zuplo 6.67.32 → 6.68.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (644) hide show
  1. package/README.md +9 -0
  2. package/docs/_index.md +44 -0
  3. package/docs/ai-gateway/apps.mdx +28 -0
  4. package/docs/ai-gateway/custom-providers.mdx +54 -0
  5. package/docs/ai-gateway/getting-started.mdx +224 -0
  6. package/docs/ai-gateway/guardrails.mdx +65 -0
  7. package/docs/ai-gateway/integrations/ai-sdk.mdx +109 -0
  8. package/docs/ai-gateway/integrations/claude-code.mdx +49 -0
  9. package/docs/ai-gateway/integrations/codex.mdx +78 -0
  10. package/docs/ai-gateway/integrations/goose.mdx +104 -0
  11. package/docs/ai-gateway/integrations/langchain.mdx +66 -0
  12. package/docs/ai-gateway/integrations/openai.mdx +99 -0
  13. package/docs/ai-gateway/introduction.mdx +85 -0
  14. package/docs/ai-gateway/managing-apps.mdx +46 -0
  15. package/docs/ai-gateway/managing-providers.mdx +66 -0
  16. package/docs/ai-gateway/managing-teams.mdx +63 -0
  17. package/docs/ai-gateway/policies/akamai-ai-firewall.mdx +125 -0
  18. package/docs/ai-gateway/policies/comet-opik-tracing.mdx +139 -0
  19. package/docs/ai-gateway/policies/galileo-tracing.mdx +147 -0
  20. package/docs/ai-gateway/providers.mdx +32 -0
  21. package/docs/ai-gateway/teams.mdx +38 -0
  22. package/docs/ai-gateway/universal-api.mdx +43 -0
  23. package/docs/ai-gateway/usage-limits.mdx +89 -0
  24. package/docs/api-management/introduction.md +127 -0
  25. package/docs/articles/accounts/audit-logs.mdx +227 -0
  26. package/docs/articles/accounts/billing.mdx +25 -0
  27. package/docs/articles/accounts/default-api-key.mdx +30 -0
  28. package/docs/articles/accounts/delete-account.mdx +36 -0
  29. package/docs/articles/accounts/enterprise-sso.mdx +116 -0
  30. package/docs/articles/accounts/managing-account-members.mdx +45 -0
  31. package/docs/articles/accounts/managing-project-members.mdx +37 -0
  32. package/docs/articles/accounts/members-and-roles.mdx +21 -0
  33. package/docs/articles/accounts/roles-and-permissions.mdx +115 -0
  34. package/docs/articles/accounts/zuplo-api-keys.mdx +94 -0
  35. package/docs/articles/add-api-to-backstage.mdx +216 -0
  36. package/docs/articles/advanced-path-matching.mdx +139 -0
  37. package/docs/articles/api-key-administration.mdx +47 -0
  38. package/docs/articles/api-key-api.mdx +220 -0
  39. package/docs/articles/api-key-authentication.mdx +195 -0
  40. package/docs/articles/api-key-buckets.mdx +61 -0
  41. package/docs/articles/api-key-end-users.mdx +52 -0
  42. package/docs/articles/api-key-leak-detection.mdx +75 -0
  43. package/docs/articles/api-key-management.mdx +100 -0
  44. package/docs/articles/api-key-react-component.mdx +90 -0
  45. package/docs/articles/api-key-service-limits.mdx +14 -0
  46. package/docs/articles/archiving-requests-to-storage.mdx +119 -0
  47. package/docs/articles/branch-based-deployments.mdx +184 -0
  48. package/docs/articles/bypass-policy-for-testing.mdx +117 -0
  49. package/docs/articles/check-ip-address.mdx +17 -0
  50. package/docs/articles/ci-cd-azure/basic-deployment.mdx +49 -0
  51. package/docs/articles/ci-cd-azure/deploy-and-test.mdx +47 -0
  52. package/docs/articles/ci-cd-azure/local-testing.mdx +59 -0
  53. package/docs/articles/ci-cd-azure/multi-stage-deployment.mdx +88 -0
  54. package/docs/articles/ci-cd-azure/pr-preview-environments.mdx +50 -0
  55. package/docs/articles/ci-cd-azure/tag-based-releases.mdx +37 -0
  56. package/docs/articles/ci-cd-bitbucket/basic-deployment.mdx +27 -0
  57. package/docs/articles/ci-cd-bitbucket/deploy-and-test.mdx +41 -0
  58. package/docs/articles/ci-cd-bitbucket/local-testing.mdx +34 -0
  59. package/docs/articles/ci-cd-bitbucket/multi-stage-deployment.mdx +52 -0
  60. package/docs/articles/ci-cd-bitbucket/pr-preview-environments.mdx +46 -0
  61. package/docs/articles/ci-cd-bitbucket/tag-based-releases.mdx +27 -0
  62. package/docs/articles/ci-cd-circleci/basic-deployment.mdx +34 -0
  63. package/docs/articles/ci-cd-circleci/deploy-and-test.mdx +44 -0
  64. package/docs/articles/ci-cd-circleci/local-testing.mdx +50 -0
  65. package/docs/articles/ci-cd-circleci/multi-stage-deployment.mdx +82 -0
  66. package/docs/articles/ci-cd-circleci/pr-preview-environments.mdx +47 -0
  67. package/docs/articles/ci-cd-circleci/tag-based-releases.mdx +38 -0
  68. package/docs/articles/ci-cd-github/basic-deployment.mdx +48 -0
  69. package/docs/articles/ci-cd-github/cleanup-on-branch-delete.mdx +123 -0
  70. package/docs/articles/ci-cd-github/deploy-and-test.mdx +82 -0
  71. package/docs/articles/ci-cd-github/local-testing.mdx +102 -0
  72. package/docs/articles/ci-cd-github/multi-stage-deployment.mdx +136 -0
  73. package/docs/articles/ci-cd-github/pr-preview-environments.mdx +106 -0
  74. package/docs/articles/ci-cd-github/tag-based-releases.mdx +99 -0
  75. package/docs/articles/ci-cd-gitlab/basic-deployment.mdx +28 -0
  76. package/docs/articles/ci-cd-gitlab/deploy-and-test.mdx +44 -0
  77. package/docs/articles/ci-cd-gitlab/local-testing.mdx +39 -0
  78. package/docs/articles/ci-cd-gitlab/mr-preview-environments.mdx +52 -0
  79. package/docs/articles/ci-cd-gitlab/multi-stage-deployment.mdx +64 -0
  80. package/docs/articles/ci-cd-gitlab/tag-based-releases.mdx +28 -0
  81. package/docs/articles/composite-policy-reference.mdx +284 -0
  82. package/docs/articles/configuring-auth0-for-mcp-auth.mdx +186 -0
  83. package/docs/articles/configuring-okta-for-mcp-auth.mdx +208 -0
  84. package/docs/articles/convert-urls-to-openapi.mdx +62 -0
  85. package/docs/articles/cors.mdx +447 -0
  86. package/docs/articles/custom-audit-log-policy.mdx +95 -0
  87. package/docs/articles/custom-ci-cd-azure.mdx +81 -0
  88. package/docs/articles/custom-ci-cd-bitbucket.mdx +80 -0
  89. package/docs/articles/custom-ci-cd-circleci.mdx +78 -0
  90. package/docs/articles/custom-ci-cd-github.mdx +99 -0
  91. package/docs/articles/custom-ci-cd-gitlab.mdx +79 -0
  92. package/docs/articles/custom-ci-cd.mdx +82 -0
  93. package/docs/articles/custom-code-patterns.md +418 -0
  94. package/docs/articles/custom-domains.mdx +258 -0
  95. package/docs/articles/custom-logging-example.mdx +139 -0
  96. package/docs/articles/ddos-protection.mdx +138 -0
  97. package/docs/articles/development-options.mdx +49 -0
  98. package/docs/articles/environment-variables.mdx +134 -0
  99. package/docs/articles/environments.mdx +143 -0
  100. package/docs/articles/fastly-zuplo-host-setup.mdx +41 -0
  101. package/docs/articles/github-deployment-testing.mdx +101 -0
  102. package/docs/articles/gke-with-upstream-auth-policy.mdx +192 -0
  103. package/docs/articles/graphql-security.mdx +180 -0
