zuplo 6.67.32 → 6.68.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (644) hide show
  1. package/README.md +9 -0
  2. package/docs/_index.md +44 -0
  3. package/docs/ai-gateway/apps.mdx +28 -0
  4. package/docs/ai-gateway/custom-providers.mdx +54 -0
  5. package/docs/ai-gateway/getting-started.mdx +224 -0
  6. package/docs/ai-gateway/guardrails.mdx +65 -0
  7. package/docs/ai-gateway/integrations/ai-sdk.mdx +109 -0
  8. package/docs/ai-gateway/integrations/claude-code.mdx +49 -0
  9. package/docs/ai-gateway/integrations/codex.mdx +78 -0
  10. package/docs/ai-gateway/integrations/goose.mdx +104 -0
  11. package/docs/ai-gateway/integrations/langchain.mdx +66 -0
  12. package/docs/ai-gateway/integrations/openai.mdx +99 -0
  13. package/docs/ai-gateway/introduction.mdx +85 -0
  14. package/docs/ai-gateway/managing-apps.mdx +46 -0
  15. package/docs/ai-gateway/managing-providers.mdx +66 -0
  16. package/docs/ai-gateway/managing-teams.mdx +63 -0
  17. package/docs/ai-gateway/policies/akamai-ai-firewall.mdx +125 -0
  18. package/docs/ai-gateway/policies/comet-opik-tracing.mdx +139 -0
  19. package/docs/ai-gateway/policies/galileo-tracing.mdx +147 -0
  20. package/docs/ai-gateway/providers.mdx +32 -0
  21. package/docs/ai-gateway/teams.mdx +38 -0
  22. package/docs/ai-gateway/universal-api.mdx +43 -0
  23. package/docs/ai-gateway/usage-limits.mdx +89 -0
  24. package/docs/api-management/introduction.md +127 -0
  25. package/docs/articles/accounts/audit-logs.mdx +227 -0
  26. package/docs/articles/accounts/billing.mdx +25 -0
  27. package/docs/articles/accounts/default-api-key.mdx +30 -0
  28. package/docs/articles/accounts/delete-account.mdx +36 -0
  29. package/docs/articles/accounts/enterprise-sso.mdx +116 -0
  30. package/docs/articles/accounts/managing-account-members.mdx +45 -0
  31. package/docs/articles/accounts/managing-project-members.mdx +37 -0
  32. package/docs/articles/accounts/members-and-roles.mdx +21 -0
  33. package/docs/articles/accounts/roles-and-permissions.mdx +115 -0
  34. package/docs/articles/accounts/zuplo-api-keys.mdx +94 -0
  35. package/docs/articles/add-api-to-backstage.mdx +216 -0
  36. package/docs/articles/advanced-path-matching.mdx +139 -0
  37. package/docs/articles/api-key-administration.mdx +47 -0
  38. package/docs/articles/api-key-api.mdx +220 -0
  39. package/docs/articles/api-key-authentication.mdx +195 -0
  40. package/docs/articles/api-key-buckets.mdx +61 -0
  41. package/docs/articles/api-key-end-users.mdx +52 -0
  42. package/docs/articles/api-key-leak-detection.mdx +75 -0
  43. package/docs/articles/api-key-management.mdx +100 -0
  44. package/docs/articles/api-key-react-component.mdx +90 -0
  45. package/docs/articles/api-key-service-limits.mdx +14 -0
  46. package/docs/articles/archiving-requests-to-storage.mdx +119 -0
  47. package/docs/articles/branch-based-deployments.mdx +184 -0
  48. package/docs/articles/bypass-policy-for-testing.mdx +117 -0
  49. package/docs/articles/check-ip-address.mdx +17 -0
  50. package/docs/articles/ci-cd-azure/basic-deployment.mdx +49 -0
  51. package/docs/articles/ci-cd-azure/deploy-and-test.mdx +47 -0
  52. package/docs/articles/ci-cd-azure/local-testing.mdx +59 -0
  53. package/docs/articles/ci-cd-azure/multi-stage-deployment.mdx +88 -0
  54. package/docs/articles/ci-cd-azure/pr-preview-environments.mdx +50 -0
  55. package/docs/articles/ci-cd-azure/tag-based-releases.mdx +37 -0
  56. package/docs/articles/ci-cd-bitbucket/basic-deployment.mdx +27 -0
  57. package/docs/articles/ci-cd-bitbucket/deploy-and-test.mdx +41 -0
  58. package/docs/articles/ci-cd-bitbucket/local-testing.mdx +34 -0
  59. package/docs/articles/ci-cd-bitbucket/multi-stage-deployment.mdx +52 -0
  60. package/docs/articles/ci-cd-bitbucket/pr-preview-environments.mdx +46 -0
  61. package/docs/articles/ci-cd-bitbucket/tag-based-releases.mdx +27 -0
  62. package/docs/articles/ci-cd-circleci/basic-deployment.mdx +34 -0
  63. package/docs/articles/ci-cd-circleci/deploy-and-test.mdx +44 -0
  64. package/docs/articles/ci-cd-circleci/local-testing.mdx +50 -0
  65. package/docs/articles/ci-cd-circleci/multi-stage-deployment.mdx +82 -0
  66. package/docs/articles/ci-cd-circleci/pr-preview-environments.mdx +47 -0
  67. package/docs/articles/ci-cd-circleci/tag-based-releases.mdx +38 -0
  68. package/docs/articles/ci-cd-github/basic-deployment.mdx +48 -0
  69. package/docs/articles/ci-cd-github/cleanup-on-branch-delete.mdx +123 -0
  70. package/docs/articles/ci-cd-github/deploy-and-test.mdx +82 -0
  71. package/docs/articles/ci-cd-github/local-testing.mdx +102 -0
  72. package/docs/articles/ci-cd-github/multi-stage-deployment.mdx +136 -0
  73. package/docs/articles/ci-cd-github/pr-preview-environments.mdx +106 -0
  74. package/docs/articles/ci-cd-github/tag-based-releases.mdx +99 -0
  75. package/docs/articles/ci-cd-gitlab/basic-deployment.mdx +28 -0
  76. package/docs/articles/ci-cd-gitlab/deploy-and-test.mdx +44 -0
  77. package/docs/articles/ci-cd-gitlab/local-testing.mdx +39 -0
  78. package/docs/articles/ci-cd-gitlab/mr-preview-environments.mdx +52 -0
  79. package/docs/articles/ci-cd-gitlab/multi-stage-deployment.mdx +64 -0
  80. package/docs/articles/ci-cd-gitlab/tag-based-releases.mdx +28 -0
  81. package/docs/articles/composite-policy-reference.mdx +284 -0
  82. package/docs/articles/configuring-auth0-for-mcp-auth.mdx +186 -0
  83. package/docs/articles/configuring-okta-for-mcp-auth.mdx +208 -0
  84. package/docs/articles/convert-urls-to-openapi.mdx +62 -0
  85. package/docs/articles/cors.mdx +447 -0
  86. package/docs/articles/custom-audit-log-policy.mdx +95 -0
  87. package/docs/articles/custom-ci-cd-azure.mdx +81 -0
  88. package/docs/articles/custom-ci-cd-bitbucket.mdx +80 -0
  89. package/docs/articles/custom-ci-cd-circleci.mdx +78 -0
  90. package/docs/articles/custom-ci-cd-github.mdx +99 -0
  91. package/docs/articles/custom-ci-cd-gitlab.mdx +79 -0
  92. package/docs/articles/custom-ci-cd.mdx +82 -0
  93. package/docs/articles/custom-code-patterns.md +418 -0
  94. package/docs/articles/custom-domains.mdx +258 -0
  95. package/docs/articles/custom-logging-example.mdx +139 -0
  96. package/docs/articles/ddos-protection.mdx +138 -0
  97. package/docs/articles/development-options.mdx +49 -0
  98. package/docs/articles/environment-variables.mdx +134 -0
  99. package/docs/articles/environments.mdx +143 -0
  100. package/docs/articles/fastly-zuplo-host-setup.mdx +41 -0
  101. package/docs/articles/github-deployment-testing.mdx +101 -0
  102. package/docs/articles/gke-with-upstream-auth-policy.mdx +192 -0
  103. package/docs/articles/graphql-security.mdx +180 -0
  104. package/docs/articles/handling-form-data.mdx +61 -0
  105. package/docs/articles/health-checks.mdx +109 -0
  106. package/docs/articles/hosting-options.mdx +70 -0
  107. package/docs/articles/lazy-load-configuration-into-cache.mdx +92 -0
  108. package/docs/articles/limits.mdx +98 -0
  109. package/docs/articles/local-development-debugging.mdx +44 -0
  110. package/docs/articles/local-development-env-variables.mdx +23 -0
  111. package/docs/articles/local-development-installing-packages.mdx +23 -0
  112. package/docs/articles/local-development-routes-designer.mdx +27 -0
  113. package/docs/articles/local-development-services.mdx +40 -0
  114. package/docs/articles/local-development-troubleshooting.mdx +56 -0
  115. package/docs/articles/local-development.mdx +81 -0
  116. package/docs/articles/log-plugin-aws-cloudwatch.mdx +83 -0
  117. package/docs/articles/log-plugin-datadog.mdx +84 -0
  118. package/docs/articles/log-plugin-dynatrace.mdx +75 -0
  119. package/docs/articles/log-plugin-gcp.mdx +75 -0
  120. package/docs/articles/log-plugin-loki.mdx +136 -0
