52. package/docs/articles/ci-cd-azure/local-testing.mdx +59 -0
  53. package/docs/articles/ci-cd-azure/multi-stage-deployment.mdx +88 -0
  54. package/docs/articles/ci-cd-azure/pr-preview-environments.mdx +50 -0
  55. package/docs/articles/ci-cd-azure/tag-based-releases.mdx +37 -0
  56. package/docs/articles/ci-cd-bitbucket/basic-deployment.mdx +27 -0
  57. package/docs/articles/ci-cd-bitbucket/deploy-and-test.mdx +41 -0
  58. package/docs/articles/ci-cd-bitbucket/local-testing.mdx +34 -0
  59. package/docs/articles/ci-cd-bitbucket/multi-stage-deployment.mdx +52 -0
  60. package/docs/articles/ci-cd-bitbucket/pr-preview-environments.mdx +46 -0
  61. package/docs/articles/ci-cd-bitbucket/tag-based-releases.mdx +27 -0
  62. package/docs/articles/ci-cd-circleci/basic-deployment.mdx +34 -0
  63. package/docs/articles/ci-cd-circleci/deploy-and-test.mdx +44 -0
  64. package/docs/articles/ci-cd-circleci/local-testing.mdx +50 -0
  65. package/docs/articles/ci-cd-circleci/multi-stage-deployment.mdx +82 -0
  66. package/docs/articles/ci-cd-circleci/pr-preview-environments.mdx +47 -0
  67. package/docs/articles/ci-cd-circleci/tag-based-releases.mdx +38 -0
  68. package/docs/articles/ci-cd-github/basic-deployment.mdx +48 -0
  69. package/docs/articles/ci-cd-github/cleanup-on-branch-delete.mdx +123 -0
  70. package/docs/articles/ci-cd-github/deploy-and-test.mdx +82 -0
  71. package/docs/articles/ci-cd-github/local-testing.mdx +102 -0
  72. package/docs/articles/ci-cd-github/multi-stage-deployment.mdx +136 -0
  73. package/docs/articles/ci-cd-github/pr-preview-environments.mdx +106 -0
  74. package/docs/articles/ci-cd-github/tag-based-releases.mdx +99 -0
  75. package/docs/articles/ci-cd-gitlab/basic-deployment.mdx +28 -0
  76. package/docs/articles/ci-cd-gitlab/deploy-and-test.mdx +44 -0
  77. package/docs/articles/ci-cd-gitlab/local-testing.mdx +39 -0
  78. package/docs/articles/ci-cd-gitlab/mr-preview-environments.mdx +52 -0
  79. package/docs/articles/ci-cd-gitlab/multi-stage-deployment.mdx +64 -0
  80. package/docs/articles/ci-cd-gitlab/tag-based-releases.mdx +28 -0
  81. package/docs/articles/composite-policy-reference.mdx +284 -0
  82. package/docs/articles/configuring-auth0-for-mcp-auth.mdx +186 -0
  83. package/docs/articles/configuring-okta-for-mcp-auth.mdx +208 -0
  84. package/docs/articles/convert-urls-to-openapi.mdx +62 -0
  85. package/docs/articles/cors.mdx +447 -0
  86. package/docs/articles/custom-audit-log-policy.mdx +95 -0
  87. package/docs/articles/custom-ci-cd-azure.mdx +81 -0
  88. package/docs/articles/custom-ci-cd-bitbucket.mdx +80 -0
  89. package/docs/articles/custom-ci-cd-circleci.mdx +78 -0
  90. package/docs/articles/custom-ci-cd-github.mdx +99 -0
  91. package/docs/articles/custom-ci-cd-gitlab.mdx +79 -0
  92. package/docs/articles/custom-ci-cd.mdx +82 -0
  93. package/docs/articles/custom-code-patterns.md +418 -0
  94. package/docs/articles/custom-domains.mdx +258 -0
  95. package/docs/articles/custom-logging-example.mdx +139 -0
  96. package/docs/articles/ddos-protection.mdx +138 -0
  97. package/docs/articles/development-options.mdx +49 -0
  98. package/docs/articles/environment-variables.mdx +134 -0
  99. package/docs/articles/environments.mdx +143 -0
  100. package/docs/articles/fastly-zuplo-host-setup.mdx +41 -0
  101. package/docs/articles/github-deployment-testing.mdx +101 -0
  102. package/docs/articles/gke-with-upstream-auth-policy.mdx +192 -0
  103. package/docs/articles/graphql-security.mdx +180 -0
  104. package/docs/articles/handling-form-data.mdx +61 -0
  105. package/docs/articles/health-checks.mdx +109 -0
  106. package/docs/articles/hosting-options.mdx +70 -0
  107. package/docs/articles/lazy-load-configuration-into-cache.mdx +92 -0
  108. package/docs/articles/limits.mdx +98 -0
  109. package/docs/articles/local-development-debugging.mdx +44 -0
  110. package/docs/articles/local-development-env-variables.mdx +23 -0
  111. package/docs/articles/local-development-installing-packages.mdx +23 -0
  112. package/docs/articles/local-development-routes-designer.mdx +27 -0
  113. package/docs/articles/local-development-services.mdx +40 -0
  114. package/docs/articles/local-development-troubleshooting.mdx +56 -0
  115. package/docs/articles/local-development.mdx +81 -0
  116. package/docs/articles/log-plugin-aws-cloudwatch.mdx +83 -0
  117. package/docs/articles/log-plugin-datadog.mdx +84 -0
  118. package/docs/articles/log-plugin-dynatrace.mdx +75 -0
  119. package/docs/articles/log-plugin-gcp.mdx +75 -0
  120. package/docs/articles/log-plugin-loki.mdx +136 -0
  121. package/docs/articles/log-plugin-new-relic.mdx +84 -0
  122. package/docs/articles/log-plugin-splunk.mdx +104 -0
  123. package/docs/articles/log-plugin-sumo.mdx +73 -0
  124. package/docs/articles/log-plugin-vmware-log-insight.mdx +154 -0
  125. package/docs/articles/log-request-response-data.mdx +398 -0
  126. package/docs/articles/logging.mdx +115 -0
  127. package/docs/articles/manual-mcp-oauth-testing.mdx +193 -0
  128. package/docs/articles/mcp-quickstart.mdx +135 -0
  129. package/docs/articles/metrics-plugins.mdx +371 -0
  130. package/docs/articles/migrate-from-apigee.md +408 -0
  131. package/docs/articles/migrate-from-aws-api-gateway.md +248 -0
  132. package/docs/articles/migrate-from-azure-apim.md +292 -0
  133. package/docs/articles/migrate-from-kong.md +300 -0
  134. package/docs/articles/migration-overview.md +81 -0
  135. package/docs/articles/monetization/api-access.mdx +69 -0
  136. package/docs/articles/monetization/billing-models.md +520 -0
  137. package/docs/articles/monetization/developer-portal.md +167 -0
  138. package/docs/articles/monetization/features.mdx +98 -0
  139. package/docs/articles/monetization/index.mdx +113 -0
  140. package/docs/articles/monetization/meters.mdx +135 -0
  141. package/docs/articles/monetization/monetization-policy.md +314 -0
  142. package/docs/articles/monetization/plan-examples.mdx +366 -0
  143. package/docs/articles/monetization/plans.mdx +266 -0
  144. package/docs/articles/monetization/pricing-models.mdx +225 -0
  145. package/docs/articles/monetization/private-plans.md +154 -0
  146. package/docs/articles/monetization/quickstart.md +355 -0
  147. package/docs/articles/monetization/rate-cards.mdx +171 -0
  148. package/docs/articles/monetization/stripe-integration.md +195 -0
  149. package/docs/articles/monetization/subscription-lifecycle.md +298 -0
  150. package/docs/articles/monetization/tax-collection.md +166 -0
  151. package/docs/articles/monetization/troubleshooting.md +272 -0
  152. package/docs/articles/monetization-custom.mdx +71 -0
  153. package/docs/articles/monetization-integrations.mdx +104 -0
  154. package/docs/articles/monitoring-your-gateway.mdx +53 -0
  155. package/docs/articles/monorepo-deployment.mdx +350 -0
  156. package/docs/articles/multiple-auth-policies.mdx +81 -0
  157. package/docs/articles/non-standard-ports.mdx +30 -0
  158. package/docs/articles/oauth-authentication.mdx +54 -0
  159. package/docs/articles/openapi-server-urls.mdx +60 -0
  160. package/docs/articles/openapi.mdx +130 -0
  161. package/docs/articles/opentelemetry.mdx +250 -0
  162. package/docs/articles/per-user-rate-limits-using-db.mdx +112 -0
  163. package/docs/articles/performance-testing.mdx +304 -0
  164. package/docs/articles/plugin-akamai-api-security.mdx +76 -0
  165. package/docs/articles/plugin-azure-blob.mdx +73 -0