  104. package/docs/articles/handling-form-data.mdx +61 -0
  105. package/docs/articles/health-checks.mdx +109 -0
  106. package/docs/articles/hosting-options.mdx +70 -0
  107. package/docs/articles/lazy-load-configuration-into-cache.mdx +92 -0
  108. package/docs/articles/limits.mdx +98 -0
  109. package/docs/articles/local-development-debugging.mdx +44 -0
  110. package/docs/articles/local-development-env-variables.mdx +23 -0
  111. package/docs/articles/local-development-installing-packages.mdx +23 -0
  112. package/docs/articles/local-development-routes-designer.mdx +27 -0
  113. package/docs/articles/local-development-services.mdx +40 -0
  114. package/docs/articles/local-development-troubleshooting.mdx +56 -0
  115. package/docs/articles/local-development.mdx +81 -0
  116. package/docs/articles/log-plugin-aws-cloudwatch.mdx +83 -0
  117. package/docs/articles/log-plugin-datadog.mdx +84 -0
  118. package/docs/articles/log-plugin-dynatrace.mdx +75 -0
  119. package/docs/articles/log-plugin-gcp.mdx +75 -0
  120. package/docs/articles/log-plugin-loki.mdx +136 -0
  121. package/docs/articles/log-plugin-new-relic.mdx +84 -0
  122. package/docs/articles/log-plugin-splunk.mdx +104 -0
  123. package/docs/articles/log-plugin-sumo.mdx +73 -0
  124. package/docs/articles/log-plugin-vmware-log-insight.mdx +154 -0
  125. package/docs/articles/log-request-response-data.mdx +398 -0
  126. package/docs/articles/logging.mdx +115 -0
  127. package/docs/articles/manual-mcp-oauth-testing.mdx +193 -0
  128. package/docs/articles/mcp-quickstart.mdx +135 -0
  129. package/docs/articles/metrics-plugins.mdx +371 -0
  130. package/docs/articles/migrate-from-apigee.md +408 -0
  131. package/docs/articles/migrate-from-aws-api-gateway.md +248 -0
  132. package/docs/articles/migrate-from-azure-apim.md +292 -0
  133. package/docs/articles/migrate-from-kong.md +300 -0
  134. package/docs/articles/migration-overview.md +81 -0
  135. package/docs/articles/monetization/api-access.mdx +69 -0
  136. package/docs/articles/monetization/billing-models.md +520 -0
  137. package/docs/articles/monetization/developer-portal.md +167 -0
  138. package/docs/articles/monetization/features.mdx +98 -0
  139. package/docs/articles/monetization/index.mdx +113 -0
  140. package/docs/articles/monetization/meters.mdx +135 -0
  141. package/docs/articles/monetization/monetization-policy.md +314 -0
  142. package/docs/articles/monetization/plan-examples.mdx +366 -0
  143. package/docs/articles/monetization/plans.mdx +266 -0
  144. package/docs/articles/monetization/pricing-models.mdx +225 -0
  145. package/docs/articles/monetization/private-plans.md +154 -0
  146. package/docs/articles/monetization/quickstart.md +355 -0
  147. package/docs/articles/monetization/rate-cards.mdx +171 -0
  148. package/docs/articles/monetization/stripe-integration.md +195 -0
  149. package/docs/articles/monetization/subscription-lifecycle.md +298 -0
  150. package/docs/articles/monetization/tax-collection.md +166 -0
  151. package/docs/articles/monetization/troubleshooting.md +272 -0
  152. package/docs/articles/monetization-custom.mdx +71 -0
  153. package/docs/articles/monetization-integrations.mdx +104 -0
  154. package/docs/articles/monitoring-your-gateway.mdx +53 -0
  155. package/docs/articles/monorepo-deployment.mdx +350 -0
  156. package/docs/articles/multiple-auth-policies.mdx +81 -0
  157. package/docs/articles/non-standard-ports.mdx +30 -0
  158. package/docs/articles/oauth-authentication.mdx +54 -0
  159. package/docs/articles/openapi-server-urls.mdx +60 -0
  160. package/docs/articles/openapi.mdx +130 -0
  161. package/docs/articles/opentelemetry.mdx +250 -0
  162. package/docs/articles/per-user-rate-limits-using-db.mdx +112 -0
  163. package/docs/articles/performance-testing.mdx +304 -0
  164. package/docs/articles/plugin-akamai-api-security.mdx +76 -0
  165. package/docs/articles/plugin-azure-blob.mdx +73 -0
  166. package/docs/articles/plugin-azure-event-hubs.mdx +64 -0
  167. package/docs/articles/plugin-hydrolix-traffic-peak.mdx +147 -0
  168. package/docs/articles/policies.mdx +33 -0
  169. package/docs/articles/rename-or-move-project.mdx +39 -0
  170. package/docs/articles/rick-and-morty-api-developer-portal-example.mdx +23 -0
  171. package/docs/articles/routing.mdx +193 -0
  172. package/docs/articles/s3-signed-url-uploads.mdx +521 -0
  173. package/docs/articles/secure-tunnel.mdx +84 -0
  174. package/docs/articles/securing-backend-mtls.mdx +268 -0
  175. package/docs/articles/securing-your-backend.mdx +148 -0
  176. package/docs/articles/security.mdx +105 -0
  177. package/docs/articles/sharing-code-across-projects.mdx +412 -0
  178. package/docs/articles/source-control-setup-azure.mdx +13 -0
  179. package/docs/articles/source-control-setup-bitbucket.mdx +43 -0
  180. package/docs/articles/source-control-setup-github.mdx +172 -0
  181. package/docs/articles/source-control-setup-gitlab.mdx +12 -0
  182. package/docs/articles/source-control.mdx +80 -0
  183. package/docs/articles/step-1-setup-basic-gateway-local.mdx +136 -0
  184. package/docs/articles/step-1-setup-basic-gateway.mdx +118 -0
  185. package/docs/articles/step-2-add-rate-limiting-local.mdx +126 -0
  186. package/docs/articles/step-2-add-rate-limiting.mdx +82 -0
  187. package/docs/articles/step-3-add-api-key-auth-local.mdx +199 -0
  188. package/docs/articles/step-3-add-api-key-auth.mdx +166 -0
  189. package/docs/articles/step-4-deploying-to-the-edge.mdx +220 -0
  190. package/docs/articles/step-5-dynamic-rate-limiting.mdx +167 -0
  191. package/docs/articles/support.mdx +144 -0
  192. package/docs/articles/terraform.mdx +114 -0
  193. package/docs/articles/testing-graphql.mdx +34 -0
  194. package/docs/articles/testing.mdx +522 -0
  195. package/docs/articles/troubleshooting-slow-responses.mdx +301 -0
  196. package/docs/articles/troubleshooting.md +302 -0
  197. package/docs/articles/tsconfig.mdx +105 -0
  198. package/docs/articles/tunnel-setup.mdx +195 -0
  199. package/docs/articles/tunnel-troubleshooting.mdx +50 -0
  200. package/docs/articles/update-zup-in-github-action.mdx +110 -0
  201. package/docs/articles/use-openapi-extension-data.mdx +79 -0
  202. package/docs/articles/users/multifactor-authentication.mdx +64 -0
  203. package/docs/articles/users/profile.mdx +13 -0
  204. package/docs/articles/versioning-on-zuplo.mdx +89 -0
  205. package/docs/articles/waf-ddos-akamai.md +133 -0
  206. package/docs/articles/waf-ddos-aws-waf-shield.mdx +85 -0
  207. package/docs/articles/waf-ddos-fastly.mdx +251 -0
  208. package/docs/articles/waf-ddos.mdx +140 -0
  209. package/docs/articles/zuplo-waf.mdx +156 -0