  121. package/docs/articles/log-plugin-new-relic.mdx +84 -0
  122. package/docs/articles/log-plugin-splunk.mdx +104 -0
  123. package/docs/articles/log-plugin-sumo.mdx +73 -0
  124. package/docs/articles/log-plugin-vmware-log-insight.mdx +154 -0
  125. package/docs/articles/log-request-response-data.mdx +398 -0
  126. package/docs/articles/logging.mdx +115 -0
  127. package/docs/articles/manual-mcp-oauth-testing.mdx +193 -0
  128. package/docs/articles/mcp-quickstart.mdx +135 -0
  129. package/docs/articles/metrics-plugins.mdx +371 -0
  130. package/docs/articles/migrate-from-apigee.md +408 -0
  131. package/docs/articles/migrate-from-aws-api-gateway.md +248 -0
  132. package/docs/articles/migrate-from-azure-apim.md +292 -0
  133. package/docs/articles/migrate-from-kong.md +300 -0
  134. package/docs/articles/migration-overview.md +81 -0
  135. package/docs/articles/monetization/api-access.mdx +69 -0
  136. package/docs/articles/monetization/billing-models.md +520 -0
  137. package/docs/articles/monetization/developer-portal.md +167 -0
  138. package/docs/articles/monetization/features.mdx +98 -0
  139. package/docs/articles/monetization/index.mdx +113 -0
  140. package/docs/articles/monetization/meters.mdx +135 -0
  141. package/docs/articles/monetization/monetization-policy.md +314 -0
  142. package/docs/articles/monetization/plan-examples.mdx +366 -0
  143. package/docs/articles/monetization/plans.mdx +266 -0
  144. package/docs/articles/monetization/pricing-models.mdx +225 -0
  145. package/docs/articles/monetization/private-plans.md +154 -0
  146. package/docs/articles/monetization/quickstart.md +355 -0
  147. package/docs/articles/monetization/rate-cards.mdx +171 -0
  148. package/docs/articles/monetization/stripe-integration.md +195 -0
  149. package/docs/articles/monetization/subscription-lifecycle.md +298 -0
  150. package/docs/articles/monetization/tax-collection.md +166 -0
  151. package/docs/articles/monetization/troubleshooting.md +272 -0
  152. package/docs/articles/monetization-custom.mdx +71 -0
  153. package/docs/articles/monetization-integrations.mdx +104 -0
  154. package/docs/articles/monitoring-your-gateway.mdx +53 -0
  155. package/docs/articles/monorepo-deployment.mdx +350 -0
  156. package/docs/articles/multiple-auth-policies.mdx +81 -0
  157. package/docs/articles/non-standard-ports.mdx +30 -0
  158. package/docs/articles/oauth-authentication.mdx +54 -0
  159. package/docs/articles/openapi-server-urls.mdx +60 -0
  160. package/docs/articles/openapi.mdx +130 -0
  161. package/docs/articles/opentelemetry.mdx +250 -0
  162. package/docs/articles/per-user-rate-limits-using-db.mdx +112 -0
  163. package/docs/articles/performance-testing.mdx +304 -0
  164. package/docs/articles/plugin-akamai-api-security.mdx +76 -0
  165. package/docs/articles/plugin-azure-blob.mdx +73 -0
  166. package/docs/articles/plugin-azure-event-hubs.mdx +64 -0
  167. package/docs/articles/plugin-hydrolix-traffic-peak.mdx +147 -0
  168. package/docs/articles/policies.mdx +33 -0
  169. package/docs/articles/rename-or-move-project.mdx +39 -0
  170. package/docs/articles/rick-and-morty-api-developer-portal-example.mdx +23 -0
  171. package/docs/articles/routing.mdx +193 -0
  172. package/docs/articles/s3-signed-url-uploads.mdx +521 -0
  173. package/docs/articles/secure-tunnel.mdx +84 -0
  174. package/docs/articles/securing-backend-mtls.mdx +268 -0
  175. package/docs/articles/securing-your-backend.mdx +148 -0
  176. package/docs/articles/security.mdx +105 -0
  177. package/docs/articles/sharing-code-across-projects.mdx +412 -0
  178. package/docs/articles/source-control-setup-azure.mdx +13 -0
  179. package/docs/articles/source-control-setup-bitbucket.mdx +43 -0
  180. package/docs/articles/source-control-setup-github.mdx +172 -0
  181. package/docs/articles/source-control-setup-gitlab.mdx +12 -0
  182. package/docs/articles/source-control.mdx +80 -0
  183. package/docs/articles/step-1-setup-basic-gateway-local.mdx +136 -0
  184. package/docs/articles/step-1-setup-basic-gateway.mdx +118 -0
  185. package/docs/articles/step-2-add-rate-limiting-local.mdx +126 -0
  186. package/docs/articles/step-2-add-rate-limiting.mdx +82 -0
  187. package/docs/articles/step-3-add-api-key-auth-local.mdx +199 -0
  188. package/docs/articles/step-3-add-api-key-auth.mdx +166 -0
  189. package/docs/articles/step-4-deploying-to-the-edge.mdx +220 -0
  190. package/docs/articles/step-5-dynamic-rate-limiting.mdx +167 -0
  191. package/docs/articles/support.mdx +144 -0
  192. package/docs/articles/terraform.mdx +114 -0
  193. package/docs/articles/testing-graphql.mdx +34 -0
  194. package/docs/articles/testing.mdx +522 -0
  195. package/docs/articles/troubleshooting-slow-responses.mdx +301 -0
  196. package/docs/articles/troubleshooting.md +302 -0
  197. package/docs/articles/tsconfig.mdx +105 -0
  198. package/docs/articles/tunnel-setup.mdx +195 -0
  199. package/docs/articles/tunnel-troubleshooting.mdx +50 -0
  200. package/docs/articles/update-zup-in-github-action.mdx +110 -0
  201. package/docs/articles/use-openapi-extension-data.mdx +79 -0
  202. package/docs/articles/users/multifactor-authentication.mdx +64 -0
  203. package/docs/articles/users/profile.mdx +13 -0
  204. package/docs/articles/versioning-on-zuplo.mdx +89 -0
  205. package/docs/articles/waf-ddos-akamai.md +133 -0
  206. package/docs/articles/waf-ddos-aws-waf-shield.mdx +85 -0
  207. package/docs/articles/waf-ddos-fastly.mdx +251 -0
  208. package/docs/articles/waf-ddos.mdx +140 -0
  209. package/docs/articles/zuplo-waf.mdx +156 -0
  210. package/docs/ask.mdx +3 -0
  211. package/docs/cli/authentication.mdx +56 -0
  212. package/docs/cli/connectivity.mdx +38 -0
  213. package/docs/cli/create-zuplo-api.mdx +80 -0
  214. package/docs/cli/delete.mdx +79 -0
  215. package/docs/cli/deploy.mdx +156 -0
  216. package/docs/cli/deploy.partial.mdx +46 -0
  217. package/docs/cli/dev.mdx +115 -0
  218. package/docs/cli/docs.mdx +66 -0
  219. package/docs/cli/editor.mdx +50 -0
  220. package/docs/cli/global-options.mdx +19 -0
  221. package/docs/cli/init.mdx +74 -0
  222. package/docs/cli/link.mdx +74 -0
  223. package/docs/cli/list.mdx +55 -0
  224. package/docs/cli/mtls-certificate-create.mdx +94 -0
  225. package/docs/cli/mtls-certificate-delete.mdx +55 -0
  226. package/docs/cli/mtls-certificate-describe.mdx +55 -0
  227. package/docs/cli/mtls-certificate-disable.mdx +55 -0
  228. package/docs/cli/mtls-certificate-list.mdx +47 -0
  229. package/docs/cli/mtls-certificate-update.mdx +72 -0
  230. package/docs/cli/openapi-convert.mdx +111 -0
  231. package/docs/cli/openapi-merge.mdx +138 -0
  232. package/docs/cli/openapi-merge.partial.mdx +29 -0
  233. package/docs/cli/openapi-overlay.mdx +123 -0
  234. package/docs/cli/overview.mdx +78 -0
  235. package/docs/cli/project-create.mdx +43 -0
  236. package/docs/cli/source-migrate.mdx +18 -0
  237. package/docs/cli/source-upgrade.mdx +41 -0
  238. package/docs/cli/test.mdx +70 -0
  239. package/docs/cli/test.partial.mdx +7 -0
  240. package/docs/cli/tunnel-create.mdx +53 -0
  241. package/docs/cli/tunnel-create.partial.mdx +9 -0
  242. package/docs/cli/tunnel-delete.mdx +35 -0
  243. package/docs/cli/tunnel-delete.partial.mdx +9 -0
  244. package/docs/cli/tunnel-describe.mdx +45 -0
  245. package/docs/cli/tunnel-describe.partial.mdx +5 -0
  246. package/docs/cli/tunnel-list.mdx +35 -0
  247. package/docs/cli/tunnel-list.partial.mdx +9 -0
  248. package/docs/cli/tunnel-rate-token.partial.mdx +9 -0
  249. package/docs/cli/tunnel-rotate-token.mdx +39 -0
  250. package/docs/cli/tunnel-services-describe.mdx +45 -0
  251. package/docs/cli/tunnel-services-describe.partial.mdx +9 -0