  166. package/docs/articles/plugin-azure-event-hubs.mdx +64 -0
  167. package/docs/articles/plugin-hydrolix-traffic-peak.mdx +147 -0
  168. package/docs/articles/policies.mdx +33 -0
  169. package/docs/articles/rename-or-move-project.mdx +39 -0
  170. package/docs/articles/rick-and-morty-api-developer-portal-example.mdx +23 -0
  171. package/docs/articles/routing.mdx +193 -0
  172. package/docs/articles/s3-signed-url-uploads.mdx +521 -0
  173. package/docs/articles/secure-tunnel.mdx +84 -0
  174. package/docs/articles/securing-backend-mtls.mdx +268 -0
  175. package/docs/articles/securing-your-backend.mdx +148 -0
  176. package/docs/articles/security.mdx +105 -0
  177. package/docs/articles/sharing-code-across-projects.mdx +412 -0
  178. package/docs/articles/source-control-setup-azure.mdx +13 -0
  179. package/docs/articles/source-control-setup-bitbucket.mdx +43 -0
  180. package/docs/articles/source-control-setup-github.mdx +172 -0
  181. package/docs/articles/source-control-setup-gitlab.mdx +12 -0
  182. package/docs/articles/source-control.mdx +80 -0
  183. package/docs/articles/step-1-setup-basic-gateway-local.mdx +136 -0
  184. package/docs/articles/step-1-setup-basic-gateway.mdx +118 -0
  185. package/docs/articles/step-2-add-rate-limiting-local.mdx +126 -0
  186. package/docs/articles/step-2-add-rate-limiting.mdx +82 -0
  187. package/docs/articles/step-3-add-api-key-auth-local.mdx +199 -0
  188. package/docs/articles/step-3-add-api-key-auth.mdx +166 -0
  189. package/docs/articles/step-4-deploying-to-the-edge.mdx +220 -0
  190. package/docs/articles/step-5-dynamic-rate-limiting.mdx +167 -0
  191. package/docs/articles/support.mdx +144 -0
  192. package/docs/articles/terraform.mdx +114 -0
  193. package/docs/articles/testing-graphql.mdx +34 -0
  194. package/docs/articles/testing.mdx +522 -0
  195. package/docs/articles/troubleshooting-slow-responses.mdx +301 -0
  196. package/docs/articles/troubleshooting.md +302 -0
  197. package/docs/articles/tsconfig.mdx +105 -0
  198. package/docs/articles/tunnel-setup.mdx +195 -0
  199. package/docs/articles/tunnel-troubleshooting.mdx +50 -0
  200. package/docs/articles/update-zup-in-github-action.mdx +110 -0
  201. package/docs/articles/use-openapi-extension-data.mdx +79 -0
  202. package/docs/articles/users/multifactor-authentication.mdx +64 -0
  203. package/docs/articles/users/profile.mdx +13 -0
  204. package/docs/articles/versioning-on-zuplo.mdx +89 -0
  205. package/docs/articles/waf-ddos-akamai.md +133 -0
  206. package/docs/articles/waf-ddos-aws-waf-shield.mdx +85 -0
  207. package/docs/articles/waf-ddos-fastly.mdx +251 -0
  208. package/docs/articles/waf-ddos.mdx +140 -0
  209. package/docs/articles/zuplo-waf.mdx +156 -0
  210. package/docs/ask.mdx +3 -0
  211. package/docs/cli/authentication.mdx +56 -0
  212. package/docs/cli/connectivity.mdx +38 -0
  213. package/docs/cli/create-zuplo-api.mdx +80 -0
  214. package/docs/cli/delete.mdx +79 -0
  215. package/docs/cli/deploy.mdx +156 -0
  216. package/docs/cli/deploy.partial.mdx +46 -0
  217. package/docs/cli/dev.mdx +115 -0
  218. package/docs/cli/docs.mdx +66 -0
  219. package/docs/cli/editor.mdx +50 -0
  220. package/docs/cli/global-options.mdx +19 -0
  221. package/docs/cli/init.mdx +74 -0
  222. package/docs/cli/link.mdx +74 -0
  223. package/docs/cli/list.mdx +55 -0
  224. package/docs/cli/mtls-certificate-create.mdx +94 -0
  225. package/docs/cli/mtls-certificate-delete.mdx +55 -0
  226. package/docs/cli/mtls-certificate-describe.mdx +55 -0
  227. package/docs/cli/mtls-certificate-disable.mdx +55 -0
  228. package/docs/cli/mtls-certificate-list.mdx +47 -0
  229. package/docs/cli/mtls-certificate-update.mdx +72 -0
  230. package/docs/cli/openapi-convert.mdx +111 -0
  231. package/docs/cli/openapi-merge.mdx +138 -0
  232. package/docs/cli/openapi-merge.partial.mdx +29 -0
  233. package/docs/cli/openapi-overlay.mdx +123 -0
  234. package/docs/cli/overview.mdx +78 -0
  235. package/docs/cli/project-create.mdx +43 -0
  236. package/docs/cli/source-migrate.mdx +18 -0
  237. package/docs/cli/source-upgrade.mdx +41 -0
  238. package/docs/cli/test.mdx +70 -0
  239. package/docs/cli/test.partial.mdx +7 -0
  240. package/docs/cli/tunnel-create.mdx +53 -0
  241. package/docs/cli/tunnel-create.partial.mdx +9 -0
  242. package/docs/cli/tunnel-delete.mdx +35 -0
  243. package/docs/cli/tunnel-delete.partial.mdx +9 -0
  244. package/docs/cli/tunnel-describe.mdx +45 -0
  245. package/docs/cli/tunnel-describe.partial.mdx +5 -0
  246. package/docs/cli/tunnel-list.mdx +35 -0
  247. package/docs/cli/tunnel-list.partial.mdx +9 -0
  248. package/docs/cli/tunnel-rate-token.partial.mdx +9 -0
  249. package/docs/cli/tunnel-rotate-token.mdx +39 -0
  250. package/docs/cli/tunnel-services-describe.mdx +45 -0
  251. package/docs/cli/tunnel-services-describe.partial.mdx +9 -0
  252. package/docs/cli/tunnel-services-update.mdx +48 -0
  253. package/docs/cli/variable-create.mdx +91 -0
  254. package/docs/cli/variable-create.partial.mdx +5 -0
  255. package/docs/cli/variable-update.mdx +75 -0
  256. package/docs/cli/variable-update.partial.mdx +5 -0
  257. package/docs/concepts/api-keys.md +146 -0
  258. package/docs/concepts/authentication.mdx +109 -0
  259. package/docs/concepts/how-zuplo-works.mdx +120 -0
  260. package/docs/concepts/project-structure.mdx +174 -0
  261. package/docs/concepts/rate-limiting.md +246 -0
  262. package/docs/concepts/request-lifecycle.mdx +56 -0
  263. package/docs/concepts/source-control-and-deployment.mdx +229 -0
  264. package/docs/conferences/conference-prize-terms.mdx +80 -0
  265. package/docs/dedicated/akamai/ai-powered-applications.mdx +223 -0
  266. package/docs/dedicated/akamai/architecture.mdx +280 -0
  267. package/docs/dedicated/akamai/caching.mdx +212 -0
  268. package/docs/dedicated/akamai/cdn.mdx +156 -0
  269. package/docs/dedicated/architecture.mdx +208 -0
  270. package/docs/dedicated/custom-domains.mdx +31 -0
  271. package/docs/dedicated/federated-gateways.mdx +80 -0
  272. package/docs/dedicated/networking.mdx +69 -0
  273. package/docs/dedicated/overview.mdx +80 -0
  274. package/docs/dedicated/source-control.mdx +63 -0
  275. package/docs/dev-portal/dev-portal-create-consumer-on-auth.mdx +134 -0
  276. package/docs/dev-portal/introduction.mdx +65 -0
  277. package/docs/dev-portal/local-development.mdx +72 -0
  278. package/docs/dev-portal/migration.mdx +526 -0
  279. package/docs/dev-portal/node-modules.mdx +45 -0
  280. package/docs/dev-portal/updating.mdx +28 -0
  281. package/docs/dev-portal/zudoku/components/alert.mdx +130 -0
  282. package/docs/dev-portal/zudoku/components/badge.mdx +70 -0
  283. package/docs/dev-portal/zudoku/components/button.mdx +132 -0
  284. package/docs/dev-portal/zudoku/components/callout.mdx +112 -0
  285. package/docs/dev-portal/zudoku/components/card.mdx +104 -0
  286. package/docs/dev-portal/zudoku/components/checkbox.mdx +72 -0
  287. package/docs/dev-portal/zudoku/components/client-only.mdx +79 -0
  288. package/docs/dev-portal/zudoku/components/code-tabs.mdx +179 -0
  289. package/docs/dev-portal/zudoku/components/dialog.mdx +167 -0
  290. package/docs/dev-portal/zudoku/components/head.mdx +199 -0
  291. package/docs/dev-portal/zudoku/components/icons.mdx +27 -0
  292. package/docs/dev-portal/zudoku/components/input.mdx +96 -0
  293. package/docs/dev-portal/zudoku/components/label.mdx +86 -0
  294. package/docs/dev-portal/zudoku/components/link.mdx +242 -0