  210. package/docs/ask.mdx +3 -0
  211. package/docs/cli/authentication.mdx +56 -0
  212. package/docs/cli/connectivity.mdx +38 -0
  213. package/docs/cli/create-zuplo-api.mdx +80 -0
  214. package/docs/cli/delete.mdx +79 -0
  215. package/docs/cli/deploy.mdx +156 -0
  216. package/docs/cli/deploy.partial.mdx +46 -0
  217. package/docs/cli/dev.mdx +115 -0
  218. package/docs/cli/docs.mdx +66 -0
  219. package/docs/cli/editor.mdx +50 -0
  220. package/docs/cli/global-options.mdx +19 -0
  221. package/docs/cli/init.mdx +74 -0
  222. package/docs/cli/link.mdx +74 -0
  223. package/docs/cli/list.mdx +55 -0
  224. package/docs/cli/mtls-certificate-create.mdx +94 -0
  225. package/docs/cli/mtls-certificate-delete.mdx +55 -0
  226. package/docs/cli/mtls-certificate-describe.mdx +55 -0
  227. package/docs/cli/mtls-certificate-disable.mdx +55 -0
  228. package/docs/cli/mtls-certificate-list.mdx +47 -0
  229. package/docs/cli/mtls-certificate-update.mdx +72 -0
  230. package/docs/cli/openapi-convert.mdx +111 -0
  231. package/docs/cli/openapi-merge.mdx +138 -0
  232. package/docs/cli/openapi-merge.partial.mdx +29 -0
  233. package/docs/cli/openapi-overlay.mdx +123 -0
  234. package/docs/cli/overview.mdx +78 -0
  235. package/docs/cli/project-create.mdx +43 -0
  236. package/docs/cli/source-migrate.mdx +18 -0
  237. package/docs/cli/source-upgrade.mdx +41 -0
  238. package/docs/cli/test.mdx +70 -0
  239. package/docs/cli/test.partial.mdx +7 -0
  240. package/docs/cli/tunnel-create.mdx +53 -0
  241. package/docs/cli/tunnel-create.partial.mdx +9 -0
  242. package/docs/cli/tunnel-delete.mdx +35 -0
  243. package/docs/cli/tunnel-delete.partial.mdx +9 -0
  244. package/docs/cli/tunnel-describe.mdx +45 -0
  245. package/docs/cli/tunnel-describe.partial.mdx +5 -0
  246. package/docs/cli/tunnel-list.mdx +35 -0
  247. package/docs/cli/tunnel-list.partial.mdx +9 -0
  248. package/docs/cli/tunnel-rate-token.partial.mdx +9 -0
  249. package/docs/cli/tunnel-rotate-token.mdx +39 -0
  250. package/docs/cli/tunnel-services-describe.mdx +45 -0
  251. package/docs/cli/tunnel-services-describe.partial.mdx +9 -0
  252. package/docs/cli/tunnel-services-update.mdx +48 -0
  253. package/docs/cli/variable-create.mdx +91 -0
  254. package/docs/cli/variable-create.partial.mdx +5 -0
  255. package/docs/cli/variable-update.mdx +75 -0
  256. package/docs/cli/variable-update.partial.mdx +5 -0
  257. package/docs/concepts/api-keys.md +146 -0
  258. package/docs/concepts/authentication.mdx +109 -0
  259. package/docs/concepts/how-zuplo-works.mdx +120 -0
  260. package/docs/concepts/project-structure.mdx +174 -0
  261. package/docs/concepts/rate-limiting.md +246 -0
  262. package/docs/concepts/request-lifecycle.mdx +56 -0
  263. package/docs/concepts/source-control-and-deployment.mdx +229 -0
  264. package/docs/conferences/conference-prize-terms.mdx +80 -0
  265. package/docs/dedicated/akamai/ai-powered-applications.mdx +223 -0
  266. package/docs/dedicated/akamai/architecture.mdx +280 -0
  267. package/docs/dedicated/akamai/caching.mdx +212 -0
  268. package/docs/dedicated/akamai/cdn.mdx +156 -0
  269. package/docs/dedicated/architecture.mdx +208 -0
  270. package/docs/dedicated/custom-domains.mdx +31 -0
  271. package/docs/dedicated/federated-gateways.mdx +80 -0
  272. package/docs/dedicated/networking.mdx +69 -0
  273. package/docs/dedicated/overview.mdx +80 -0
  274. package/docs/dedicated/source-control.mdx +63 -0
  275. package/docs/dev-portal/dev-portal-create-consumer-on-auth.mdx +134 -0
  276. package/docs/dev-portal/introduction.mdx +65 -0
  277. package/docs/dev-portal/local-development.mdx +72 -0
  278. package/docs/dev-portal/migration.mdx +526 -0
  279. package/docs/dev-portal/node-modules.mdx +45 -0
  280. package/docs/dev-portal/updating.mdx +28 -0
  281. package/docs/dev-portal/zudoku/components/alert.mdx +130 -0
  282. package/docs/dev-portal/zudoku/components/badge.mdx +70 -0
  283. package/docs/dev-portal/zudoku/components/button.mdx +132 -0
  284. package/docs/dev-portal/zudoku/components/callout.mdx +112 -0
  285. package/docs/dev-portal/zudoku/components/card.mdx +104 -0
  286. package/docs/dev-portal/zudoku/components/checkbox.mdx +72 -0
  287. package/docs/dev-portal/zudoku/components/client-only.mdx +79 -0
  288. package/docs/dev-portal/zudoku/components/code-tabs.mdx +179 -0
  289. package/docs/dev-portal/zudoku/components/dialog.mdx +167 -0
  290. package/docs/dev-portal/zudoku/components/head.mdx +199 -0
  291. package/docs/dev-portal/zudoku/components/icons.mdx +27 -0
  292. package/docs/dev-portal/zudoku/components/input.mdx +96 -0
  293. package/docs/dev-portal/zudoku/components/label.mdx +86 -0
  294. package/docs/dev-portal/zudoku/components/link.mdx +242 -0
  295. package/docs/dev-portal/zudoku/components/markdown.mdx +151 -0
  296. package/docs/dev-portal/zudoku/components/mermaid.mdx +81 -0
  297. package/docs/dev-portal/zudoku/components/playground.mdx +87 -0
  298. package/docs/dev-portal/zudoku/components/secret.mdx +78 -0
  299. package/docs/dev-portal/zudoku/components/select.mdx +176 -0
  300. package/docs/dev-portal/zudoku/components/shadcn.mdx +73 -0
  301. package/docs/dev-portal/zudoku/components/slider.mdx +108 -0
  302. package/docs/dev-portal/zudoku/components/slot.mdx +119 -0
  303. package/docs/dev-portal/zudoku/components/stepper.mdx +138 -0
  304. package/docs/dev-portal/zudoku/components/switch.mdx +96 -0
  305. package/docs/dev-portal/zudoku/components/syntax-highlight.mdx +602 -0
  306. package/docs/dev-portal/zudoku/components/textarea.mdx +78 -0
  307. package/docs/dev-portal/zudoku/components/tooltip.mdx +195 -0
  308. package/docs/dev-portal/zudoku/components/typography.mdx +61 -0
  309. package/docs/dev-portal/zudoku/configuration/ai-assistants.md +64 -0
  310. package/docs/dev-portal/zudoku/configuration/api-catalog.md +108 -0
  311. package/docs/dev-portal/zudoku/configuration/api-reference.md +397 -0
  312. package/docs/dev-portal/zudoku/configuration/authentication-auth0.md +173 -0
  313. package/docs/dev-portal/zudoku/configuration/authentication-azure-ad.md +238 -0
  314. package/docs/dev-portal/zudoku/configuration/authentication-clerk.md +110 -0
  315. package/docs/dev-portal/zudoku/configuration/authentication-firebase.md +61 -0
  316. package/docs/dev-portal/zudoku/configuration/authentication-pingfederate.md +136 -0
  317. package/docs/dev-portal/zudoku/configuration/authentication-supabase.md +225 -0
  318. package/docs/dev-portal/zudoku/configuration/authentication.md +199 -0
  319. package/docs/dev-portal/zudoku/configuration/build-configuration.mdx +147 -0