  252. package/docs/cli/tunnel-services-update.mdx +48 -0
  253. package/docs/cli/variable-create.mdx +91 -0
  254. package/docs/cli/variable-create.partial.mdx +5 -0
  255. package/docs/cli/variable-update.mdx +75 -0
  256. package/docs/cli/variable-update.partial.mdx +5 -0
  257. package/docs/concepts/api-keys.md +146 -0
  258. package/docs/concepts/authentication.mdx +109 -0
  259. package/docs/concepts/how-zuplo-works.mdx +120 -0
  260. package/docs/concepts/project-structure.mdx +174 -0
  261. package/docs/concepts/rate-limiting.md +246 -0
  262. package/docs/concepts/request-lifecycle.mdx +56 -0
  263. package/docs/concepts/source-control-and-deployment.mdx +229 -0
  264. package/docs/conferences/conference-prize-terms.mdx +80 -0
  265. package/docs/dedicated/akamai/ai-powered-applications.mdx +223 -0
  266. package/docs/dedicated/akamai/architecture.mdx +280 -0
  267. package/docs/dedicated/akamai/caching.mdx +212 -0
  268. package/docs/dedicated/akamai/cdn.mdx +156 -0
  269. package/docs/dedicated/architecture.mdx +208 -0
  270. package/docs/dedicated/custom-domains.mdx +31 -0
  271. package/docs/dedicated/federated-gateways.mdx +80 -0
  272. package/docs/dedicated/networking.mdx +69 -0
  273. package/docs/dedicated/overview.mdx +80 -0
  274. package/docs/dedicated/source-control.mdx +63 -0
  275. package/docs/dev-portal/dev-portal-create-consumer-on-auth.mdx +134 -0
  276. package/docs/dev-portal/introduction.mdx +65 -0
  277. package/docs/dev-portal/local-development.mdx +72 -0
  278. package/docs/dev-portal/migration.mdx +526 -0
  279. package/docs/dev-portal/node-modules.mdx +45 -0
  280. package/docs/dev-portal/updating.mdx +28 -0
  281. package/docs/dev-portal/zudoku/components/alert.mdx +130 -0
  282. package/docs/dev-portal/zudoku/components/badge.mdx +70 -0
  283. package/docs/dev-portal/zudoku/components/button.mdx +132 -0
  284. package/docs/dev-portal/zudoku/components/callout.mdx +112 -0
  285. package/docs/dev-portal/zudoku/components/card.mdx +104 -0
  286. package/docs/dev-portal/zudoku/components/checkbox.mdx +72 -0
  287. package/docs/dev-portal/zudoku/components/client-only.mdx +79 -0
  288. package/docs/dev-portal/zudoku/components/code-tabs.mdx +179 -0
  289. package/docs/dev-portal/zudoku/components/dialog.mdx +167 -0
  290. package/docs/dev-portal/zudoku/components/head.mdx +199 -0
  291. package/docs/dev-portal/zudoku/components/icons.mdx +27 -0
  292. package/docs/dev-portal/zudoku/components/input.mdx +96 -0
  293. package/docs/dev-portal/zudoku/components/label.mdx +86 -0
  294. package/docs/dev-portal/zudoku/components/link.mdx +242 -0
  295. package/docs/dev-portal/zudoku/components/markdown.mdx +151 -0
  296. package/docs/dev-portal/zudoku/components/mermaid.mdx +81 -0
  297. package/docs/dev-portal/zudoku/components/playground.mdx +87 -0
  298. package/docs/dev-portal/zudoku/components/secret.mdx +78 -0
  299. package/docs/dev-portal/zudoku/components/select.mdx +176 -0
  300. package/docs/dev-portal/zudoku/components/shadcn.mdx +73 -0
  301. package/docs/dev-portal/zudoku/components/slider.mdx +108 -0
  302. package/docs/dev-portal/zudoku/components/slot.mdx +119 -0
  303. package/docs/dev-portal/zudoku/components/stepper.mdx +138 -0
  304. package/docs/dev-portal/zudoku/components/switch.mdx +96 -0
  305. package/docs/dev-portal/zudoku/components/syntax-highlight.mdx +602 -0
  306. package/docs/dev-portal/zudoku/components/textarea.mdx +78 -0
  307. package/docs/dev-portal/zudoku/components/tooltip.mdx +195 -0
  308. package/docs/dev-portal/zudoku/components/typography.mdx +61 -0
  309. package/docs/dev-portal/zudoku/configuration/ai-assistants.md +64 -0
  310. package/docs/dev-portal/zudoku/configuration/api-catalog.md +108 -0
  311. package/docs/dev-portal/zudoku/configuration/api-reference.md +397 -0
  312. package/docs/dev-portal/zudoku/configuration/authentication-auth0.md +173 -0
  313. package/docs/dev-portal/zudoku/configuration/authentication-azure-ad.md +238 -0
  314. package/docs/dev-portal/zudoku/configuration/authentication-clerk.md +110 -0
  315. package/docs/dev-portal/zudoku/configuration/authentication-firebase.md +61 -0
  316. package/docs/dev-portal/zudoku/configuration/authentication-pingfederate.md +136 -0
  317. package/docs/dev-portal/zudoku/configuration/authentication-supabase.md +225 -0
  318. package/docs/dev-portal/zudoku/configuration/authentication.md +199 -0
  319. package/docs/dev-portal/zudoku/configuration/build-configuration.mdx +147 -0
  320. package/docs/dev-portal/zudoku/configuration/docs.md +282 -0
  321. package/docs/dev-portal/zudoku/configuration/footer.mdx +214 -0
  322. package/docs/dev-portal/zudoku/configuration/llms.md +89 -0
  323. package/docs/dev-portal/zudoku/configuration/navigation.mdx +408 -0
  324. package/docs/dev-portal/zudoku/configuration/overview.md +380 -0
  325. package/docs/dev-portal/zudoku/configuration/protected-routes.md +149 -0
  326. package/docs/dev-portal/zudoku/configuration/search.md +169 -0
  327. package/docs/dev-portal/zudoku/configuration/sentry.mdx +44 -0
  328. package/docs/dev-portal/zudoku/configuration/site.md +124 -0
  329. package/docs/dev-portal/zudoku/configuration/slots.mdx +124 -0
  330. package/docs/dev-portal/zudoku/configuration/vite-config.md +18 -0
  331. package/docs/dev-portal/zudoku/custom-plugins.md +287 -0
  332. package/docs/dev-portal/zudoku/customization/colors-theme.mdx +275 -0
  333. package/docs/dev-portal/zudoku/customization/fonts.md +110 -0
  334. package/docs/dev-portal/zudoku/extending/events.md +124 -0
  335. package/docs/dev-portal/zudoku/guides/custom-pages.md +106 -0
  336. package/docs/dev-portal/zudoku/guides/environment-variables.md +99 -0
  337. package/docs/dev-portal/zudoku/guides/mermaid.mdx +70 -0
  338. package/docs/dev-portal/zudoku/guides/navigation-migration.md +87 -0
  339. package/docs/dev-portal/zudoku/guides/navigation-rules.mdx +197 -0
  340. package/docs/dev-portal/zudoku/guides/processors.mdx +234 -0
  341. package/docs/dev-portal/zudoku/guides/static-files.md +55 -0
  342. package/docs/dev-portal/zudoku/guides/transforming-examples.md +156 -0
  343. package/docs/dev-portal/zudoku/guides/using-multiple-apis.md +87 -0
  344. package/docs/dev-portal/zudoku/markdown/admonitions.md +128 -0
  345. package/docs/dev-portal/zudoku/markdown/code-blocks.md +196 -0
  346. package/docs/dev-portal/zudoku/markdown/frontmatter.md +172 -0
  347. package/docs/dev-portal/zudoku/markdown/mdx.md +68 -0
  348. package/docs/dev-portal/zudoku/markdown/overview.md +275 -0
  349. package/docs/dev-portal/zudoku/plugins.md +5 -0
  350. package/docs/dev-portal/zudoku/writing.mdx +72 -0
  351. package/docs/errors/bad-request.mdx +39 -0
  352. package/docs/errors/build-error.mdx +45 -0
  353. package/docs/errors/fatal-project-error.mdx +39 -0
  354. package/docs/errors/gateway-timeout.mdx +33 -0
  355. package/docs/errors/get-head-body-error.mdx +41 -0
  356. package/docs/errors/main-mod-error.mdx +40 -0
  357. package/docs/errors/no-project-set.mdx +41 -0
  358. package/docs/errors/not-found.mdx +43 -0
  359. package/docs/errors/rate-limit-exceeded.mdx +31 -0
  360. package/docs/errors/schema-validation-failed.mdx +51 -0
  361. package/docs/errors/system-configuration-error.mdx +44 -0
  362. package/docs/errors/unauthorized.mdx +50 -0
  363. package/docs/errors/unknown-error.mdx +42 -0
  364. package/docs/errors.mdx +14 -0
  365. package/docs/guides/canary-routing-for-employees.mdx +385 -0
  366. package/docs/guides/geolocation-backend-routing.mdx +404 -0
  367. package/docs/guides/modify-openapi-paths.mdx +371 -0
  368. package/docs/guides/openapi-overlays.mdx +492 -0
  369. package/docs/guides/overview.mdx +12 -0