  295. package/docs/dev-portal/zudoku/components/markdown.mdx +151 -0
  296. package/docs/dev-portal/zudoku/components/mermaid.mdx +81 -0
  297. package/docs/dev-portal/zudoku/components/playground.mdx +87 -0
  298. package/docs/dev-portal/zudoku/components/secret.mdx +78 -0
  299. package/docs/dev-portal/zudoku/components/select.mdx +176 -0
  300. package/docs/dev-portal/zudoku/components/shadcn.mdx +73 -0
  301. package/docs/dev-portal/zudoku/components/slider.mdx +108 -0
  302. package/docs/dev-portal/zudoku/components/slot.mdx +119 -0
  303. package/docs/dev-portal/zudoku/components/stepper.mdx +138 -0
  304. package/docs/dev-portal/zudoku/components/switch.mdx +96 -0
  305. package/docs/dev-portal/zudoku/components/syntax-highlight.mdx +602 -0
  306. package/docs/dev-portal/zudoku/components/textarea.mdx +78 -0
  307. package/docs/dev-portal/zudoku/components/tooltip.mdx +195 -0
  308. package/docs/dev-portal/zudoku/components/typography.mdx +61 -0
  309. package/docs/dev-portal/zudoku/configuration/ai-assistants.md +64 -0
  310. package/docs/dev-portal/zudoku/configuration/api-catalog.md +108 -0
  311. package/docs/dev-portal/zudoku/configuration/api-reference.md +397 -0
  312. package/docs/dev-portal/zudoku/configuration/authentication-auth0.md +173 -0
  313. package/docs/dev-portal/zudoku/configuration/authentication-azure-ad.md +238 -0
  314. package/docs/dev-portal/zudoku/configuration/authentication-clerk.md +110 -0
  315. package/docs/dev-portal/zudoku/configuration/authentication-firebase.md +61 -0
  316. package/docs/dev-portal/zudoku/configuration/authentication-pingfederate.md +136 -0
  317. package/docs/dev-portal/zudoku/configuration/authentication-supabase.md +225 -0
  318. package/docs/dev-portal/zudoku/configuration/authentication.md +199 -0
  319. package/docs/dev-portal/zudoku/configuration/build-configuration.mdx +147 -0
  320. package/docs/dev-portal/zudoku/configuration/docs.md +282 -0
  321. package/docs/dev-portal/zudoku/configuration/footer.mdx +214 -0
  322. package/docs/dev-portal/zudoku/configuration/llms.md +89 -0
  323. package/docs/dev-portal/zudoku/configuration/navigation.mdx +408 -0
  324. package/docs/dev-portal/zudoku/configuration/overview.md +380 -0
  325. package/docs/dev-portal/zudoku/configuration/protected-routes.md +149 -0
  326. package/docs/dev-portal/zudoku/configuration/search.md +169 -0
  327. package/docs/dev-portal/zudoku/configuration/sentry.mdx +44 -0
  328. package/docs/dev-portal/zudoku/configuration/site.md +124 -0
  329. package/docs/dev-portal/zudoku/configuration/slots.mdx +124 -0
  330. package/docs/dev-portal/zudoku/configuration/vite-config.md +18 -0
  331. package/docs/dev-portal/zudoku/custom-plugins.md +287 -0
  332. package/docs/dev-portal/zudoku/customization/colors-theme.mdx +275 -0
  333. package/docs/dev-portal/zudoku/customization/fonts.md +110 -0
  334. package/docs/dev-portal/zudoku/extending/events.md +124 -0
  335. package/docs/dev-portal/zudoku/guides/custom-pages.md +106 -0
  336. package/docs/dev-portal/zudoku/guides/environment-variables.md +99 -0
  337. package/docs/dev-portal/zudoku/guides/mermaid.mdx +70 -0
  338. package/docs/dev-portal/zudoku/guides/navigation-migration.md +87 -0
  339. package/docs/dev-portal/zudoku/guides/navigation-rules.mdx +197 -0
  340. package/docs/dev-portal/zudoku/guides/processors.mdx +234 -0
  341. package/docs/dev-portal/zudoku/guides/static-files.md +55 -0
  342. package/docs/dev-portal/zudoku/guides/transforming-examples.md +156 -0
  343. package/docs/dev-portal/zudoku/guides/using-multiple-apis.md +87 -0
  344. package/docs/dev-portal/zudoku/markdown/admonitions.md +128 -0
  345. package/docs/dev-portal/zudoku/markdown/code-blocks.md +196 -0
  346. package/docs/dev-portal/zudoku/markdown/frontmatter.md +172 -0
  347. package/docs/dev-portal/zudoku/markdown/mdx.md +68 -0
  348. package/docs/dev-portal/zudoku/markdown/overview.md +275 -0
  349. package/docs/dev-portal/zudoku/plugins.md +5 -0
  350. package/docs/dev-portal/zudoku/writing.mdx +72 -0
  351. package/docs/errors/bad-request.mdx +39 -0
  352. package/docs/errors/build-error.mdx +45 -0
  353. package/docs/errors/fatal-project-error.mdx +39 -0
  354. package/docs/errors/gateway-timeout.mdx +33 -0
  355. package/docs/errors/get-head-body-error.mdx +41 -0
  356. package/docs/errors/main-mod-error.mdx +40 -0
  357. package/docs/errors/no-project-set.mdx +41 -0
  358. package/docs/errors/not-found.mdx +43 -0
  359. package/docs/errors/rate-limit-exceeded.mdx +31 -0
  360. package/docs/errors/schema-validation-failed.mdx +51 -0
  361. package/docs/errors/system-configuration-error.mdx +44 -0
  362. package/docs/errors/unauthorized.mdx +50 -0
  363. package/docs/errors/unknown-error.mdx +42 -0
  364. package/docs/errors.mdx +14 -0
  365. package/docs/guides/canary-routing-for-employees.mdx +385 -0
  366. package/docs/guides/geolocation-backend-routing.mdx +404 -0
  367. package/docs/guides/modify-openapi-paths.mdx +371 -0
  368. package/docs/guides/openapi-overlays.mdx +492 -0
  369. package/docs/guides/overview.mdx +12 -0
  370. package/docs/guides/user-based-backend-routing.mdx +437 -0
  371. package/docs/handlers/aws-lambda.mdx +201 -0
  372. package/docs/handlers/custom-handler.mdx +112 -0
  373. package/docs/handlers/legacy-dev-portal-handler.mdx +135 -0
  374. package/docs/handlers/mcp-server.mdx +730 -0
  375. package/docs/handlers/openapi.mdx +78 -0
  376. package/docs/handlers/redirect.mdx +115 -0
  377. package/docs/handlers/system-handlers.mdx +41 -0
  378. package/docs/handlers/url-forward.mdx +204 -0
  379. package/docs/handlers/url-rewrite.mdx +224 -0
  380. package/docs/handlers/websocket-handler.mdx +154 -0
  381. package/docs/home.mdx +6 -0
  382. package/docs/managed-edge/overview.md +78 -0
  383. package/docs/mcp-server/configuration-migration-guide.mdx +344 -0
  384. package/docs/mcp-server/custom-tools.mdx +487 -0
  385. package/docs/mcp-server/graphql.mdx +241 -0
  386. package/docs/mcp-server/introduction.mdx +122 -0
  387. package/docs/mcp-server/openai-apps-sdk.mdx +160 -0
  388. package/docs/mcp-server/prompts.mdx +283 -0
  389. package/docs/mcp-server/resources.mdx +288 -0
  390. package/docs/mcp-server/testing.mdx +53 -0
  391. package/docs/mcp-server/tools.mdx +306 -0
  392. package/docs/policies/_index.md +92 -0
  393. package/docs/policies/ab-test-inbound/intro.md +8 -0
  394. package/docs/policies/ab-test-inbound/policy.ts +14 -0
  395. package/docs/policies/ab-test-inbound/schema.json +27 -0
  396. package/docs/policies/ab-test-outbound/intro.md +8 -0
  397. package/docs/policies/ab-test-outbound/policy.ts +26 -0
  398. package/docs/policies/ab-test-outbound/schema.json +27 -0
  399. package/docs/policies/acl-policy-inbound/intro.md +5 -0
  400. package/docs/policies/acl-policy-inbound/policy.ts +32 -0
  401. package/docs/policies/acl-policy-inbound/schema.json +52 -0
  402. package/docs/policies/akamai-ai-firewall/schema.json +98 -0
  403. package/docs/policies/amberflo-metering-inbound/doc.md +183 -0
  404. package/docs/policies/amberflo-metering-inbound/intro.md +20 -0
  405. package/docs/policies/amberflo-metering-inbound/schema.json +108 -0
  406. package/docs/policies/api-key-inbound/doc.md +77 -0
  407. package/docs/policies/api-key-inbound/intro.md +30 -0
  408. package/docs/policies/api-key-inbound/schema.json +84 -0