  320. package/docs/dev-portal/zudoku/configuration/docs.md +282 -0
  321. package/docs/dev-portal/zudoku/configuration/footer.mdx +214 -0
  322. package/docs/dev-portal/zudoku/configuration/llms.md +89 -0
  323. package/docs/dev-portal/zudoku/configuration/navigation.mdx +408 -0
  324. package/docs/dev-portal/zudoku/configuration/overview.md +380 -0
  325. package/docs/dev-portal/zudoku/configuration/protected-routes.md +149 -0
  326. package/docs/dev-portal/zudoku/configuration/search.md +169 -0
  327. package/docs/dev-portal/zudoku/configuration/sentry.mdx +44 -0
  328. package/docs/dev-portal/zudoku/configuration/site.md +124 -0
  329. package/docs/dev-portal/zudoku/configuration/slots.mdx +124 -0
  330. package/docs/dev-portal/zudoku/configuration/vite-config.md +18 -0
  331. package/docs/dev-portal/zudoku/custom-plugins.md +287 -0
  332. package/docs/dev-portal/zudoku/customization/colors-theme.mdx +275 -0
  333. package/docs/dev-portal/zudoku/customization/fonts.md +110 -0
  334. package/docs/dev-portal/zudoku/extending/events.md +124 -0
  335. package/docs/dev-portal/zudoku/guides/custom-pages.md +106 -0
  336. package/docs/dev-portal/zudoku/guides/environment-variables.md +99 -0
  337. package/docs/dev-portal/zudoku/guides/mermaid.mdx +70 -0
  338. package/docs/dev-portal/zudoku/guides/navigation-migration.md +87 -0
  339. package/docs/dev-portal/zudoku/guides/navigation-rules.mdx +197 -0
  340. package/docs/dev-portal/zudoku/guides/processors.mdx +234 -0
  341. package/docs/dev-portal/zudoku/guides/static-files.md +55 -0
  342. package/docs/dev-portal/zudoku/guides/transforming-examples.md +156 -0
  343. package/docs/dev-portal/zudoku/guides/using-multiple-apis.md +87 -0
  344. package/docs/dev-portal/zudoku/markdown/admonitions.md +128 -0
  345. package/docs/dev-portal/zudoku/markdown/code-blocks.md +196 -0
  346. package/docs/dev-portal/zudoku/markdown/frontmatter.md +172 -0
  347. package/docs/dev-portal/zudoku/markdown/mdx.md +68 -0
  348. package/docs/dev-portal/zudoku/markdown/overview.md +275 -0
  349. package/docs/dev-portal/zudoku/plugins.md +5 -0
  350. package/docs/dev-portal/zudoku/writing.mdx +72 -0
  351. package/docs/errors/bad-request.mdx +39 -0
  352. package/docs/errors/build-error.mdx +45 -0
  353. package/docs/errors/fatal-project-error.mdx +39 -0
  354. package/docs/errors/gateway-timeout.mdx +33 -0
  355. package/docs/errors/get-head-body-error.mdx +41 -0
  356. package/docs/errors/main-mod-error.mdx +40 -0
  357. package/docs/errors/no-project-set.mdx +41 -0
  358. package/docs/errors/not-found.mdx +43 -0
  359. package/docs/errors/rate-limit-exceeded.mdx +31 -0
  360. package/docs/errors/schema-validation-failed.mdx +51 -0
  361. package/docs/errors/system-configuration-error.mdx +44 -0
  362. package/docs/errors/unauthorized.mdx +50 -0
  363. package/docs/errors/unknown-error.mdx +42 -0
  364. package/docs/errors.mdx +14 -0
  365. package/docs/guides/canary-routing-for-employees.mdx +385 -0
  366. package/docs/guides/geolocation-backend-routing.mdx +404 -0
  367. package/docs/guides/modify-openapi-paths.mdx +371 -0
  368. package/docs/guides/openapi-overlays.mdx +492 -0
  369. package/docs/guides/overview.mdx +12 -0
  370. package/docs/guides/user-based-backend-routing.mdx +437 -0
  371. package/docs/handlers/aws-lambda.mdx +201 -0
  372. package/docs/handlers/custom-handler.mdx +112 -0
  373. package/docs/handlers/legacy-dev-portal-handler.mdx +135 -0
  374. package/docs/handlers/mcp-server.mdx +730 -0
  375. package/docs/handlers/openapi.mdx +78 -0
  376. package/docs/handlers/redirect.mdx +115 -0
  377. package/docs/handlers/system-handlers.mdx +41 -0
  378. package/docs/handlers/url-forward.mdx +204 -0
  379. package/docs/handlers/url-rewrite.mdx +224 -0
  380. package/docs/handlers/websocket-handler.mdx +154 -0
  381. package/docs/home.mdx +6 -0
  382. package/docs/managed-edge/overview.md +78 -0
  383. package/docs/mcp-server/configuration-migration-guide.mdx +344 -0
  384. package/docs/mcp-server/custom-tools.mdx +487 -0
  385. package/docs/mcp-server/graphql.mdx +241 -0
  386. package/docs/mcp-server/introduction.mdx +122 -0
  387. package/docs/mcp-server/openai-apps-sdk.mdx +160 -0
  388. package/docs/mcp-server/prompts.mdx +283 -0
  389. package/docs/mcp-server/resources.mdx +288 -0
  390. package/docs/mcp-server/testing.mdx +53 -0
  391. package/docs/mcp-server/tools.mdx +306 -0
  392. package/docs/policies/_index.md +92 -0
  393. package/docs/policies/ab-test-inbound/intro.md +8 -0
  394. package/docs/policies/ab-test-inbound/policy.ts +14 -0
  395. package/docs/policies/ab-test-inbound/schema.json +27 -0
  396. package/docs/policies/ab-test-outbound/intro.md +8 -0
  397. package/docs/policies/ab-test-outbound/policy.ts +26 -0
  398. package/docs/policies/ab-test-outbound/schema.json +27 -0
  399. package/docs/policies/acl-policy-inbound/intro.md +5 -0
  400. package/docs/policies/acl-policy-inbound/policy.ts +32 -0
  401. package/docs/policies/acl-policy-inbound/schema.json +52 -0
  402. package/docs/policies/akamai-ai-firewall/schema.json +98 -0
  403. package/docs/policies/amberflo-metering-inbound/doc.md +183 -0
  404. package/docs/policies/amberflo-metering-inbound/intro.md +20 -0
  405. package/docs/policies/amberflo-metering-inbound/schema.json +108 -0
  406. package/docs/policies/api-key-inbound/doc.md +77 -0
  407. package/docs/policies/api-key-inbound/intro.md +30 -0
  408. package/docs/policies/api-key-inbound/schema.json +84 -0
  409. package/docs/policies/archive-request-aws-s3-inbound/intro.md +4 -0
  410. package/docs/policies/archive-request-aws-s3-inbound/policy.ts +58 -0
  411. package/docs/policies/archive-request-aws-s3-inbound/schema.json +68 -0
  412. package/docs/policies/archive-request-azure-storage-inbound/doc.md +31 -0
  413. package/docs/policies/archive-request-azure-storage-inbound/intro.md +4 -0
  414. package/docs/policies/archive-request-azure-storage-inbound/policy.ts +54 -0
  415. package/docs/policies/archive-request-azure-storage-inbound/schema.json +53 -0
  416. package/docs/policies/archive-request-gcp-storage-inbound/doc.md +63 -0
  417. package/docs/policies/archive-request-gcp-storage-inbound/intro.md +4 -0
  418. package/docs/policies/archive-request-gcp-storage-inbound/policy.ts +68 -0
  419. package/docs/policies/archive-request-gcp-storage-inbound/schema.json +47 -0
  420. package/docs/policies/archive-response-aws-s3-outbound/intro.md +2 -0
  421. package/docs/policies/archive-response-aws-s3-outbound/policy.ts +59 -0
  422. package/docs/policies/archive-response-aws-s3-outbound/schema.json +68 -0
  423. package/docs/policies/archive-response-azure-storage-outbound/doc.md +31 -0