  370. package/docs/guides/user-based-backend-routing.mdx +437 -0
  371. package/docs/handlers/aws-lambda.mdx +201 -0
  372. package/docs/handlers/custom-handler.mdx +112 -0
  373. package/docs/handlers/legacy-dev-portal-handler.mdx +135 -0
  374. package/docs/handlers/mcp-server.mdx +730 -0
  375. package/docs/handlers/openapi.mdx +78 -0
  376. package/docs/handlers/redirect.mdx +115 -0
  377. package/docs/handlers/system-handlers.mdx +41 -0
  378. package/docs/handlers/url-forward.mdx +204 -0
  379. package/docs/handlers/url-rewrite.mdx +224 -0
  380. package/docs/handlers/websocket-handler.mdx +154 -0
  381. package/docs/home.mdx +6 -0
  382. package/docs/managed-edge/overview.md +78 -0
  383. package/docs/mcp-server/configuration-migration-guide.mdx +344 -0
  384. package/docs/mcp-server/custom-tools.mdx +487 -0
  385. package/docs/mcp-server/graphql.mdx +241 -0
  386. package/docs/mcp-server/introduction.mdx +122 -0
  387. package/docs/mcp-server/openai-apps-sdk.mdx +160 -0
  388. package/docs/mcp-server/prompts.mdx +283 -0
  389. package/docs/mcp-server/resources.mdx +288 -0
  390. package/docs/mcp-server/testing.mdx +53 -0
  391. package/docs/mcp-server/tools.mdx +306 -0
  392. package/docs/policies/_index.md +92 -0
  393. package/docs/policies/ab-test-inbound/intro.md +8 -0
  394. package/docs/policies/ab-test-inbound/policy.ts +14 -0
  395. package/docs/policies/ab-test-inbound/schema.json +27 -0
  396. package/docs/policies/ab-test-outbound/intro.md +8 -0
  397. package/docs/policies/ab-test-outbound/policy.ts +26 -0
  398. package/docs/policies/ab-test-outbound/schema.json +27 -0
  399. package/docs/policies/acl-policy-inbound/intro.md +5 -0
  400. package/docs/policies/acl-policy-inbound/policy.ts +32 -0
  401. package/docs/policies/acl-policy-inbound/schema.json +52 -0
  402. package/docs/policies/akamai-ai-firewall/schema.json +98 -0
  403. package/docs/policies/amberflo-metering-inbound/doc.md +183 -0
  404. package/docs/policies/amberflo-metering-inbound/intro.md +20 -0
  405. package/docs/policies/amberflo-metering-inbound/schema.json +108 -0
  406. package/docs/policies/api-key-inbound/doc.md +77 -0
  407. package/docs/policies/api-key-inbound/intro.md +30 -0
  408. package/docs/policies/api-key-inbound/schema.json +84 -0
  409. package/docs/policies/archive-request-aws-s3-inbound/intro.md +4 -0
  410. package/docs/policies/archive-request-aws-s3-inbound/policy.ts +58 -0
  411. package/docs/policies/archive-request-aws-s3-inbound/schema.json +68 -0
  412. package/docs/policies/archive-request-azure-storage-inbound/doc.md +31 -0
  413. package/docs/policies/archive-request-azure-storage-inbound/intro.md +4 -0
  414. package/docs/policies/archive-request-azure-storage-inbound/policy.ts +54 -0
  415. package/docs/policies/archive-request-azure-storage-inbound/schema.json +53 -0
  416. package/docs/policies/archive-request-gcp-storage-inbound/doc.md +63 -0
  417. package/docs/policies/archive-request-gcp-storage-inbound/intro.md +4 -0
  418. package/docs/policies/archive-request-gcp-storage-inbound/policy.ts +68 -0
  419. package/docs/policies/archive-request-gcp-storage-inbound/schema.json +47 -0
  420. package/docs/policies/archive-response-aws-s3-outbound/intro.md +2 -0
  421. package/docs/policies/archive-response-aws-s3-outbound/policy.ts +59 -0
  422. package/docs/policies/archive-response-aws-s3-outbound/schema.json +68 -0
  423. package/docs/policies/archive-response-azure-storage-outbound/doc.md +31 -0
  424. package/docs/policies/archive-response-azure-storage-outbound/intro.md +3 -0
  425. package/docs/policies/archive-response-azure-storage-outbound/policy.ts +54 -0
  426. package/docs/policies/archive-response-azure-storage-outbound/schema.json +53 -0
  427. package/docs/policies/audit-log-inbound/doc.md +78 -0
  428. package/docs/policies/audit-log-inbound/intro.md +10 -0
  429. package/docs/policies/audit-log-inbound/schema.json +81 -0
  430. package/docs/policies/auth0-jwt-auth-inbound/doc.md +125 -0
  431. package/docs/policies/auth0-jwt-auth-inbound/intro.md +17 -0
  432. package/docs/policies/auth0-jwt-auth-inbound/schema.json +74 -0
  433. package/docs/policies/authzen-inbound/doc.md +24 -0
  434. package/docs/policies/authzen-inbound/intro.md +31 -0
  435. package/docs/policies/authzen-inbound/schema.json +126 -0
  436. package/docs/policies/axiomatics-authz-inbound/doc.md +144 -0
  437. package/docs/policies/axiomatics-authz-inbound/intro.md +11 -0
  438. package/docs/policies/axiomatics-authz-inbound/schema.json +161 -0
  439. package/docs/policies/basic-auth-inbound/intro.md +9 -0
  440. package/docs/policies/basic-auth-inbound/schema.json +99 -0
  441. package/docs/policies/bot-detection-inbound/intro.md +4 -0
  442. package/docs/policies/bot-detection-inbound/schema.json +56 -0
  443. package/docs/policies/brownout-inbound/doc.md +55 -0
  444. package/docs/policies/brownout-inbound/intro.md +12 -0
  445. package/docs/policies/brownout-inbound/schema.json +115 -0
  446. package/docs/policies/caching-inbound/doc.md +209 -0
  447. package/docs/policies/caching-inbound/intro.md +23 -0
  448. package/docs/policies/caching-inbound/schema.json +98 -0
  449. package/docs/policies/change-method-inbound/schema.json +56 -0
  450. package/docs/policies/clear-headers-inbound/schema.json +59 -0
  451. package/docs/policies/clear-headers-outbound/schema.json +59 -0
  452. package/docs/policies/clerk-jwt-auth-inbound/doc.md +85 -0
  453. package/docs/policies/clerk-jwt-auth-inbound/intro.md +4 -0
  454. package/docs/policies/clerk-jwt-auth-inbound/schema.json +68 -0
  455. package/docs/policies/cognito-jwt-auth-inbound/intro.md +7 -0
  456. package/docs/policies/cognito-jwt-auth-inbound/schema.json +74 -0
  457. package/docs/policies/comet-opik-tracing-inbound/schema.json +65 -0
  458. package/docs/policies/complex-rate-limit-inbound/doc.md +20 -0
  459. package/docs/policies/complex-rate-limit-inbound/intro.md +23 -0
  460. package/docs/policies/complex-rate-limit-inbound/schema.json +142 -0
  461. package/docs/policies/composite-inbound/doc.md +69 -0
  462. package/docs/policies/composite-inbound/intro.md +15 -0
  463. package/docs/policies/composite-inbound/schema.json +59 -0
  464. package/docs/policies/composite-outbound/intro.md +6 -0
  465. package/docs/policies/composite-outbound/schema.json +59 -0
  466. package/docs/policies/curity-phantom-token-inbound/doc.md +109 -0
  467. package/docs/policies/curity-phantom-token-inbound/intro.md +3 -0
  468. package/docs/policies/curity-phantom-token-inbound/schema.json +68 -0
  469. package/docs/policies/custom-code-inbound/doc.md +267 -0
  470. package/docs/policies/custom-code-inbound/intro.md +2 -0
  471. package/docs/policies/custom-code-inbound/schema.json +48 -0
  472. package/docs/policies/custom-code-outbound/doc.md +235 -0
  473. package/docs/policies/custom-code-outbound/intro.md +2 -0
  474. package/docs/policies/custom-code-outbound/schema.json +43 -0
  475. package/docs/policies/firebase-jwt-inbound/intro.md +6 -0
  476. package/docs/policies/firebase-jwt-inbound/schema.json +68 -0
  477. package/docs/policies/formdata-to-json-inbound/schema.json +60 -0
  478. package/docs/policies/galileo-tracing-inbound/schema.json +65 -0
  479. package/docs/policies/geo-filter-inbound/doc.md +33 -0
  480. package/docs/policies/geo-filter-inbound/schema.json +108 -0
  481. package/docs/policies/graphql-complexity-limit-inbound/doc.md +48 -0
  482. package/docs/policies/graphql-complexity-limit-inbound/intro.md +2 -0
  483. package/docs/policies/graphql-complexity-limit-inbound/schema.json +90 -0
  484. package/docs/policies/graphql-disable-introspection-inbound/doc.md +66 -0