  409. package/docs/policies/archive-request-aws-s3-inbound/intro.md +4 -0
  410. package/docs/policies/archive-request-aws-s3-inbound/policy.ts +58 -0
  411. package/docs/policies/archive-request-aws-s3-inbound/schema.json +68 -0
  412. package/docs/policies/archive-request-azure-storage-inbound/doc.md +31 -0
  413. package/docs/policies/archive-request-azure-storage-inbound/intro.md +4 -0
  414. package/docs/policies/archive-request-azure-storage-inbound/policy.ts +54 -0
  415. package/docs/policies/archive-request-azure-storage-inbound/schema.json +53 -0
  416. package/docs/policies/archive-request-gcp-storage-inbound/doc.md +63 -0
  417. package/docs/policies/archive-request-gcp-storage-inbound/intro.md +4 -0
  418. package/docs/policies/archive-request-gcp-storage-inbound/policy.ts +68 -0
  419. package/docs/policies/archive-request-gcp-storage-inbound/schema.json +47 -0
  420. package/docs/policies/archive-response-aws-s3-outbound/intro.md +2 -0
  421. package/docs/policies/archive-response-aws-s3-outbound/policy.ts +59 -0
  422. package/docs/policies/archive-response-aws-s3-outbound/schema.json +68 -0
  423. package/docs/policies/archive-response-azure-storage-outbound/doc.md +31 -0
  424. package/docs/policies/archive-response-azure-storage-outbound/intro.md +3 -0
  425. package/docs/policies/archive-response-azure-storage-outbound/policy.ts +54 -0
  426. package/docs/policies/archive-response-azure-storage-outbound/schema.json +53 -0
  427. package/docs/policies/audit-log-inbound/doc.md +78 -0
  428. package/docs/policies/audit-log-inbound/intro.md +10 -0
  429. package/docs/policies/audit-log-inbound/schema.json +81 -0
  430. package/docs/policies/auth0-jwt-auth-inbound/doc.md +125 -0
  431. package/docs/policies/auth0-jwt-auth-inbound/intro.md +17 -0
  432. package/docs/policies/auth0-jwt-auth-inbound/schema.json +74 -0
  433. package/docs/policies/authzen-inbound/doc.md +24 -0
  434. package/docs/policies/authzen-inbound/intro.md +31 -0
  435. package/docs/policies/authzen-inbound/schema.json +126 -0
  436. package/docs/policies/axiomatics-authz-inbound/doc.md +144 -0
  437. package/docs/policies/axiomatics-authz-inbound/intro.md +11 -0
  438. package/docs/policies/axiomatics-authz-inbound/schema.json +161 -0
  439. package/docs/policies/basic-auth-inbound/intro.md +9 -0
  440. package/docs/policies/basic-auth-inbound/schema.json +99 -0
  441. package/docs/policies/bot-detection-inbound/intro.md +4 -0
  442. package/docs/policies/bot-detection-inbound/schema.json +56 -0
  443. package/docs/policies/brownout-inbound/doc.md +55 -0
  444. package/docs/policies/brownout-inbound/intro.md +12 -0
  445. package/docs/policies/brownout-inbound/schema.json +115 -0
  446. package/docs/policies/caching-inbound/doc.md +209 -0
  447. package/docs/policies/caching-inbound/intro.md +23 -0
  448. package/docs/policies/caching-inbound/schema.json +98 -0
  449. package/docs/policies/change-method-inbound/schema.json +56 -0
  450. package/docs/policies/clear-headers-inbound/schema.json +59 -0
  451. package/docs/policies/clear-headers-outbound/schema.json +59 -0
  452. package/docs/policies/clerk-jwt-auth-inbound/doc.md +85 -0
  453. package/docs/policies/clerk-jwt-auth-inbound/intro.md +4 -0
  454. package/docs/policies/clerk-jwt-auth-inbound/schema.json +68 -0
  455. package/docs/policies/cognito-jwt-auth-inbound/intro.md +7 -0
  456. package/docs/policies/cognito-jwt-auth-inbound/schema.json +74 -0
  457. package/docs/policies/comet-opik-tracing-inbound/schema.json +65 -0
  458. package/docs/policies/complex-rate-limit-inbound/doc.md +20 -0
  459. package/docs/policies/complex-rate-limit-inbound/intro.md +23 -0
  460. package/docs/policies/complex-rate-limit-inbound/schema.json +142 -0
  461. package/docs/policies/composite-inbound/doc.md +69 -0
  462. package/docs/policies/composite-inbound/intro.md +15 -0
  463. package/docs/policies/composite-inbound/schema.json +59 -0
  464. package/docs/policies/composite-outbound/intro.md +6 -0
  465. package/docs/policies/composite-outbound/schema.json +59 -0
  466. package/docs/policies/curity-phantom-token-inbound/doc.md +109 -0
  467. package/docs/policies/curity-phantom-token-inbound/intro.md +3 -0
  468. package/docs/policies/curity-phantom-token-inbound/schema.json +68 -0
  469. package/docs/policies/custom-code-inbound/doc.md +267 -0
  470. package/docs/policies/custom-code-inbound/intro.md +2 -0
  471. package/docs/policies/custom-code-inbound/schema.json +48 -0
  472. package/docs/policies/custom-code-outbound/doc.md +235 -0
  473. package/docs/policies/custom-code-outbound/intro.md +2 -0
  474. package/docs/policies/custom-code-outbound/schema.json +43 -0
  475. package/docs/policies/firebase-jwt-inbound/intro.md +6 -0
  476. package/docs/policies/firebase-jwt-inbound/schema.json +68 -0
  477. package/docs/policies/formdata-to-json-inbound/schema.json +60 -0
  478. package/docs/policies/galileo-tracing-inbound/schema.json +65 -0
  479. package/docs/policies/geo-filter-inbound/doc.md +33 -0
  480. package/docs/policies/geo-filter-inbound/schema.json +108 -0
  481. package/docs/policies/graphql-complexity-limit-inbound/doc.md +48 -0
  482. package/docs/policies/graphql-complexity-limit-inbound/intro.md +2 -0
  483. package/docs/policies/graphql-complexity-limit-inbound/schema.json +90 -0
  484. package/docs/policies/graphql-disable-introspection-inbound/doc.md +66 -0
  485. package/docs/policies/graphql-disable-introspection-inbound/intro.md +15 -0
  486. package/docs/policies/graphql-disable-introspection-inbound/schema.json +48 -0
  487. package/docs/policies/graphql-introspection-filter-outbound/doc.md +148 -0
  488. package/docs/policies/graphql-introspection-filter-outbound/schema.json +79 -0
  489. package/docs/policies/hmac-auth-inbound/doc.md +30 -0
  490. package/docs/policies/hmac-auth-inbound/intro.md +10 -0
  491. package/docs/policies/hmac-auth-inbound/policy.ts +70 -0
  492. package/docs/policies/hmac-auth-inbound/schema.json +53 -0
  493. package/docs/policies/http-deprecation-outbound/doc.md +73 -0
  494. package/docs/policies/http-deprecation-outbound/schema.json +83 -0
  495. package/docs/policies/ip-restriction-inbound/intro.md +8 -0
  496. package/docs/policies/ip-restriction-inbound/policy.ts +40 -0
  497. package/docs/policies/ip-restriction-inbound/schema.json +58 -0
  498. package/docs/policies/jwt-scopes-inbound/schema.json +59 -0
  499. package/docs/policies/ldap-auth-inbound/schema.json +56 -0
  500. package/docs/policies/mock-api-inbound/schema.json +72 -0
  501. package/docs/policies/moesif-inbound/doc.md +44 -0
  502. package/docs/policies/moesif-inbound/intro.md +6 -0
  503. package/docs/policies/moesif-inbound/schema.json +68 -0
  504. package/docs/policies/monetization-inbound/doc.md +87 -0
  505. package/docs/policies/monetization-inbound/intro.md +6 -0
  506. package/docs/policies/monetization-inbound/schema.json +102 -0
  507. package/docs/policies/mtls-auth-inbound/intro.md +6 -0
  508. package/docs/policies/mtls-auth-inbound/schema.json +68 -0
  509. package/docs/policies/okta-fga-authz-inbound/doc.md +181 -0
  510. package/docs/policies/okta-fga-authz-inbound/intro.md +20 -0
  511. package/docs/policies/okta-fga-authz-inbound/schema.json +104 -0
  512. package/docs/policies/okta-jwt-auth-inbound/intro.md +7 -0
  513. package/docs/policies/okta-jwt-auth-inbound/schema.json +74 -0
  514. package/docs/policies/open-id-jwt-auth-inbound/doc.md +58 -0