  424. package/docs/policies/archive-response-azure-storage-outbound/intro.md +3 -0
  425. package/docs/policies/archive-response-azure-storage-outbound/policy.ts +54 -0
  426. package/docs/policies/archive-response-azure-storage-outbound/schema.json +53 -0
  427. package/docs/policies/audit-log-inbound/doc.md +78 -0
  428. package/docs/policies/audit-log-inbound/intro.md +10 -0
  429. package/docs/policies/audit-log-inbound/schema.json +81 -0
  430. package/docs/policies/auth0-jwt-auth-inbound/doc.md +125 -0
  431. package/docs/policies/auth0-jwt-auth-inbound/intro.md +17 -0
  432. package/docs/policies/auth0-jwt-auth-inbound/schema.json +74 -0
  433. package/docs/policies/authzen-inbound/doc.md +24 -0
  434. package/docs/policies/authzen-inbound/intro.md +31 -0
  435. package/docs/policies/authzen-inbound/schema.json +126 -0
  436. package/docs/policies/axiomatics-authz-inbound/doc.md +144 -0
  437. package/docs/policies/axiomatics-authz-inbound/intro.md +11 -0
  438. package/docs/policies/axiomatics-authz-inbound/schema.json +161 -0
  439. package/docs/policies/basic-auth-inbound/intro.md +9 -0
  440. package/docs/policies/basic-auth-inbound/schema.json +99 -0
  441. package/docs/policies/bot-detection-inbound/intro.md +4 -0
  442. package/docs/policies/bot-detection-inbound/schema.json +56 -0
  443. package/docs/policies/brownout-inbound/doc.md +55 -0
  444. package/docs/policies/brownout-inbound/intro.md +12 -0
  445. package/docs/policies/brownout-inbound/schema.json +115 -0
  446. package/docs/policies/caching-inbound/doc.md +209 -0
  447. package/docs/policies/caching-inbound/intro.md +23 -0
  448. package/docs/policies/caching-inbound/schema.json +98 -0
  449. package/docs/policies/change-method-inbound/schema.json +56 -0
  450. package/docs/policies/clear-headers-inbound/schema.json +59 -0
  451. package/docs/policies/clear-headers-outbound/schema.json +59 -0
  452. package/docs/policies/clerk-jwt-auth-inbound/doc.md +85 -0
  453. package/docs/policies/clerk-jwt-auth-inbound/intro.md +4 -0
  454. package/docs/policies/clerk-jwt-auth-inbound/schema.json +68 -0
  455. package/docs/policies/cognito-jwt-auth-inbound/intro.md +7 -0
  456. package/docs/policies/cognito-jwt-auth-inbound/schema.json +74 -0
  457. package/docs/policies/comet-opik-tracing-inbound/schema.json +65 -0
  458. package/docs/policies/complex-rate-limit-inbound/doc.md +20 -0
  459. package/docs/policies/complex-rate-limit-inbound/intro.md +23 -0
  460. package/docs/policies/complex-rate-limit-inbound/schema.json +142 -0
  461. package/docs/policies/composite-inbound/doc.md +69 -0
  462. package/docs/policies/composite-inbound/intro.md +15 -0
  463. package/docs/policies/composite-inbound/schema.json +59 -0
  464. package/docs/policies/composite-outbound/intro.md +6 -0
  465. package/docs/policies/composite-outbound/schema.json +59 -0
  466. package/docs/policies/curity-phantom-token-inbound/doc.md +109 -0
  467. package/docs/policies/curity-phantom-token-inbound/intro.md +3 -0
  468. package/docs/policies/curity-phantom-token-inbound/schema.json +68 -0
  469. package/docs/policies/custom-code-inbound/doc.md +267 -0
  470. package/docs/policies/custom-code-inbound/intro.md +2 -0
  471. package/docs/policies/custom-code-inbound/schema.json +48 -0
  472. package/docs/policies/custom-code-outbound/doc.md +235 -0
  473. package/docs/policies/custom-code-outbound/intro.md +2 -0
  474. package/docs/policies/custom-code-outbound/schema.json +43 -0
  475. package/docs/policies/firebase-jwt-inbound/intro.md +6 -0
  476. package/docs/policies/firebase-jwt-inbound/schema.json +68 -0
  477. package/docs/policies/formdata-to-json-inbound/schema.json +60 -0
  478. package/docs/policies/galileo-tracing-inbound/schema.json +65 -0
  479. package/docs/policies/geo-filter-inbound/doc.md +33 -0
  480. package/docs/policies/geo-filter-inbound/schema.json +108 -0
  481. package/docs/policies/graphql-complexity-limit-inbound/doc.md +48 -0
  482. package/docs/policies/graphql-complexity-limit-inbound/intro.md +2 -0
  483. package/docs/policies/graphql-complexity-limit-inbound/schema.json +90 -0
  484. package/docs/policies/graphql-disable-introspection-inbound/doc.md +66 -0
  485. package/docs/policies/graphql-disable-introspection-inbound/intro.md +15 -0
  486. package/docs/policies/graphql-disable-introspection-inbound/schema.json +48 -0
  487. package/docs/policies/graphql-introspection-filter-outbound/doc.md +148 -0
  488. package/docs/policies/graphql-introspection-filter-outbound/schema.json +79 -0
  489. package/docs/policies/hmac-auth-inbound/doc.md +30 -0
  490. package/docs/policies/hmac-auth-inbound/intro.md +10 -0
  491. package/docs/policies/hmac-auth-inbound/policy.ts +70 -0
  492. package/docs/policies/hmac-auth-inbound/schema.json +53 -0
  493. package/docs/policies/http-deprecation-outbound/doc.md +73 -0
  494. package/docs/policies/http-deprecation-outbound/schema.json +83 -0
  495. package/docs/policies/ip-restriction-inbound/intro.md +8 -0
  496. package/docs/policies/ip-restriction-inbound/policy.ts +40 -0
  497. package/docs/policies/ip-restriction-inbound/schema.json +58 -0
  498. package/docs/policies/jwt-scopes-inbound/schema.json +59 -0
  499. package/docs/policies/ldap-auth-inbound/schema.json +56 -0
  500. package/docs/policies/mock-api-inbound/schema.json +72 -0
  501. package/docs/policies/moesif-inbound/doc.md +44 -0
  502. package/docs/policies/moesif-inbound/intro.md +6 -0
  503. package/docs/policies/moesif-inbound/schema.json +68 -0
  504. package/docs/policies/monetization-inbound/doc.md +87 -0
  505. package/docs/policies/monetization-inbound/intro.md +6 -0
  506. package/docs/policies/monetization-inbound/schema.json +102 -0
  507. package/docs/policies/mtls-auth-inbound/intro.md +6 -0
  508. package/docs/policies/mtls-auth-inbound/schema.json +68 -0
  509. package/docs/policies/okta-fga-authz-inbound/doc.md +181 -0
  510. package/docs/policies/okta-fga-authz-inbound/intro.md +20 -0
  511. package/docs/policies/okta-fga-authz-inbound/schema.json +104 -0
  512. package/docs/policies/okta-jwt-auth-inbound/intro.md +7 -0
  513. package/docs/policies/okta-jwt-auth-inbound/schema.json +74 -0
  514. package/docs/policies/open-id-jwt-auth-inbound/doc.md +58 -0
  515. package/docs/policies/open-id-jwt-auth-inbound/intro.md +30 -0
  516. package/docs/policies/open-id-jwt-auth-inbound/schema.json +128 -0
  517. package/docs/policies/openfga-authz-inbound/doc.md +207 -0
  518. package/docs/policies/openfga-authz-inbound/intro.md +17 -0
  519. package/docs/policies/openfga-authz-inbound/schema.json +191 -0