  485. package/docs/policies/graphql-disable-introspection-inbound/intro.md +15 -0
  486. package/docs/policies/graphql-disable-introspection-inbound/schema.json +48 -0
  487. package/docs/policies/graphql-introspection-filter-outbound/doc.md +148 -0
  488. package/docs/policies/graphql-introspection-filter-outbound/schema.json +79 -0
  489. package/docs/policies/hmac-auth-inbound/doc.md +30 -0
  490. package/docs/policies/hmac-auth-inbound/intro.md +10 -0
  491. package/docs/policies/hmac-auth-inbound/policy.ts +70 -0
  492. package/docs/policies/hmac-auth-inbound/schema.json +53 -0
  493. package/docs/policies/http-deprecation-outbound/doc.md +73 -0
  494. package/docs/policies/http-deprecation-outbound/schema.json +83 -0
  495. package/docs/policies/ip-restriction-inbound/intro.md +8 -0
  496. package/docs/policies/ip-restriction-inbound/policy.ts +40 -0
  497. package/docs/policies/ip-restriction-inbound/schema.json +58 -0
  498. package/docs/policies/jwt-scopes-inbound/schema.json +59 -0
  499. package/docs/policies/ldap-auth-inbound/schema.json +56 -0
  500. package/docs/policies/mock-api-inbound/schema.json +72 -0
  501. package/docs/policies/moesif-inbound/doc.md +44 -0
  502. package/docs/policies/moesif-inbound/intro.md +6 -0
  503. package/docs/policies/moesif-inbound/schema.json +68 -0
  504. package/docs/policies/monetization-inbound/doc.md +87 -0
  505. package/docs/policies/monetization-inbound/intro.md +6 -0
  506. package/docs/policies/monetization-inbound/schema.json +102 -0
  507. package/docs/policies/mtls-auth-inbound/intro.md +6 -0
  508. package/docs/policies/mtls-auth-inbound/schema.json +68 -0
  509. package/docs/policies/okta-fga-authz-inbound/doc.md +181 -0
  510. package/docs/policies/okta-fga-authz-inbound/intro.md +20 -0
  511. package/docs/policies/okta-fga-authz-inbound/schema.json +104 -0
  512. package/docs/policies/okta-jwt-auth-inbound/intro.md +7 -0
  513. package/docs/policies/okta-jwt-auth-inbound/schema.json +74 -0
  514. package/docs/policies/open-id-jwt-auth-inbound/doc.md +58 -0
  515. package/docs/policies/open-id-jwt-auth-inbound/intro.md +30 -0
  516. package/docs/policies/open-id-jwt-auth-inbound/schema.json +128 -0
  517. package/docs/policies/openfga-authz-inbound/doc.md +207 -0
  518. package/docs/policies/openfga-authz-inbound/intro.md +17 -0
  519. package/docs/policies/openfga-authz-inbound/schema.json +191 -0
  520. package/docs/policies/openmeter-inbound/doc.md +163 -0
  521. package/docs/policies/openmeter-inbound/intro.md +18 -0
  522. package/docs/policies/openmeter-inbound/schema.json +183 -0
  523. package/docs/policies/prompt-injection-outbound/doc.md +106 -0
  524. package/docs/policies/prompt-injection-outbound/intro.md +4 -0
  525. package/docs/policies/prompt-injection-outbound/schema.json +74 -0
  526. package/docs/policies/propel-auth-jwt-inbound/doc.md +88 -0
  527. package/docs/policies/propel-auth-jwt-inbound/intro.md +4 -0
  528. package/docs/policies/propel-auth-jwt-inbound/schema.json +74 -0
  529. package/docs/policies/query-param-to-header-inbound/doc.md +70 -0
  530. package/docs/policies/query-param-to-header-inbound/intro.md +5 -0
  531. package/docs/policies/query-param-to-header-inbound/schema.json +74 -0
  532. package/docs/policies/quota-inbound/doc.md +235 -0
  533. package/docs/policies/quota-inbound/intro.md +7 -0
  534. package/docs/policies/quota-inbound/schema.json +133 -0
  535. package/docs/policies/rate-limit-inbound/doc.md +78 -0
  536. package/docs/policies/rate-limit-inbound/intro.md +30 -0
  537. package/docs/policies/rate-limit-inbound/schema.json +134 -0
  538. package/docs/policies/rbac-policy-inbound/intro.md +3 -0
  539. package/docs/policies/rbac-policy-inbound/policy.ts +42 -0
  540. package/docs/policies/rbac-policy-inbound/schema.json +52 -0
  541. package/docs/policies/readme-metrics-inbound/doc.md +1 -0
  542. package/docs/policies/readme-metrics-inbound/intro.md +3 -0
  543. package/docs/policies/readme-metrics-inbound/schema.json +84 -0
  544. package/docs/policies/remove-headers-inbound/schema.json +59 -0
  545. package/docs/policies/remove-headers-outbound/schema.json +59 -0
  546. package/docs/policies/remove-query-params-inbound/schema.json +59 -0
  547. package/docs/policies/replace-string-outbound/schema.json +69 -0
  548. package/docs/policies/request-size-limit-inbound/schema.json +60 -0
  549. package/docs/policies/request-validation-inbound/doc.md +72 -0
  550. package/docs/policies/request-validation-inbound/intro.md +24 -0
  551. package/docs/policies/request-validation-inbound/schema.json +98 -0
  552. package/docs/policies/require-origin-inbound/intro.md +12 -0
  553. package/docs/policies/require-origin-inbound/schema.json +65 -0
  554. package/docs/policies/secret-masking-outbound/doc.md +41 -0
  555. package/docs/policies/secret-masking-outbound/intro.md +13 -0
  556. package/docs/policies/secret-masking-outbound/schema.json +65 -0
  557. package/docs/policies/semantic-cache-inbound/doc.md +63 -0
  558. package/docs/policies/semantic-cache-inbound/intro.md +4 -0
  559. package/docs/policies/semantic-cache-inbound/schema.json +179 -0
  560. package/docs/policies/set-body-inbound/intro.md +7 -0
  561. package/docs/policies/set-body-inbound/schema.json +56 -0
  562. package/docs/policies/set-headers-inbound/doc.md +41 -0
  563. package/docs/policies/set-headers-inbound/intro.md +2 -0
  564. package/docs/policies/set-headers-inbound/schema.json +83 -0
  565. package/docs/policies/set-headers-outbound/schema.json +83 -0
  566. package/docs/policies/set-query-params-inbound/schema.json +83 -0
  567. package/docs/policies/set-status-outbound/schema.json +62 -0
  568. package/docs/policies/sleep-inbound/schema.json +56 -0
  569. package/docs/policies/stripe-webhook-verification-inbound/intro.md +2 -0
  570. package/docs/policies/stripe-webhook-verification-inbound/schema.json +60 -0
  571. package/docs/policies/supabase-jwt-auth-inbound/doc.md +29 -0
  572. package/docs/policies/supabase-jwt-auth-inbound/intro.md +12 -0
  573. package/docs/policies/supabase-jwt-auth-inbound/schema.json +86 -0
  574. package/docs/policies/transform-body-inbound/intro.md +8 -0
  575. package/docs/policies/transform-body-inbound/policy.ts +16 -0
  576. package/docs/policies/transform-body-inbound/schema.json +27 -0
  577. package/docs/policies/transform-body-outbound/intro.md +8 -0
  578. package/docs/policies/transform-body-outbound/policy.ts +19 -0
  579. package/docs/policies/transform-body-outbound/schema.json +27 -0
  580. package/docs/policies/upstream-azure-ad-service-auth-inbound/doc.md +82 -0
  581. package/docs/policies/upstream-azure-ad-service-auth-inbound/intro.md +20 -0
  582. package/docs/policies/upstream-azure-ad-service-auth-inbound/schema.json +84 -0
  583. package/docs/policies/upstream-firebase-admin-auth-inbound/intro.md +10 -0
  584. package/docs/policies/upstream-firebase-admin-auth-inbound/schema.json +68 -0
  585. package/docs/policies/upstream-firebase-user-auth-inbound/intro.md +2 -0
  586. package/docs/policies/upstream-firebase-user-auth-inbound/schema.json +113 -0
  587. package/docs/policies/upstream-gcp-federated-auth-inbound/doc.md +139 -0
  588. package/docs/policies/upstream-gcp-federated-auth-inbound/intro.md +21 -0
  589. package/docs/policies/upstream-gcp-federated-auth-inbound/schema.json +96 -0
  590. package/docs/policies/upstream-gcp-jwt-inbound/intro.md +10 -0
  591. package/docs/policies/upstream-gcp-jwt-inbound/schema.json +62 -0
  592. package/docs/policies/upstream-gcp-service-auth-inbound/doc.md +132 -0
  593. package/docs/policies/upstream-gcp-service-auth-inbound/intro.md +25 -0
  594. package/docs/policies/upstream-gcp-service-auth-inbound/schema.json +95 -0