  515. package/docs/policies/open-id-jwt-auth-inbound/intro.md +30 -0
  516. package/docs/policies/open-id-jwt-auth-inbound/schema.json +128 -0
  517. package/docs/policies/openfga-authz-inbound/doc.md +207 -0
  518. package/docs/policies/openfga-authz-inbound/intro.md +17 -0
  519. package/docs/policies/openfga-authz-inbound/schema.json +191 -0
  520. package/docs/policies/openmeter-inbound/doc.md +163 -0
  521. package/docs/policies/openmeter-inbound/intro.md +18 -0
  522. package/docs/policies/openmeter-inbound/schema.json +183 -0
  523. package/docs/policies/prompt-injection-outbound/doc.md +106 -0
  524. package/docs/policies/prompt-injection-outbound/intro.md +4 -0
  525. package/docs/policies/prompt-injection-outbound/schema.json +74 -0
  526. package/docs/policies/propel-auth-jwt-inbound/doc.md +88 -0
  527. package/docs/policies/propel-auth-jwt-inbound/intro.md +4 -0
  528. package/docs/policies/propel-auth-jwt-inbound/schema.json +74 -0
  529. package/docs/policies/query-param-to-header-inbound/doc.md +70 -0
  530. package/docs/policies/query-param-to-header-inbound/intro.md +5 -0
  531. package/docs/policies/query-param-to-header-inbound/schema.json +74 -0
  532. package/docs/policies/quota-inbound/doc.md +235 -0
  533. package/docs/policies/quota-inbound/intro.md +7 -0
  534. package/docs/policies/quota-inbound/schema.json +133 -0
  535. package/docs/policies/rate-limit-inbound/doc.md +78 -0
  536. package/docs/policies/rate-limit-inbound/intro.md +30 -0
  537. package/docs/policies/rate-limit-inbound/schema.json +134 -0
  538. package/docs/policies/rbac-policy-inbound/intro.md +3 -0
  539. package/docs/policies/rbac-policy-inbound/policy.ts +42 -0
  540. package/docs/policies/rbac-policy-inbound/schema.json +52 -0
  541. package/docs/policies/readme-metrics-inbound/doc.md +1 -0
  542. package/docs/policies/readme-metrics-inbound/intro.md +3 -0
  543. package/docs/policies/readme-metrics-inbound/schema.json +84 -0
  544. package/docs/policies/remove-headers-inbound/schema.json +59 -0
  545. package/docs/policies/remove-headers-outbound/schema.json +59 -0
  546. package/docs/policies/remove-query-params-inbound/schema.json +59 -0
  547. package/docs/policies/replace-string-outbound/schema.json +69 -0
  548. package/docs/policies/request-size-limit-inbound/schema.json +60 -0
  549. package/docs/policies/request-validation-inbound/doc.md +72 -0
  550. package/docs/policies/request-validation-inbound/intro.md +24 -0
  551. package/docs/policies/request-validation-inbound/schema.json +98 -0
  552. package/docs/policies/require-origin-inbound/intro.md +12 -0
  553. package/docs/policies/require-origin-inbound/schema.json +65 -0
  554. package/docs/policies/secret-masking-outbound/doc.md +41 -0
  555. package/docs/policies/secret-masking-outbound/intro.md +13 -0
  556. package/docs/policies/secret-masking-outbound/schema.json +65 -0
  557. package/docs/policies/semantic-cache-inbound/doc.md +63 -0
  558. package/docs/policies/semantic-cache-inbound/intro.md +4 -0
  559. package/docs/policies/semantic-cache-inbound/schema.json +179 -0
  560. package/docs/policies/set-body-inbound/intro.md +7 -0
  561. package/docs/policies/set-body-inbound/schema.json +56 -0
  562. package/docs/policies/set-headers-inbound/doc.md +41 -0
  563. package/docs/policies/set-headers-inbound/intro.md +2 -0
  564. package/docs/policies/set-headers-inbound/schema.json +83 -0
  565. package/docs/policies/set-headers-outbound/schema.json +83 -0
  566. package/docs/policies/set-query-params-inbound/schema.json +83 -0
  567. package/docs/policies/set-status-outbound/schema.json +62 -0
  568. package/docs/policies/sleep-inbound/schema.json +56 -0
  569. package/docs/policies/stripe-webhook-verification-inbound/intro.md +2 -0
  570. package/docs/policies/stripe-webhook-verification-inbound/schema.json +60 -0
  571. package/docs/policies/supabase-jwt-auth-inbound/doc.md +29 -0
  572. package/docs/policies/supabase-jwt-auth-inbound/intro.md +12 -0
  573. package/docs/policies/supabase-jwt-auth-inbound/schema.json +86 -0
  574. package/docs/policies/transform-body-inbound/intro.md +8 -0
  575. package/docs/policies/transform-body-inbound/policy.ts +16 -0
  576. package/docs/policies/transform-body-inbound/schema.json +27 -0
  577. package/docs/policies/transform-body-outbound/intro.md +8 -0
  578. package/docs/policies/transform-body-outbound/policy.ts +19 -0
  579. package/docs/policies/transform-body-outbound/schema.json +27 -0
  580. package/docs/policies/upstream-azure-ad-service-auth-inbound/doc.md +82 -0
  581. package/docs/policies/upstream-azure-ad-service-auth-inbound/intro.md +20 -0
  582. package/docs/policies/upstream-azure-ad-service-auth-inbound/schema.json +84 -0
  583. package/docs/policies/upstream-firebase-admin-auth-inbound/intro.md +10 -0
  584. package/docs/policies/upstream-firebase-admin-auth-inbound/schema.json +68 -0
  585. package/docs/policies/upstream-firebase-user-auth-inbound/intro.md +2 -0
  586. package/docs/policies/upstream-firebase-user-auth-inbound/schema.json +113 -0
  587. package/docs/policies/upstream-gcp-federated-auth-inbound/doc.md +139 -0
  588. package/docs/policies/upstream-gcp-federated-auth-inbound/intro.md +21 -0
  589. package/docs/policies/upstream-gcp-federated-auth-inbound/schema.json +96 -0
  590. package/docs/policies/upstream-gcp-jwt-inbound/intro.md +10 -0
  591. package/docs/policies/upstream-gcp-jwt-inbound/schema.json +62 -0
  592. package/docs/policies/upstream-gcp-service-auth-inbound/doc.md +132 -0
  593. package/docs/policies/upstream-gcp-service-auth-inbound/intro.md +25 -0
  594. package/docs/policies/upstream-gcp-service-auth-inbound/schema.json +95 -0
  595. package/docs/policies/upstream-zuplo-jwt-auth-inbound/doc.md +213 -0
  596. package/docs/policies/upstream-zuplo-jwt-auth-inbound/intro.md +16 -0
  597. package/docs/policies/upstream-zuplo-jwt-auth-inbound/schema.json +101 -0
  598. package/docs/policies/validate-json-schema-inbound/doc.md +129 -0
  599. package/docs/policies/validate-json-schema-inbound/intro.md +7 -0
  600. package/docs/policies/validate-json-schema-inbound/schema.json +56 -0
  601. package/docs/policies/web-bot-auth-inbound/doc.md +104 -0
  602. package/docs/policies/web-bot-auth-inbound/intro.md +16 -0
  603. package/docs/policies/web-bot-auth-inbound/schema.json +76 -0
  604. package/docs/policies/xml-to-json-outbound/doc.md +71 -0
  605. package/docs/policies/xml-to-json-outbound/intro.md +4 -0
  606. package/docs/policies/xml-to-json-outbound/schema.json +117 -0
  607. package/docs/programmable-api/audit-log.mdx +74 -0
  608. package/docs/programmable-api/background-dispatcher.mdx +124 -0
  609. package/docs/programmable-api/background-loader.mdx +104 -0
  610. package/docs/programmable-api/cache.mdx +186 -0
  611. package/docs/programmable-api/compatibility-dates.mdx +201 -0
  612. package/docs/programmable-api/console-logging.mdx +48 -0
  613. package/docs/programmable-api/context-data.mdx +127 -0
  614. package/docs/programmable-api/custom-cors-policy.mdx +64 -0
  615. package/docs/programmable-api/environment.mdx +328 -0
  616. package/docs/programmable-api/hooks.mdx +569 -0
  617. package/docs/programmable-api/http-problems.mdx +385 -0
  618. package/docs/programmable-api/jwt-service-plugin.mdx +420 -0
  619. package/docs/programmable-api/logger.mdx +223 -0