  520. package/docs/policies/openmeter-inbound/doc.md +163 -0
  521. package/docs/policies/openmeter-inbound/intro.md +18 -0
  522. package/docs/policies/openmeter-inbound/schema.json +183 -0
  523. package/docs/policies/prompt-injection-outbound/doc.md +106 -0
  524. package/docs/policies/prompt-injection-outbound/intro.md +4 -0
  525. package/docs/policies/prompt-injection-outbound/schema.json +74 -0
  526. package/docs/policies/propel-auth-jwt-inbound/doc.md +88 -0
  527. package/docs/policies/propel-auth-jwt-inbound/intro.md +4 -0
  528. package/docs/policies/propel-auth-jwt-inbound/schema.json +74 -0
  529. package/docs/policies/query-param-to-header-inbound/doc.md +70 -0
  530. package/docs/policies/query-param-to-header-inbound/intro.md +5 -0
  531. package/docs/policies/query-param-to-header-inbound/schema.json +74 -0
  532. package/docs/policies/quota-inbound/doc.md +235 -0
  533. package/docs/policies/quota-inbound/intro.md +7 -0
  534. package/docs/policies/quota-inbound/schema.json +133 -0
  535. package/docs/policies/rate-limit-inbound/doc.md +78 -0
  536. package/docs/policies/rate-limit-inbound/intro.md +30 -0
  537. package/docs/policies/rate-limit-inbound/schema.json +134 -0
  538. package/docs/policies/rbac-policy-inbound/intro.md +3 -0
  539. package/docs/policies/rbac-policy-inbound/policy.ts +42 -0
  540. package/docs/policies/rbac-policy-inbound/schema.json +52 -0
  541. package/docs/policies/readme-metrics-inbound/doc.md +1 -0
  542. package/docs/policies/readme-metrics-inbound/intro.md +3 -0
  543. package/docs/policies/readme-metrics-inbound/schema.json +84 -0
  544. package/docs/policies/remove-headers-inbound/schema.json +59 -0
  545. package/docs/policies/remove-headers-outbound/schema.json +59 -0
  546. package/docs/policies/remove-query-params-inbound/schema.json +59 -0
  547. package/docs/policies/replace-string-outbound/schema.json +69 -0
  548. package/docs/policies/request-size-limit-inbound/schema.json +60 -0
  549. package/docs/policies/request-validation-inbound/doc.md +72 -0
  550. package/docs/policies/request-validation-inbound/intro.md +24 -0
  551. package/docs/policies/request-validation-inbound/schema.json +98 -0
  552. package/docs/policies/require-origin-inbound/intro.md +12 -0
  553. package/docs/policies/require-origin-inbound/schema.json +65 -0
  554. package/docs/policies/secret-masking-outbound/doc.md +41 -0
  555. package/docs/policies/secret-masking-outbound/intro.md +13 -0
  556. package/docs/policies/secret-masking-outbound/schema.json +65 -0
  557. package/docs/policies/semantic-cache-inbound/doc.md +63 -0
  558. package/docs/policies/semantic-cache-inbound/intro.md +4 -0
  559. package/docs/policies/semantic-cache-inbound/schema.json +179 -0
  560. package/docs/policies/set-body-inbound/intro.md +7 -0
  561. package/docs/policies/set-body-inbound/schema.json +56 -0
  562. package/docs/policies/set-headers-inbound/doc.md +41 -0
  563. package/docs/policies/set-headers-inbound/intro.md +2 -0
  564. package/docs/policies/set-headers-inbound/schema.json +83 -0
  565. package/docs/policies/set-headers-outbound/schema.json +83 -0
  566. package/docs/policies/set-query-params-inbound/schema.json +83 -0
  567. package/docs/policies/set-status-outbound/schema.json +62 -0
  568. package/docs/policies/sleep-inbound/schema.json +56 -0
  569. package/docs/policies/stripe-webhook-verification-inbound/intro.md +2 -0
  570. package/docs/policies/stripe-webhook-verification-inbound/schema.json +60 -0
  571. package/docs/policies/supabase-jwt-auth-inbound/doc.md +29 -0
  572. package/docs/policies/supabase-jwt-auth-inbound/intro.md +12 -0
  573. package/docs/policies/supabase-jwt-auth-inbound/schema.json +86 -0
  574. package/docs/policies/transform-body-inbound/intro.md +8 -0
  575. package/docs/policies/transform-body-inbound/policy.ts +16 -0
  576. package/docs/policies/transform-body-inbound/schema.json +27 -0
  577. package/docs/policies/transform-body-outbound/intro.md +8 -0
  578. package/docs/policies/transform-body-outbound/policy.ts +19 -0
  579. package/docs/policies/transform-body-outbound/schema.json +27 -0
  580. package/docs/policies/upstream-azure-ad-service-auth-inbound/doc.md +82 -0
  581. package/docs/policies/upstream-azure-ad-service-auth-inbound/intro.md +20 -0
  582. package/docs/policies/upstream-azure-ad-service-auth-inbound/schema.json +84 -0
  583. package/docs/policies/upstream-firebase-admin-auth-inbound/intro.md +10 -0
  584. package/docs/policies/upstream-firebase-admin-auth-inbound/schema.json +68 -0
  585. package/docs/policies/upstream-firebase-user-auth-inbound/intro.md +2 -0
  586. package/docs/policies/upstream-firebase-user-auth-inbound/schema.json +113 -0
  587. package/docs/policies/upstream-gcp-federated-auth-inbound/doc.md +139 -0
  588. package/docs/policies/upstream-gcp-federated-auth-inbound/intro.md +21 -0
  589. package/docs/policies/upstream-gcp-federated-auth-inbound/schema.json +96 -0
  590. package/docs/policies/upstream-gcp-jwt-inbound/intro.md +10 -0
  591. package/docs/policies/upstream-gcp-jwt-inbound/schema.json +62 -0
  592. package/docs/policies/upstream-gcp-service-auth-inbound/doc.md +132 -0
  593. package/docs/policies/upstream-gcp-service-auth-inbound/intro.md +25 -0
  594. package/docs/policies/upstream-gcp-service-auth-inbound/schema.json +95 -0
  595. package/docs/policies/upstream-zuplo-jwt-auth-inbound/doc.md +213 -0
  596. package/docs/policies/upstream-zuplo-jwt-auth-inbound/intro.md +16 -0
  597. package/docs/policies/upstream-zuplo-jwt-auth-inbound/schema.json +101 -0
  598. package/docs/policies/validate-json-schema-inbound/doc.md +129 -0
  599. package/docs/policies/validate-json-schema-inbound/intro.md +7 -0
  600. package/docs/policies/validate-json-schema-inbound/schema.json +56 -0
  601. package/docs/policies/web-bot-auth-inbound/doc.md +104 -0
  602. package/docs/policies/web-bot-auth-inbound/intro.md +16 -0
  603. package/docs/policies/web-bot-auth-inbound/schema.json +76 -0
  604. package/docs/policies/xml-to-json-outbound/doc.md +71 -0
  605. package/docs/policies/xml-to-json-outbound/intro.md +4 -0
  606. package/docs/policies/xml-to-json-outbound/schema.json +117 -0
  607. package/docs/programmable-api/audit-log.mdx +74 -0
  608. package/docs/programmable-api/background-dispatcher.mdx +124 -0
  609. package/docs/programmable-api/background-loader.mdx +104 -0
  610. package/docs/programmable-api/cache.mdx +186 -0
  611. package/docs/programmable-api/compatibility-dates.mdx +201 -0
  612. package/docs/programmable-api/console-logging.mdx +48 -0
  613. package/docs/programmable-api/context-data.mdx +127 -0