  595. package/docs/policies/upstream-zuplo-jwt-auth-inbound/doc.md +213 -0
  596. package/docs/policies/upstream-zuplo-jwt-auth-inbound/intro.md +16 -0
  597. package/docs/policies/upstream-zuplo-jwt-auth-inbound/schema.json +101 -0
  598. package/docs/policies/validate-json-schema-inbound/doc.md +129 -0
  599. package/docs/policies/validate-json-schema-inbound/intro.md +7 -0
  600. package/docs/policies/validate-json-schema-inbound/schema.json +56 -0
  601. package/docs/policies/web-bot-auth-inbound/doc.md +104 -0
  602. package/docs/policies/web-bot-auth-inbound/intro.md +16 -0
  603. package/docs/policies/web-bot-auth-inbound/schema.json +76 -0
  604. package/docs/policies/xml-to-json-outbound/doc.md +71 -0
  605. package/docs/policies/xml-to-json-outbound/intro.md +4 -0
  606. package/docs/policies/xml-to-json-outbound/schema.json +117 -0
  607. package/docs/programmable-api/audit-log.mdx +74 -0
  608. package/docs/programmable-api/background-dispatcher.mdx +124 -0
  609. package/docs/programmable-api/background-loader.mdx +104 -0
  610. package/docs/programmable-api/cache.mdx +186 -0
  611. package/docs/programmable-api/compatibility-dates.mdx +201 -0
  612. package/docs/programmable-api/console-logging.mdx +48 -0
  613. package/docs/programmable-api/context-data.mdx +127 -0
  614. package/docs/programmable-api/custom-cors-policy.mdx +64 -0
  615. package/docs/programmable-api/environment.mdx +328 -0
  616. package/docs/programmable-api/hooks.mdx +569 -0
  617. package/docs/programmable-api/http-problems.mdx +385 -0
  618. package/docs/programmable-api/jwt-service-plugin.mdx +420 -0
  619. package/docs/programmable-api/logger.mdx +223 -0
  620. package/docs/programmable-api/memory-zone-read-through-cache.mdx +96 -0
  621. package/docs/programmable-api/node-modules.mdx +67 -0
  622. package/docs/programmable-api/not-found-handler.mdx +47 -0
  623. package/docs/programmable-api/oauth-protected-resource-plugin.mdx +46 -0
  624. package/docs/programmable-api/overview.mdx +213 -0
  625. package/docs/programmable-api/problem-response-formatter.mdx +183 -0
  626. package/docs/programmable-api/request-user.mdx +289 -0
  627. package/docs/programmable-api/reusing-code.mdx +26 -0
  628. package/docs/programmable-api/route-raw.mdx +55 -0
  629. package/docs/programmable-api/runtime-behaviors.mdx +25 -0
  630. package/docs/programmable-api/runtime-errors.mdx +246 -0
  631. package/docs/programmable-api/runtime-extensions.mdx +340 -0
  632. package/docs/programmable-api/safely-clone-a-request-or-response.mdx +57 -0
  633. package/docs/programmable-api/streaming-zone-cache.mdx +155 -0
  634. package/docs/programmable-api/web-crypto-apis.mdx +219 -0
  635. package/docs/programmable-api/web-standard-apis.mdx +109 -0
  636. package/docs/programmable-api/zone-cache.mdx +131 -0
  637. package/docs/programmable-api/zp-body-removed.mdx +32 -0
  638. package/docs/programmable-api/zuplo-context.mdx +414 -0
  639. package/docs/programmable-api/zuplo-id-token.mdx +90 -0
  640. package/docs/programmable-api/zuplo-json.mdx +91 -0
  641. package/docs/programmable-api/zuplo-request.mdx +200 -0
  642. package/docs/sample-apis.mdx +78 -0
  643. package/docs/self-hosted/overview.md +60 -0
  644. package/package.json +6 -5
@@ -0,0 +1,414 @@
1
+ ---
2
+ title: ZuploContext
3
+ ---
4
+
5
+ The `ZuploContext` object provides information about the current request and
6
+ runtime environment. It's passed as the second parameter to request handlers and
7
+ policies.
8
+
9
+ ```ts
10
+ import { ZuploContext, ZuploRequest } from "@zuplo/runtime";
11
+
12
+ export default async function (request: ZuploRequest, context: ZuploContext) {
13
+ // Access context properties and methods
14
+ context.log.info(`Processing request ${context.requestId}`);
15
+ return new Response("Hello World");
16
+ }
17
+ ```
18
+
19
+ ## Properties
20
+
21
+ ### `contextId`
22
+
23
+ A unique identifier for the current execution context. This is different from
24
+ `requestId` and is useful for correlating multiple operations within the same
25
+ execution.
26
+
27
+ ```ts
28
+ const executionId = context.contextId;
29
+ context.log.info(`Execution context: ${executionId}`);
30
+ ```
31
+
32
+ ### `custom`
33
+
34
+ A mutable object that can be used to store custom data during request
35
+ processing. This is useful for passing data between policies and handlers.
36
+
37
+ ```ts
38
+ // In a policy
39
+ context.custom.userId = "user-123";
40
+ context.custom.permissions = ["read", "write"];
41
+ context.custom.startTime = Date.now();
42
+
43
+ // In a handler
44
+ const userId = context.custom.userId;
45
+ const permissions = context.custom.permissions;
46
+ const elapsed = Date.now() - context.custom.startTime;
47
+ ```
48
+
49
+ ### `incomingRequestProperties`
50
+
51
+ Information about the incoming request such as geolocation data. This is a
52
+ read-only object with the following properties:
53
+
54
+ - `asn` - ASN of the incoming request, for example, 395747.
55
+ - `asOrganization` - The organization which owns the ASN of the incoming
56
+ request, for example, Google Cloud.
57
+ - `city` - City of the incoming request, for example, "Austin".
58
+ - `continent` - Continent of the incoming request, for example, "NA".
59
+ - `country` - The
60
+ [two-letter country code](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) in
61
+ the request.
62
+ - `latitude` - Latitude of the incoming request, for example, "30.27130".
63
+ - `longitude` - Longitude of the incoming request, for example, "-97.74260".
64
+ - `colo` - The three-letter
65
+ [IATA airport code](https://en.wikipedia.org/wiki/IATA_airport_code) of the
66
+ data center that the request hit, for example, "DFW".
67
+ - `postalCode` - Postal code of the incoming request, for example, "78701".
68
+ - `httpProtocol` - The HTTP protocol of the incoming request.
69
+ - `metroCode` - Metro code (DMA) of the incoming request, for example, "635".
70
+ - `region` - If known, the
71
+ [ISO 3166-2](https://en.wikipedia.org/wiki/ISO_3166-2) name for the first
72
+ level region associated with the IP address of the incoming request, for
73
+ example, "Texas".
74
+ - `regionCode` - If known, the
75
+ [ISO 3166-2](https://en.wikipedia.org/wiki/ISO_3166-2) code for the
76
+ first-level region associated with the IP address of the incoming request, for
77
+ example, "TX".
78
+ - `timezone` - Timezone of the incoming request, for example, "America/Chicago".
79
+
80
+ ```ts
81
+ const geo = context.incomingRequestProperties;
82
+ context.log.info({
83
+ city: geo.city,
84
+ country: geo.country,
85
+ coordinates: `${geo.latitude},${geo.longitude}`,
86
+ });
87
+ ```
88
+
89
+ ### `log`
90
+
91
+ A logger instance for debugging and monitoring. Logs appear in your log tail in
92
+ the portal and in your integrated log solution (for example Datadog).
93
+ Pre-production environments are typically set to **Info** log level, while
94
+ production is set to **Error**.
95
+
96
+ :::tip
97
+
98
+ As an alternative to using the `log` property, you can also use `console.log`,
99
+ `console.error`, etc. to log messages. See the
100
+ [documentation](./console-logging.mdx) for more details.
101
+
102
+ :::
103
+
104
+ ```ts
105
+ context.log.debug({ some: "debug-info" });
106
+ context.log.info("info level stuff");
107
+ context.log.warn(["a", "warning"]);
108
+ context.log.error({ Oh: "my!" });
109
+ ```
110
+
111
+ ### `parentContext`
112
+
113
+ Reference to the parent context when using `invokeRoute`. This property is
114
+ `undefined` for the initial request context. This is useful for detecting
115
+ sub-requests and accessing parent context data.