  620. package/docs/programmable-api/memory-zone-read-through-cache.mdx +96 -0
  621. package/docs/programmable-api/node-modules.mdx +67 -0
  622. package/docs/programmable-api/not-found-handler.mdx +47 -0
  623. package/docs/programmable-api/oauth-protected-resource-plugin.mdx +46 -0
  624. package/docs/programmable-api/overview.mdx +213 -0
  625. package/docs/programmable-api/problem-response-formatter.mdx +183 -0
  626. package/docs/programmable-api/request-user.mdx +289 -0
  627. package/docs/programmable-api/reusing-code.mdx +26 -0
  628. package/docs/programmable-api/route-raw.mdx +55 -0
  629. package/docs/programmable-api/runtime-behaviors.mdx +25 -0
  630. package/docs/programmable-api/runtime-errors.mdx +246 -0
  631. package/docs/programmable-api/runtime-extensions.mdx +340 -0
  632. package/docs/programmable-api/safely-clone-a-request-or-response.mdx +57 -0
  633. package/docs/programmable-api/streaming-zone-cache.mdx +155 -0
  634. package/docs/programmable-api/web-crypto-apis.mdx +219 -0
  635. package/docs/programmable-api/web-standard-apis.mdx +109 -0
  636. package/docs/programmable-api/zone-cache.mdx +131 -0
  637. package/docs/programmable-api/zp-body-removed.mdx +32 -0
  638. package/docs/programmable-api/zuplo-context.mdx +414 -0
  639. package/docs/programmable-api/zuplo-id-token.mdx +90 -0
  640. package/docs/programmable-api/zuplo-json.mdx +91 -0
  641. package/docs/programmable-api/zuplo-request.mdx +200 -0
  642. package/docs/sample-apis.mdx +78 -0
  643. package/docs/self-hosted/overview.md +60 -0
  644. package/package.json +6 -5
@@ -0,0 +1,420 @@
1
+ ---
2
+ title: JWT Service Plugin
3
+ ---
4
+
5
+ <EnterpriseFeature name="JWT Service Plugin" />
6
+
7
+ The JWT Service Plugin allows you to create and issue short-lived JSON Web
8
+ Tokens (JWTs) within your Zuplo API. This plugin is useful for scenarios where
9
+ you need to issue tokens for authentication, authorization, or other purposes.
10
+
11
+ The plugin essentially turns your Zuplo API into its own identity provider that
12
+ can issue JWTs. Your Zuplo API will also serve the standard
13
+ `/.well-known/openid-configuration` endpoint and associated JWKS endpoint which
14
+ can be used by clients to discover the public keys used to verify the JWTs
15
+ issued by your API.
16
+
17
+ :::note{title="Beta Feature"}
18
+
19
+ This plugin is in Beta - please use with care and provide feedback to the team
20
+ if you encounter any issues.
21
+
22
+ :::
23
+
24
+ ## JWT Token
25
+
26
+ This service currently issues JWTs using the EdDSA algorithm. This is the
27
+ recommended algorithm for new applications due to its strong security properties
28
+ and performance characteristics. However, it's important to note that not every
29
+ library supports EdDSA, so you should ensure that your
30
+ [client library](https://jwt.io/libraries) can handle this algorithm.
31
+
32
+ ## Use Cases
33
+
34
+ Some of the common use cases for the JWT service plugin include:
35
+
36
+ - Securing downstream APIs by issuing JWTs that can be used to verify that the
37
+ request is coming from your Zuplo API
38
+ - Securing requests to other Zuplo API gateways (for example, when using the
39
+ [Federated Gateway](../dedicated/federated-gateways.mdx) capability on Zuplo
40
+ managed dedicated deployments.)
41
+ - Calling third-party APIs that can be configured with federated identity such
42
+ as AWS, Azure, or Google Cloud.
43
+ - Issuing short lived tokens for client side applications
44
+
45
+ ## Setup
46
+
47
+ To set up the JWT Service Plugin, you need to register it in your
48
+ `zuplo.runtime.ts` file.
49
+
50
+ ```ts title="modules/zuplo.runtime.ts"
51
+ import { RuntimeExtensions, JwtServicePlugin } from "@zuplo/runtime";
52
+
53
+ export function runtimeInit(runtime: RuntimeExtensions) {
54
+ // Default configuration (no options)
55
+ const jwtService = new JwtServicePlugin();
56
+ runtime.addPlugin(jwtService);
57
+ }
58
+ ```
59
+
60
+ ### Configuration Options
61
+
62
+ The JWT Service Plugin accepts optional configuration to customize its behavior.
63
+ You can pass a configuration object to the constructor:
64
+
65
+ ```ts title="modules/zuplo.runtime.ts"
66
+ import {
67
+ RuntimeExtensions,
68
+ JwtServicePlugin,
69
+ JwtServicePluginOptions,
70
+ } from "@zuplo/runtime";
71
+
72
+ export function runtimeInit(runtime: RuntimeExtensions) {
73
+ // Example 1: Custom configuration with both options
74
+ const options: JwtServicePluginOptions = {
75
+ // Custom base path for the issuer endpoint (default: "/__zuplo/issuer")
76
+ basePath: "/custom",
77
+
78
+ // Token expiration time (default: 300 seconds)
79
+ // Can be a number (seconds) or a time span string
80
+ tokenExpiration: "5m", // or 300 for seconds
81
+ };
82
+
83
+ const jwtService = new JwtServicePlugin(options);
84
+ runtime.addPlugin(jwtService);
85
+ }
86
+ ```
87
+
88
+ #### Available Options
89
+
90
+ - **`basePath`** (optional): The base path for the JWT issuer endpoint. Default
91
+ is `"/__zuplo/issuer"`. This affects the issuer URL and OIDC configuration
92
+ endpoints.
93
+
94
+ - **`tokenExpiration`** (optional): Sets the default expiration time for JWTs.
95
+ Can be either:
96
+ - A **number**: Direct value in seconds (for example, `300` for 5 minutes)
97
+ - A **string**: Time span format (for example, `"5 minutes"`, `"1 hour"`,
98
+ `"7 days"`)
99
+
100
+ Valid time units include:
101
+ - Seconds: `"sec"`, `"secs"`, `"second"`, `"seconds"`, `"s"`
102
+ - Minutes: `"minute"`, `"minutes"`, `"min"`, `"mins"`, `"m"`
103
+ - Hours: `"hour"`, `"hours"`, `"hr"`, `"hrs"`, `"h"`
104
+ - Days: `"day"`, `"days"`, `"d"`
105
+ - Weeks: `"week"`, `"weeks"`, `"w"`
106
+ - Years: `"year"`, `"years"`, `"yr"`, `"yrs"`, `"y"` (365.25 days)
107
+
108
+ Examples:
109
+
110
+ ```ts
111
+ tokenExpiration: 300; // 300 seconds
112
+ tokenExpiration: "5 minutes"; // 5 minutes
113
+ tokenExpiration: "2 hours"; // 2 hours
114
+ tokenExpiration: "7 days"; // 7 days
115
+ tokenExpiration: "30 mins"; // 30 minutes
116
+ ```
117
+
118
+ Note: Individual JWT creation can override this default by specifying
119
+ `expiresIn` in the `signJwt` method.
120
+
121
+ ## Usage
122
+
123
+ Once the plugin is registered, you can use it to issue JWTs in custom handlers
124
+ or policies.
125
+
126
+ ```ts title="modules/handlers/jwt-issue.ts"
127
+ import { ZuploRequest, ZuploContext, JwtServicePlugin } from "@zuplo/runtime";
128
+
129
+ export async function getJwt(request: ZuploRequest, context: ZuploContext) {
130
+ const jwt = await JwtServicePlugin.signJwt({
131
+ subject: "test-subject",
132
+ });
133
+ return new Response(jwt, {
134
+ headers: { "content-type": "text/plain" },
135
+ });
136
+ }
137
+ ```
138
+
139
+ ### JWT Issuer and OIDC Configuration
140
+
141
+ When the JWT Service Plugin is enabled, your Zuplo API acts as an identity
142
+ provider with the following endpoints:
143
+
144
+ - **Issuer URL**: `https://{deploymentName}.zuplo.com/__zuplo/issuer` (or your
145
+ custom domain if configured)
146
+ - **OIDC Configuration**:
147
+ `https://{deploymentName}.zuplo.com/__zuplo/issuer/.well-known/openid-configuration`
148
+ - **JWKS Endpoint**:
149
+ `https://{deploymentName}.zuplo.com/__zuplo/issuer/.well-known/jwks.json`
150
+
151
+ The OIDC configuration endpoint returns a standard OpenID Connect discovery
152
+ document that includes the JWKS URI for retrieving the public keys used to
153
+ verify JWTs.