  614. package/docs/programmable-api/custom-cors-policy.mdx +64 -0
  615. package/docs/programmable-api/environment.mdx +328 -0
  616. package/docs/programmable-api/hooks.mdx +569 -0
  617. package/docs/programmable-api/http-problems.mdx +385 -0
  618. package/docs/programmable-api/jwt-service-plugin.mdx +420 -0
  619. package/docs/programmable-api/logger.mdx +223 -0
  620. package/docs/programmable-api/memory-zone-read-through-cache.mdx +96 -0
  621. package/docs/programmable-api/node-modules.mdx +67 -0
  622. package/docs/programmable-api/not-found-handler.mdx +47 -0
  623. package/docs/programmable-api/oauth-protected-resource-plugin.mdx +46 -0
  624. package/docs/programmable-api/overview.mdx +213 -0
  625. package/docs/programmable-api/problem-response-formatter.mdx +183 -0
  626. package/docs/programmable-api/request-user.mdx +289 -0
  627. package/docs/programmable-api/reusing-code.mdx +26 -0
  628. package/docs/programmable-api/route-raw.mdx +55 -0
  629. package/docs/programmable-api/runtime-behaviors.mdx +25 -0
  630. package/docs/programmable-api/runtime-errors.mdx +246 -0
  631. package/docs/programmable-api/runtime-extensions.mdx +340 -0
  632. package/docs/programmable-api/safely-clone-a-request-or-response.mdx +57 -0
  633. package/docs/programmable-api/streaming-zone-cache.mdx +155 -0
  634. package/docs/programmable-api/web-crypto-apis.mdx +219 -0
  635. package/docs/programmable-api/web-standard-apis.mdx +109 -0
  636. package/docs/programmable-api/zone-cache.mdx +131 -0
  637. package/docs/programmable-api/zp-body-removed.mdx +32 -0
  638. package/docs/programmable-api/zuplo-context.mdx +414 -0
  639. package/docs/programmable-api/zuplo-id-token.mdx +90 -0
  640. package/docs/programmable-api/zuplo-json.mdx +91 -0
  641. package/docs/programmable-api/zuplo-request.mdx +200 -0
  642. package/docs/sample-apis.mdx +78 -0
  643. package/docs/self-hosted/overview.md +60 -0
  644. package/package.json +6 -5
@@ -0,0 +1,193 @@
1
+ ---
2
+ title: Manual OAuth MCP Testing
3
+ sidebar_label: "Manual OAuth Testing"
4
+ description:
5
+ Learn how to manually test OAuth flows for MCP servers using curl and OpenSSL
6
+ when clients don't support full dynamic registration.
7
+ tags:
8
+ - authentication
9
+ - testing
10
+ ---
11
+
12
+ MCP client OAuth support is evolving rapidly and many clients don't yet support
13
+ the full flow for dynamic client registration, PKCE, initial tokens during DCR,
14
+ etc.
15
+
16
+ This guide shows you how you can use common tools like `curl` and `openssl` to
17
+ manually test a configured authorization server and MCP server.
18
+
19
+ ## Existing auth server client ID and secret
20
+
21
+ The following guide walks you through manually testing an OAuth provider with a
22
+ client ID and secret configuration. This is also useful for debugging OAuth
23
+ issues during authorization flows for MCP.
24
+
25
+ ### Prerequisites
26
+
27
+ - `curl`, `jq`, and `openssl` installed on your system
28
+ - An OAuth client ID and client Secret. For the purposes of demonstration, this
29
+ guide uses an Okta Application client ID and secret.
30
+
31
+ ### Testing Script
32
+
33
+ Create a test script to verify your complete OAuth flow:
34
+
35
+ ```bash
36
+ #!/bin/bash
37
+
38
+ # OAuth 2.1 flow test Script for MCP with pre-configured client.
39
+ # Based on MCP Authorization specification:
40
+ # https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization
41
+
42
+ set -e
43
+
44
+ # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
45
+ # !!!!!!! Configuration !!!!!!!!
46
+ #
47
+ # Update these values to your MCP server hosted on Zuplo and your auth provider
48
+ # config values.
49
+
50
+ MCP_ENDPOINT="https://your-gateway.zuplo.dev/mcp"
51
+ CLIENT_ID="your-client-id"
52
+ CLIENT_SECRET="your-client-secret"
53
+ REDIRECT_URI="http://localhost:8080/authorization-code/callback"
54
+ SCOPE="mcp:access"
55
+
56
+ # !!!!! Configuration end !!!!!!
57
+ # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
58
+
59
+ # Colors for pretty output
60
+ RED='\033[0;31m'
61
+ GREEN='\033[0;32m'
62
+ BLUE='\033[0;34m'
63
+ YELLOW='\033[1;33m'
64
+ NC='\033[0m'
65
+
66
+ echo -e "${BLUE}=== MCP OAuth 2.1 Testing ===${NC}"
67
+
68
+ # Step 1: Discover OAuth configuration from MCP endpoint
69
+ echo -e "${BLUE}Step 1: Discovering OAuth configuration...${NC}"
70
+ MCP_RESPONSE=$(curl -s -i -X POST "${MCP_ENDPOINT}" \
71
+ -H 'content-type: application/json' \
72
+ -d '{"jsonrpc": "2.0", "id": "1", "method": "ping"}')
73
+
74
+ # Extract resource metadata URL
75
+ RESOURCE_METADATA_URL=$(echo "${MCP_RESPONSE}" | grep -i "resource_metadata=" | \
76
+ sed 's/.*resource_metadata=\([^[:space:]]*\).*/\1/' | tr -d '\r\n')
77
+
78
+ echo "Resource metadata URL: ${RESOURCE_METADATA_URL}"
79
+
80
+ # Step 2: Get authorization server info
81
+ RESOURCE_METADATA=$(curl -s "${RESOURCE_METADATA_URL}")
82
+ AUTH_SERVER_URL=$(echo "${RESOURCE_METADATA}" | jq -r '.authorization_servers[0]')
83
+
84
+ echo "Authorization Server: ${AUTH_SERVER_URL}"
85
+
86
+ # Step 3: Get OAuth endpoints
87
+ OAUTH_METADATA=$(curl -s "${AUTH_SERVER_URL}/.well-known/oauth-authorization-server")
88
+ AUTH_ENDPOINT=$(echo "${OAUTH_METADATA}" | jq -r '.authorization_endpoint')
89
+ TOKEN_ENDPOINT=$(echo "${OAUTH_METADATA}" | jq -r '.token_endpoint')
90
+
91
+ # Step 4: Generate PKCE parameters
92
+ CODE_VERIFIER=$(openssl rand -base64 32 | tr '/+' '_-' | tr -d '=')
93
+ CODE_CHALLENGE=$(echo -n "$CODE_VERIFIER" | openssl dgst -sha256 -binary | openssl base64 | tr '/+' '_-' | tr -d '=')
94
+ STATE=$(openssl rand -hex 16)
95
+
96
+ # Step 5: Build authorization URL
97
+ AUTH_URL="${AUTH_ENDPOINT}?response_type=code&client_id=${CLIENT_ID}&redirect_uri=${REDIRECT_URI}&scope=${SCOPE}&state=${STATE}&code_challenge=${CODE_CHALLENGE}&code_challenge_method=S256"
98
+
99
+ echo -e "${YELLOW}Open this URL in your browser:${NC}"
100
+ echo "${AUTH_URL}"
101
+ echo
102
+ echo -e "${YELLOW}After login, copy the authorization code from the callback URL${NC}"
103
+ read -p "Enter the authorization code: " AUTH_CODE
104
+
105
+ # Step 6: Exchange code for token
106
+ TOKEN_RESPONSE=$(curl -s -X POST "${TOKEN_ENDPOINT}" \
107
+ -H "Content-Type: application/x-www-form-urlencoded" \
108
+ -u "${CLIENT_ID}:${CLIENT_SECRET}" \
109
+ -d "grant_type=authorization_code&code=${AUTH_CODE}&redirect_uri=${REDIRECT_URI}&code_verifier=${CODE_VERIFIER}")
110
+
111
+ ACCESS_TOKEN=$(echo "${TOKEN_RESPONSE}" | jq -r '.access_token')
112
+
113
+ if [[ "$ACCESS_TOKEN" == "null" ]]; then
114
+ echo -e "${RED}Token exchange failed:${NC}"
115
+ echo "${TOKEN_RESPONSE}" | jq .