116
+
117
+ ```ts
118
+ if (context.parentContext) {
119
+ context.log.info("This is a sub-request");
120
+ const parentRequestId = context.parentContext.requestId;
121
+ context.log.info(`Parent request: ${parentRequestId}`);
122
+ }
123
+ ```
124
+
125
+ ### `requestId`
126
+
127
+ A UUID for every request. This is used in logging and can be handy to tie events
128
+ together. The `requestId` is automatically logged with every use of the logger.
129
+ The request ID is also included in the `zp-rid` header of the responses from
130
+ your API for diagnostic and tracing purposes.
131
+
132
+ ```ts
133
+ context.log.info(`Processing request ${context.requestId}`);
134
+ ```
135
+
136
+ ### `route`
137
+
138
+ A read-only pointer to the configuration for the matched route. Includes the
139
+ label, path, methods supported, name of the version, and names of policies. This
140
+ type is immutable - the routing table can't be updated at runtime.
141
+
142
+ ```ts
143
+ const routePath = context.route.path;
144
+ const methods = context.route.methods;
145
+ const version = context.route.version;
146
+
147
+ context.log.info({
148
+ route: routePath,
149
+ methods: methods.join(", "),
150
+ version: version,
151
+ });
152
+ ```
153
+
154
+ ## Methods
155
+
156
+ ### `addResponseSendingHook`
157
+
158
+ Adds a hook that executes before a response is sent to the client. This hook can
159
+ modify the response before it's sent. Multiple hooks can be added and they
160
+ execute in the order they were added.
161
+
162
+ ```ts
163
+ addResponseSendingHook(
164
+ hook: (response: Response, request: Request, context: ZuploContext) => Response | Promise<Response>
165
+ ): void
166
+ ```
167
+
168
+ See [Request/Response Hooks](./hooks.mdx#hook-onresponsesending) for detailed
169
+ examples and usage patterns.
170
+
171
+ ### `addResponseSendingFinalHook`
172
+
173
+ Adds a hook that executes after all other response processing is complete but
174
+ before the response is sent. Unlike `addResponseSendingHook`, this hook can't
175
+ modify the response - it's for monitoring and logging purposes only.
176
+
177
+ ```ts
178
+ addResponseSendingFinalHook(
179
+ hook: (response: Response, request: Request, context: ZuploContext) => void | Promise<void>
180
+ ): void
181
+ ```
182
+
183
+ See [Request/Response Hooks](./hooks.mdx#hook-onresponsesendingfinal) for
184
+ detailed examples and usage patterns.
185
+
186
+ ### `invokeInboundPolicy`
187
+
188
+ Programmatically executes an inbound policy from your policy library. This is
189
+ useful for conditionally executing policies based on request attributes.
190
+
191
+ ```ts
192
+ import { ZuploContext, ZuploRequest } from "@zuplo/runtime";
193
+
194
+ export default async function (request: ZuploRequest, context: ZuploContext) {
195
+ // Conditionally apply rate limiting
196
+ if (request.user.data.isFreeUser) {
197
+ const result = await context.invokeInboundPolicy(
198
+ "rate-limit-policy",
199
+ request,
200
+ );
201
+ if (result instanceof Response) {
202
+ return result; // Rate limit exceeded
203
+ }
204
+ request = result; // Use the new request object
205
+ }
206
+
207
+ // Continue processing
208
+ return fetch(request);
209
+ }
210
+ ```
211
+
212
+ **Important Notes:**
213
+
214
+ - The method returns either a `Request` or `Response` object
215
+ - A `Response` indicates the policy wants to short-circuit and stop processing
216
+ - A `Request` is typically a new request object created by the policy
217
+ - The original request becomes locked after invoking a policy
218
+
219
+ ```ts
220
+ const result = await context.invokeInboundPolicy("my-policy", request);
221
+
222
+ if (result instanceof Response) {
223
+ // Policy terminated the request chain
224
+ context.log.warn(`Policy returned status: ${result.status}`);
225
+ return result;
226
+ }
227
+
228
+ // Continue with the new request object
229
+ return fetch(result);
230
+ ```
231
+
232
+ ### `invokeOutboundPolicy`
233
+
234
+ Programmatically executes an outbound policy from your policy library. Outbound
235
+ policies process responses before they're sent to the client.
236
+
237
+ ```ts
238
+ export default async function (request: ZuploRequest, context: ZuploContext) {
239
+ // Make the upstream request
240
+ const response = await fetch(request);
241
+
242
+ // Conditionally apply response transformation
243
+ if (response.headers.get("content-type")?.includes("application/json")) {
244
+ return context.invokeOutboundPolicy(
245
+ "json-transform-policy",
246
+ response,
247
+ request,
248
+ );
249
+ }
250
+
251
+ // Apply caching policy for successful responses
252
+ if (response.ok) {
253
+ return context.invokeOutboundPolicy("cache-policy", response, request);
254
+ }
255
+
256
+ return response;
257
+ }
258
+ ```
259
+
260
+ ### `invokeRoute`
261
+
262
+ Invokes another route within the same API gateway. This enables internal routing
263
+ and composition of multiple routes. The invoked route runs with a new context
264
+ that has `parentContext` set to the current context.
265
+
266
+ ```ts
267
+ export default async function (request: ZuploRequest, context: ZuploContext) {
268
+ // First, validate the request using an internal route
269
+ const validationResponse = await context.invokeRoute("/internal/validate", {
270
+ method: "POST",
271
+ body: JSON.stringify({
272
+ userId: request.user?.sub,
273
+ resource: request.params.resourceId,
274
+ action: "read",
275
+ }),
276
+ headers: {
277
+ "Content-Type": "application/json",
278
+ },
279
+ });
280
+
281
+ if (!validationResponse.ok) {
282
+ return new Response("Access denied", { status: 403 });
283
+ }
284
+
285
+ // Then fetch user preferences from another internal route
286
+ const prefsResponse = await context.invokeRoute(
287
+ `/internal/users/${request.user?.sub}/preferences`,
288
+ );
289
+ const preferences = await prefsResponse.json();
290
+
291
+ // Continue with main processing using the preferences
292
+ const response = await fetch(request);
293
+
294
+ // Apply preferences to response
295
+ if (preferences.format === "xml") {
296
+ return context.invokeOutboundPolicy("json-to-xml", response, request);
297
+ }
298
+
299
+ return response;
300
+ }
301
+ ```
302
+
303
+ ### `waitUntil`
304
+
305
+ Notifies the runtime to keep the process alive until the provided promise
306
+ resolves. This is essential for asynchronous work that continues after sending a
307
+ response, such as logging, analytics, or cleanup tasks.
308
+
309
+ ```ts
310
+ export default async function (request: ZuploRequest, context: ZuploContext) {
311
+ const startTime = Date.now();
312
+ const response = await fetch(request);
313
+
314
+ // Asynchronous work that continues after response
315
+ const asyncWork = async () => {
316
+ try {
317
+ // Log to external service
318
+ await fetch("https://analytics.example.com/api/track", {
319
+ method: "POST",
320
+ headers: {
321
+ "Content-Type": "application/json",
322
+ Authorization: `Bearer ${context.secrets.ANALYTICS_API_KEY}`,
323
+ },
324
+ body: JSON.stringify({
325
+ event: "api_call",
326
+ properties: {
327
+ path: request.url,
328
+ method: request.method,
329
+ status: response.status,
330
+ duration: Date.now() - startTime,
331
+ country: context.incomingRequestProperties.country,
332
+ userId: request.user?.sub,
333
+ },
334
+ timestamp: new Date().toISOString(),
335
+ }),
336
+ });
337
+ } catch (error) {
338
+ context.log.error("Failed to send analytics", error);
339
+ }
340
+ };
341
+
342
+ // Tell runtime to wait for async work to complete
343
+ context.waitUntil(asyncWork());
344
+
345
+ return response;
346
+ }
347
+ ```
348
+
349
+ ## Common Patterns
350
+
351
+ ### Request Timing
352
+
353
+ ```ts
354
+ export default async function (request: ZuploRequest, context: ZuploContext) {
355
+ // Store start time
356
+ context.custom.startTime = Date.now();
357
+
358
+ // Add response hook to measure duration
359
+ context.addResponseSendingHook(async (response) => {
360
+ const duration = Date.now() - context.custom.startTime;
361
+ response.headers.set("X-Response-Time", `${duration}ms`);
362
+ return response;
363
+ });
364
+
365
+ return fetch(request);
366
+ }
367
+ ```
368
+
369
+ For more hook examples, see [Request/Response Hooks](./hooks.mdx).