154
+
155
+ ### Creating a JWT Authorization Policy
156
+
157
+ A common pattern is to create a custom policy that automatically adds JWT tokens
158
+ to outbound requests. This is useful when calling downstream APIs that require
159
+ authentication.
160
+
161
+ Here's an example of a [custom policy](../policies/custom-code-inbound.mdx) that
162
+ adds a JWT to the Authorization header of outbound requests:
163
+
164
+ ```ts title="modules/policies/jwt-auth-upstream.ts"
165
+ import {
166
+ ZuploRequest,
167
+ ZuploContext,
168
+ RequestHandlerPlugin,
169
+ JwtServicePlugin,
170
+ } from "@zuplo/runtime";
171
+
172
+ export default async function (request: ZuploRequest, context: ZuploContext) {
173
+ // Generate a JWT with the configured options
174
+ const jwt = await JwtServicePlugin.signJwt({
175
+ subject: request.user?.sub || "api-gateway",
176
+ audience: request.url,
177
+ });
178
+
179
+ // Add the JWT to the Authorization header of the request
180
+ const headers = new Headers(request.headers);
181
+ headers.set("Authorization", `Bearer ${jwt}`);
182
+
183
+ return new ZuploRequest(request, { headers });
184
+ }
185
+ ```
186
+
187
+ ## Validating JWTs in Upstream Services
188
+
189
+ Upstream services can validate the JWTs issued by your Zuplo API by verifying
190
+ the signature and claims. Here's an example of how to validate JWTs in different
191
+ environments:
192
+
193
+ ### Node.js/Express Example
194
+
195
+ ```js title="validate-jwt.js"
196
+ const jwt = require("jsonwebtoken");
197
+ const jwksClient = require("jwks-rsa");
198
+
199
+ // Replace with your actual Zuplo deployment name or custom domain
200
+ const ISSUER = "https://my-api.zuplo.com/__zuplo/issuer";
201
+
202
+ // Create a JWKS client to fetch public keys
203
+ const client = jwksClient({
204
+ jwksUri: `${ISSUER}/.well-known/jwks.json`,
205
+ cache: true,
206
+ cacheMaxAge: 600000, // 10 minutes
207
+ });
208
+
209
+ // Function to get the signing key
210
+ function getKey(header, callback) {
211
+ client.getSigningKey(header.kid, function (err, key) {
212
+ if (err) {
213
+ return callback(err);
214
+ }
215
+ const signingKey = key.getPublicKey();
216
+ callback(null, signingKey);
217
+ });
218
+ }
219
+
220
+ // Middleware to validate JWT
221
+ function validateJwt(req, res, next) {
222
+ const token = req.headers.authorization?.replace("Bearer ", "");
223
+
224
+ if (!token) {
225
+ return res.status(401).json({ error: "No token provided" });
226
+ }
227
+
228
+ jwt.verify(
229
+ token,
230
+ getKey,
231
+ {
232
+ issuer: ISSUER,
233
+ algorithms: ["RS256"],
234
+ },
235
+ (err, decoded) => {
236
+ if (err) {
237
+ return res
238
+ .status(401)
239
+ .json({ error: "Invalid token", details: err.message });
240
+ }
241
+ req.user = decoded;
242
+ next();
243
+ },
244
+ );
245
+ }
246
+
247
+ // Example usage
248
+ app.get("/protected", validateJwt, (req, res) => {
249
+ res.json({
250
+ message: "Access granted",
251
+ user: req.user,
252
+ });
253
+ });
254
+ ```
255
+
256
+ ### Python/FastAPI Example
257
+
258
+ ```python title="validate_jwt.py"
259
+ from fastapi import FastAPI, Depends, HTTPException, Security
260
+ from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
261
+ import jwt
262
+ from jwt import PyJWKClient
263
+ import requests
264
+
265
+ app = FastAPI()
266
+ security = HTTPBearer()
267
+
268
+ # Replace with your actual Zuplo deployment name or custom domain
269
+ ISSUER = "https://my-api.zuplo.com/__zuplo/issuer"
270
+ JWKS_URL = f"{ISSUER}/.well-known/jwks.json"
271
+
272
+ # Initialize JWKS client
273
+ jwks_client = PyJWKClient(JWKS_URL)
274
+
275
+ async def validate_token(credentials: HTTPAuthorizationCredentials = Security(security)):
276
+ token = credentials.credentials
277
+
278
+ try:
279
+ # Get the signing key from JWKS
280
+ signing_key = jwks_client.get_signing_key_from_jwt(token)
281
+
282
+ # Verify and decode the token
283
+ payload = jwt.decode(
284
+ token,
285
+ signing_key.key,
286
+ algorithms=["RS256"],
287
+ issuer=ISSUER,
288
+ options={"verify_exp": True}
289
+ )
290
+
291
+ return payload
292
+ except jwt.ExpiredSignatureError:
293
+ raise HTTPException(status_code=401, detail="Token has expired")
294
+ except jwt.InvalidTokenError as e:
295
+ raise HTTPException(status_code=401, detail=f"Invalid token: {str(e)}")
296
+
297
+ @app.get("/protected")
298
+ async def protected_route(token_data: dict = Depends(validate_token)):
299
+ return {
300
+ "message": "Access granted",
301
+ "user": token_data
302
+ }
303
+ ```
304
+
305
+ ### Dynamic OIDC Discovery
306
+
307
+ For more flexible JWT validation, you can use a library to dynamically discover
308
+ the OIDC configuration based on the issuer claim in the JWT. This example uses
309
+ the [`oauth4webapi`](https://github.com/panva/oauth4webapi) library.
310
+
311
+ :::warning{title="Security Warning"}
312
+
313
+ This approach is particularly useful when you have multiple Zuplo APIs with
314
+ different issuers or when the issuer URL might change (for example, between
315
+ environments). It's CRITICAL that you validate the issuer claim in the JWT to
316
+ ensure you are only allowing tokens from trusted issuers.
317
+
318
+ :::
319
+
320
+ ```js title="validate-jwt-dynamic.js"
321
+ import * as oauth from "oauth4webapi";
322
+
323
+ const ALLOWED_ISSUERS = [
324
+ "https://my-api.zuplo.com/__zuplo/issuer",
325
+ "https://another-api.zuplo.com/__zuplo/issuer",
326
+ // Add more allowed issuers as needed
327
+ ];
328
+
329
+ async function validateJwtDynamic(token) {
330
+ try {
331
+ // Decode the JWT header and payload without verification first
332
+ const parts = token.split(".");
333
+ if (parts.length !== 3) {
334
+ throw new Error("Invalid JWT format");
335
+ }
336
+
337
+ const payload = JSON.parse(
338
+ atob(parts[1].replace(/-/g, "+").replace(/_/g, "/")),
339
+ );
340
+
341
+ // Extract the issuer from the token
342
+ const issuer = payload.iss;
343
+ if (!issuer) {
344
+ throw new Error("No issuer claim in token");
345
+ }
346
+
347
+ // Validate the issuer against allowed issuers
348
+ if (!ALLOWED_ISSUERS.includes(issuer)) {
349
+ throw new Error(`Issuer ${issuer} isn't allowed`);
350
+ }
351
+
352
+ // Discover the OIDC configuration
353
+ const issuerUrl = new URL(issuer);
354
+ const as = await oauth
355
+ .discoveryRequest(issuerUrl)
356
+ .then((response) => oauth.processDiscoveryResponse(issuerUrl, response));
357
+
358
+ // Get the JWKS
359
+ const jwks = await oauth
360
+ .jwksRequest(as)
361
+ .then((response) => oauth.processJwksResponse(response));
362
+
363
+ // Import the JWT and validate it
364
+ const { payload: verifiedPayload, protectedHeader } =
365
+ await oauth.validateJwt(token, jwks, {
366
+ issuer: issuer,
367
+ audience: payload.aud, // Optional: validate audience
368
+ });
369
+
370
+ return verifiedPayload;
371
+ } catch (error) {
372
+ throw new Error(`JWT validation failed: ${error.message}`);
373
+ }
374
+ }
375
+
376
+ // Express middleware example
377
+ function validateJwtMiddleware(req, res, next) {
378
+ const token = req.headers.authorization?.replace("Bearer ", "");
379
+
380
+ if (!token) {
381
+ return res.status(401).json({ error: "No token provided" });
382
+ }
383
+
384
+ validateJwtDynamic(token)
385
+ .then((payload) => {
386
+ req.user = payload;
387
+ next();
388
+ })
389
+ .catch((error) => {
390
+ res.status(401).json({ error: error.message });
391
+ });
392
+ }
393
+
394
+ // Usage
395
+ app.get("/protected", validateJwtMiddleware, (req, res) => {
396
+ res.json({
397
+ message: "Access granted",
398
+ user: req.user,
399
+ });
400
+ });
401
+ ```
402
+
403
+ This approach is particularly useful when:
404
+
405
+ - You need to validate JWTs from multiple Zuplo APIs with different issuers
406
+ - The issuer URL might change (for example, between environments)
407
+ - You want to leverage automatic OIDC discovery for configuration updates
408
+
409
+ ### Important Validation Steps
410
+
411
+ When validating JWTs from Zuplo:
412
+
413
+ 1. **Verify the signature** using the public keys from the JWKS endpoint
414
+ 2. **Check the issuer** matches your Zuplo API's issuer URL
415
+ 3. **Validate expiration** to ensure the token hasn't expired
416
+ 4. **Verify audience** if your tokens include audience claims
417
+ 5. **Check any custom claims** required by your application
418
+
419
+ The JWT Service Plugin handles key rotation automatically, so always fetch the
420
+ current public keys from the JWKS endpoint rather than hard coding them.