370
+
371
+ ### Conditional Policy Execution
372
+
373
+ ```ts
374
+ export default async function (request: ZuploRequest, context: ZuploContext) {
375
+ // Apply different policies based on user type
376
+ if (request.user?.type === "internal") {
377
+ // Skip rate limiting for internal users
378
+ return fetch(request);
379
+ }
380
+
381
+ // Apply rate limiting for external users
382
+ const rateLimitResult = await context.invokeInboundPolicy(
383
+ "rate-limit",
384
+ request,
385
+ );
386
+ if (rateLimitResult instanceof Response) {
387
+ return rateLimitResult;
388
+ }
389
+
390
+ // Apply additional security for untrusted users
391
+ if (!request.user?.verified) {
392
+ const securityResult = await context.invokeInboundPolicy(
393
+ "enhanced-security",
394
+ rateLimitResult,
395
+ );
396
+ if (securityResult instanceof Response) {
397
+ return securityResult;
398
+ }
399
+ request = securityResult;
400
+ }
401
+
402
+ return fetch(request);
403
+ }
404
+ ```
405
+
406
+ ## See Also
407
+
408
+ - [Request/Response Hooks](./hooks.mdx) - Detailed guide on using hooks
409
+ - [Custom Request Handlers](../handlers/custom-handler.mdx) - Building custom
410
+ handlers
411
+ - [Policies Overview](../articles/policies.mdx) - Understanding policies
412
+ - [Logger](./logger.mdx) - Detailed logging API documentation
413
+ - [Request User](./request-user.mdx) - Working with authenticated users
414
+ - [Routing](../articles/routing.mdx) - How routing works in Zuplo
@@ -0,0 +1,90 @@
1
+ ---
2
+ title: Zuplo Identity Token
3
+ ---
4
+
5
+ <EnterpriseFeature name="Zuplo Identity Token" />
6
+
7
+ Each deployment of Zuplo is issued a unique OAuth client identity. This identity
8
+ can be used to create ID Tokens that can be used to securely identify requests
9
+ from your Zuplo API that are made to outside services. This token can also be
10
+ used for purposes such as Identity Federation to securely call APIs in other
11
+ Cloud Services like GCP or AWS.
12
+
13
+ To create a Zuplo Identity Token simply run the following code from within a
14
+ policy, handler, or module in your Zuplo API.
15
+
16
+ ```ts
17
+ import { ZuploServices, ZuploContext, ZuploRequest } from "@zuplo/runtime";
18
+
19
+ export default async function handler(
20
+ request: ZuploRequest,
21
+ context: ZuploContext,
22
+ ) {
23
+ const idToken = await ZuploServices.getIDToken(context, {
24
+ audience: "https://my-api.example.com",
25
+ });
26
+ }
27
+ ```
28
+
29
+ The `audience` argument is optional, but typically this is set to a value
30
+ identifying the service you are calling.
31
+
32
+ The issued JWT token contains the following claims.
33
+
34
+ | Claim | Example Value | Description |
35
+ | ------------------ | -------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- |
36
+ | `alg` | `RS256` | The signing algorithm. Always `RS256` |
37
+ | `kid` | `atky_8gLGDfmHkNEZNvy7PDnmr2gF` | The signing key used to generate the JWT |
38
+ | `account` | `my-account` | The name of your Zuplo account |
39
+ | `project` | `my-project` | The name of your Zuplo project |
40
+ | `deployment` | `copper-bedbug-main-53c4947` | The name of your Zuplo deployment. Each environment will have its own name (for example, production, preview branch `test`, etc. will all be different.). |
41
+ | `environment_type` | `production` | The type of environment this deployment is. Values can be `production`, `preview`, or `development` |
42
+ | `iss` | `https://dev.zuplo.com/v1/client-auth/auth_o8PUdhKxSTOiB794GWPwLQCD` | This is the issuer URL of the Zuplo identity provider. This value will always be the same. |
43
+ | `sub` | `atcl_8GLgIDYRw38Jqg0tHR8tiZfh` | The unique identity of the OAuth Client. This can be used to uniquely identify your deployment. |
44
+ | `iat` | `1720470928` | The epoch time the token was issued. |
45
+ | `exp` | `1720506928` | The epoch time the token expires. The default expiration for Zuplo Identity Tokens is 10 hours. |
46
+
47
+ ## Securing Your Backend
48
+
49
+ The Zuplo ID Token can be used as a means of securing your backend API so that
50
+ only Zuplo can call the API. This can be done by restricting the incoming
51
+ requests using a standard OAuth middleware on your API. For example, if you were
52
+ using Fastify on your backend, you could use the
53
+ [Fastify JWT Middleware](https://github.com/fastify/fastify-jwt) using the
54
+ [JWKS verification method](https://github.com/fastify/fastify-jwt?tab=readme-ov-file#verifying-with-jwks)
55
+ and checking the `account`, `project`, or other claims.
56
+
57
+ ## Verifying the Token Using a Library
58
+
59
+ To verify the JWT token on your own service, you can use any standard JWT
60
+ library. The verification method will use the JWKS hosted at
61
+ `https://dev.zuplo.com/v1/client-auth/auth_o8PUdhKxSTOiB794GWPwLQCD/.well-known/jwks.json`.
62
+ You can also use OAuth tools that handle automatic discovery.
63
+
64
+ Below is an example of how to verify the token using the
65
+ [`jose`](https://www.npmjs.com/package/jose) JavaScript library.
66
+
67
+ ```ts
68
+ import jose from "jose";
69
+
70
+ // Create the Remote JWK set
71
+ const JWKS = jose.createRemoteJWKSet(
72
+ new URL(
73
+ "https://dev.zuplo.com/v1/client-auth/auth_o8PUdhKxSTOiB794GWPwLQCD/.well-known/jwks.json",
74
+ ),
75
+ );
76
+
77
+ // Verify the token
78
+ const { payload, protectedHeader } = await jose.jwtVerify(jwt, JWKS, {
79
+ issuer: "https://dev.zuplo.com/v1/client-auth/auth_o8PUdhKxSTOiB794GWPwLQCD",
80
+ audience: "https://my-api.example.com",
81
+ });
82
+
83
+ // Verify the token is from your account/project/etc.
84
+ if (
85
+ payload["account"] !== "my-account" ||
86
+ payload["project"] !== "my-project"
87
+ ) {
88
+ throw new Error("Not my account or project");
89
+ }
90
+ ```
@@ -0,0 +1,91 @@
1
+ ---
2
+ title: Zuplo Project Configuration (zuplo.jsonc)
3
+ sidebar_label: Project Configuration
4
+ ---
5
+
6
+ Certain project-level settings can be configured using the `zuplo.jsonc` file at
7
+ the root of a project. The `zuplo.jsonc` file is created by default for new
8
+ projects and contains the default configuration.
9
+
10
+ The default `zuplo.jsonc` file is shown below. The only current valid `version`
11
+ of the file is `1`.
12
+
13
+ ```jsonc
14
+ {
15
+ "version": 1,
16
+ "compatibilityDate": "2025-02-06",
17
+ "projectType": "managed-edge",
18
+ }
19
+ ```
20
+
21
+ :::warning
22
+
23
+ The `zuplo.jsonc` file isn't currently shown or editable in the Zuplo portal.
24
+ Connect your project to source control and edit inside your source control
25
+ provider or by pushing a local change with git. If your project doesn't have a
26
+ `zuplo.jsonc` it can be added using source control
27
+
28
+ :::
29
+
30
+ ## `compatibilityDate`
31
+
32
+ The `compatibilityDate` field in the `zuplo.jsonc` file allows you to lock in
33
+ the behavior of the runtime environment for your project. This is useful if you
34
+ want to ensure that your project continues to build, deploy and operate as you
35
+ expect it to.
36
+
37
+ Refer to the [documentation](./compatibility-dates.mdx) for compatibility dates
38
+ and their changes.
39
+
40
+ ```jsonc
41
+ {
42
+ "version": 1,
43
+ "compatibilityDate": "2025-02-06",
44
+ }
45
+ ```
46
+
47
+ ## `projectType`
48
+
49
+ The `projectType` field in the `zuplo.jsonc` file allows you to specify the type
50
+ of your project. This value should be set to match the
51
+ [hosting environment](../articles/hosting-options.mdx) the project will be
52
+ deployed. This configuration defaults to `managed-edge`.
53
+
54
+ - `managed-edge`: (default) Projects that are deployed to Zuplo's managed edge
55
+ environment.
56
+ - `managed-dedicated`: Projects that are deployed to your managed dedicated
57
+ environment.
58
+ - `self-hosted`: Projects that are deployed to your own infrastructure.
59
+
60
+ ```jsonc
61
+ {
62
+ "version": 1,
63
+ "projectType": "managed-edge",
64
+ }
65
+ ```
66
+
67
+ ## `allowDuplicateRoutes`
68
+
69
+ Allow duplicate routes (same method and path) to be defined. This isn't
70
+ recommended as it can lead to unexpected behavior. This configuration defaults
71
+ to `false`.
72
+
73
+ ```jsonc
74
+ {
75
+ "version": 1,
76
+ "allowDuplicateRoutes": true,
77
+ }
78
+ ```
79
+
80
+ ## `allowHostHeaderOverride`
81
+
82
+ Allow the Host header to be overridden by the client. This configuration
83
+ defaults to `false`. This is only supported in managed dedicated environments.
84
+ Only enable this setting if you understand the implications.
85
+
86
+ ```jsonc
87
+ {
88
+ "version": 1,
89
+ "allowHostHeaderOverride": true,
90
+ }
91
+ ```