@@ -0,0 +1,223 @@
1
+ ---
2
+ title: Logger
3
+ ---
4
+
5
+ The `Logger` interface provides structured logging capabilities throughout your
6
+ Zuplo API gateway. The logger is accessible via the `context.log` property and
7
+ supports multiple log levels.
8
+
9
+ ## Interface
10
+
11
+ ```ts
12
+ interface Logger {
13
+ debug(...messages: unknown[]): void;
14
+ info(...messages: unknown[]): void;
15
+ warn(...messages: unknown[]): void;
16
+ error(...messages: unknown[]): void;
17
+ log(...messages: unknown[]): void;
18
+ }
19
+ ```
20
+
21
+ ## Log Levels
22
+
23
+ The logger supports the following levels (from least to most severe):
24
+
25
+ - `debug` - Detailed information for debugging
26
+ - `info` - General informational messages
27
+ - `warn` - Warning messages for potentially problematic situations
28
+ - `error` - Error messages for failures and exceptions
29
+ - `log` - Alias for `info` level
30
+
31
+ ## Usage
32
+
33
+ The logger is available on the [ZuploContext](./zuplo-context.mdx) object:
34
+
35
+ ```ts
36
+ import { ZuploContext, ZuploRequest } from "@zuplo/runtime";
37
+
38
+ export default async function handler(
39
+ request: ZuploRequest,
40
+ context: ZuploContext,
41
+ ) {
42
+ // Log at different levels
43
+ context.log.debug("Detailed debug information");
44
+ context.log.info("Request received", { path: request.url });
45
+ context.log.warn("Deprecated endpoint accessed");
46
+ context.log.error("Failed to process request", { error: "Invalid input" });
47
+
48
+ return new Response("OK");
49
+ }
50
+ ```
51
+
52
+ ## Structured Logging
53
+
54
+ The logger accepts multiple arguments and automatically serializes objects:
55
+
56
+ ```ts
57
+ // Log simple strings
58
+ context.log.info("User authenticated");
59
+
60
+ // Log objects
61
+ context.log.info({
62
+ userId: "user-123",
63
+ action: "login",
64
+ timestamp: Date.now(),
65
+ });
66
+
67
+ // Log multiple arguments
68
+ context.log.info(
69
+ "Processing request",
70
+ {
71
+ method: request.method,
72
+ path: request.url,
73
+ },
74
+ "additional info",
75
+ );
76
+
77
+ // Log arrays
78
+ context.log.debug(["step1", "step2", "step3"]);
79
+
80
+ // Log errors
81
+ try {
82
+ await riskyOperation();
83
+ } catch (error) {
84
+ context.log.error("Operation failed", {
85
+ error: error.message,
86
+ stack: error.stack,
87
+ });
88
+ }
89
+ ```
90
+
91
+ ## Automatic Request ID
92
+
93
+ The logger automatically includes the request ID with every log entry:
94
+
95
+ ```ts
96
+ context.log.info("Processing payment");
97
+ // Output includes: { "message": "Processing payment", "requestId": "req_abc123..." }
98
+ ```
99
+
100
+ ## Environment Configuration
101
+
102
+ Log levels vary by environment:
103
+
104
+ - **Development/Preview**: Typically set to `debug` or `info` level
105
+ - **Production**: Typically set to `error` level only
106
+
107
+ ## Best Practices
108
+
109
+ ### 1. Use Appropriate Log Levels
110
+
111
+ ```ts
112
+ // Debug - detailed information for troubleshooting
113
+ context.log.debug("Cache lookup", { key: cacheKey, ttl: 300 });
114
+
115
+ // Info - general application flow
116
+ context.log.info("Order created", { orderId: "order-123", total: 99.99 });
117
+
118
+ // Warn - concerning but not critical
119
+ context.log.warn("Rate limit approaching", { current: 95, limit: 100 });
120
+
121
+ // Error - failures and exceptions
122
+ context.log.error("Payment failed", {
123
+ orderId: "order-123",
124
+ errorCode: "INSUFFICIENT_FUNDS",
125
+ });
126
+ ```
127
+
128
+ ### 2. Include Contextual Information
129
+
130
+ ```ts
131
+ export default async function handler(
132
+ request: ZuploRequest,
133
+ context: ZuploContext,
134
+ ) {
135
+ const startTime = Date.now();
136
+ const userId = request.user?.sub;
137
+
138
+ context.log.info("Request started", {
139
+ userId,
140
+ method: request.method,
141
+ path: new URL(request.url).pathname,
142
+ userAgent: request.headers.get("user-agent"),
143
+ });
144
+
145
+ try {
146
+ const result = await processRequest(request);
147
+
148
+ context.log.info("Request completed", {
149
+ userId,
150
+ duration: Date.now() - startTime,
151
+ status: "success",
152
+ });
153
+
154
+ return new Response(JSON.stringify(result));
155
+ } catch (error) {
156
+ context.log.error("Request failed", {
157
+ userId,
158
+ duration: Date.now() - startTime,
159
+ error: error.message,
160
+ stack: error.stack,
161
+ });
162
+
163
+ throw error;
164
+ }
165
+ }
166
+ ```
167
+
168
+ ### 3. Avoid Logging Sensitive Data
169
+
170
+ ```ts
171
+ // DON'T log sensitive information
172
+ context.log.info("User login", {
173
+ email: user.email,
174
+ password: user.password, // Never log passwords!
175
+ });
176
+
177
+ // DO log safe identifiers
178
+ context.log.info("User login", {
179
+ userId: user.id,
180
+ email: user.email.replace(/(.{2}).*(@.*)/, "$1***$2"), // Partially masked
181
+ });
182
+ ```
183
+
184
+ ### 4. Use Structured Data for Better Querying
185
+
186
+ ```ts
187
+ // Good - structured data that can be queried
188
+ context.log.info("API call completed", {
189
+ service: "payment-processor",
190
+ operation: "charge",
191
+ duration: 1234,
192
+ status: "success",
193
+ amount: 99.99,
194
+ currency: "USD",
195
+ });
196
+
197
+ // Less useful - unstructured string
198
+ context.log.info(`Payment of $99.99 USD processed in 1234ms`);
199
+ ```
200
+
201
+ ## Integration with Log Management
202
+
203
+ Logs are automatically forwarded to your configured log management solution
204
+ (Datadog, Loki, etc.). The structured format makes it easy to:
205
+
206
+ - Search and filter logs
207
+ - Create alerts based on log patterns
208
+ - Generate metrics from log data
209
+ - Trace requests across services
210
+
211
+ ## Performance Considerations
212
+
213
+ - Logging has minimal performance impact
214
+ - Logs are processed asynchronously
215
+ - In production, use `error` level to reduce log volume
216
+ - Avoid logging large objects or sensitive data
217
+
218
+ ## See Also
219
+
220
+ - [ZuploContext](./zuplo-context.mdx) - The context object that provides the
221
+ logger
222
+ - [Logging](../articles/logging.mdx) - General logging documentation
223
+ - [Log Export](../articles/logging.mdx) - Exporting logs to external services