116
+ exit 1
117
+ fi
118
+
119
+ echo -e "${GREEN}✓ Access token obtained${NC}"
120
+
121
+ # Step 7: Test MCP endpoint with token
122
+ MCP_AUTH_RESPONSE=$(curl -s -X POST "${MCP_ENDPOINT}" \
123
+ -H "Authorization: Bearer ${ACCESS_TOKEN}" \
124
+ -H 'Accept: application/json, text/event-stream' \
125
+ -d '{"jsonrpc": "2.0", "id": "1", "method": "ping"}')
126
+
127
+ echo -e "${GREEN}✓ MCP ping test:${NC}"
128
+ echo "${MCP_AUTH_RESPONSE}" | jq .
129
+
130
+ echo -e "${GREEN}=== OAuth flow test complete ===${NC}"
131
+ ```
132
+
133
+ ### Running the Test
134
+
135
+ 1. **Update the configuration** at the top of the script with your values:
136
+ - `MCP_ENDPOINT`: Your Zuplo gateway MCP endpoint
137
+ - `CLIENT_ID`: The ID of the client or application for the auth server
138
+ - `CLIENT_SECRET`: The secret for the client or application for the auth
139
+ server
140
+ - `REDIRECT_URI`: Typically, must match exactly what's configured in your
141
+ auth server's redirect
142
+
143
+ 2. **Make the script executable**: `chmod +x test-oauth.sh`
144
+
145
+ 3. **Run the script**: `./test-oauth.sh`
146
+
147
+ 4. **Follow the prompts**:
148
+ - Open the authorization URL in your browser from the terminal output
149
+ - Complete the login flow
150
+ - Copy the authorization code from the callback URL. It will look something
151
+ like:
152
+
153
+ ```
154
+ http://localhost:8080/authorization-code/callback?code=ABC123&state=XYZ987
155
+ ```
156
+
157
+ - Paste just the code part into the script
158
+
159
+ :::warning
160
+
161
+ This script does **not** include a web server and does **not** support
162
+ dynamically extracting the authorization callback code. You must manually
163
+ grab the code from the query parameter and enter it into the terminal prompt.
164
+
165
+ :::
166
+
167
+ ### Common Issues and Troubleshooting
168
+
169
+ **"Policy evaluation failed"**: Check that your client has:
170
+
171
+ - Correct redirect URI configured
172
+ - Correct scope assigned and configured
173
+ - Authorization code grant enabled
174
+ - Proper access policies and rules
175
+
176
+ **"Invalid client" errors**: Verify your Client ID and Client Secret are
177
+ correct.
178
+
179
+ **"Invalid redirect URI"**: The redirect URI configured in the script may need
180
+ to exactly match what's configured in your authorization server and client.
181
+
182
+ **Browser redirects immediately without login**: You may already be logged into
183
+ your auth provider or an existing session exists. To log in from a clean state,
184
+ try the following:
185
+
186
+ - Log out from your authorization provider
187
+ - Clear browser cookies, sessions, and caches
188
+ - Using an incognito/private browser window
189
+
190
+ **Token exchange fails**: Check that:
191
+
192
+ - PKCE is enabled for your client
193
+ - The authorization code hasn't expired (use it immediately)
@@ -0,0 +1,135 @@
1
+ ---
2
+ title: MCP - Quick Start Guide
3
+ sidebar_label: "MCP - Quick start"
4
+ ---
5
+
6
+ Zuplo allows you to instantly add a managed MCP Server to your existing API,
7
+ powered by OpenAPI.
8
+
9
+ If you're not familiar with Zuplo, it's recommended to go through the
10
+ [Step 1](./step-1-setup-basic-gateway.mdx) first.
11
+
12
+ <Stepper>
13
+
14
+ 1. Create a **new project**
15
+
16
+ Sign in to [portal.zuplo.com](https://portal.zuplo.com) and create a new
17
+ project.
18
+
19
+ 1. **Import** an **OpenAPI** document
20
+
21
+ Let's import an OpenAPI document. You can download this one here
22
+ [todo-openapi.json](https://download-open-api-main-fae215f.d2.zuplo.dev/todo-openapi).
23
+
24
+ ![Import OpenAPI](../../public/media/mcp-quickstart/import-openapi.png)
25
+
26
+ Select the **Code** tab (1), then choose the `routes.oas.json` file (2) and
27
+ choose **Import OpenAPI** (3).
28
+
29
+ <ModalScreenshot size="sm">
30
+
31
+ ![Complete Import](../../public/media/mcp-quickstart/complete-import.png)
32
+
33
+ </ModalScreenshot>
34
+
35
+ Click **Complete Import** to import the routes.
36
+
37
+ Now save your changes (press **Save** at bottom left of **CMD+S**).
38
+
39
+ 1. Test the **Get all todos** route
40
+
41
+ The first route you imported is called `Get all todos`. Select it and click
42
+ the **Test** button next to the **Path** field.
43
+
44
+ A test dialog will open, click **Test** and you should see a `200 OK`
45
+ response with a few todos.
46
+
47
+ This is the basic API we're going to turn into a fully functioning MCP
48
+ Server.
49
+
50
+ 1. Create an **MCP Server**
51
+
52
+ On your `routes.oas.json` file, choose **Add** and then **MCP Server** (3)
53
+
54
+ ![Add Route](../../public/media/mcp-quickstart/add-mcp-route.png)
55
+
56
+ A new route will appear. Confirm the following values:
57
+ - **Summary**: enter `MCP Server`
58
+ - **Method**: choose `POST`
59
+ - **Path**: enter `/mcp` (the path can be anything, but /mcp is common)
60
+
61
+ Click the **Select Tools** option for your new MCP Server endpoint (1).
62
+
63
+ ![Select Tools](../../public/media/mcp-quickstart/select-mcp-tools.png)
64
+
65
+ You should see the MCP tools dialog. Check the tools from your `*.oas.json`
66
+ files, that you want to surface in your MCP Server.
67
+
68
+ ![MCP Server](../../public/media/mcp-quickstart/mcp-tools-dialog.png)
69
+
70
+ Click **Update Tools** (1)
71
+
72
+ Now click Save at the bottom left. Congratulations, you just published your
73
+ first MCP Server!
74
+
75
+ 1. Connect your MCP Client
76
+
77
+ You can use any MCP client you like. We like the OpenAPI platform's
78
+ playground.
79
+
80
+ Go to
81
+ [platform.openai.com/playground](https://platform.openai.com/playground)
82
+ (you'll need an OpenAPI account).
83
+
84
+ ![Add tool](../../public/media/mcp-quickstart/openai-add-tool.png)
85
+
86
+ Click `Create...` next to the **Tools** label and choose **MCP Server**.
87
+
88
+ Click **Add new** to register your custom MCP Server with the playground.
89
+
90
+ You'll need the URL of your MCP server - you can get this by going back to
91
+ Zuplo, clicking on your MCP Server route and then clicking **Test**. At the
92
+ top you'll see a button to copy the URL to your clipboard.
93
+
94
+ ![Copy MCP Server URL](../../public/media/mcp-quickstart/copy-mcp-server-url.png)
95
+
96
+ Back to the OpenAPI playground...
97
+
98
+ <ModalScreenshot size="sm">
99
+
100
+ ![Connect MCP Server](../../public/media/mcp-quickstart/connect-mcp-server.png)
101
+
102
+ </ModalScreenshot>
103
+
104
+ 1. Enter the URL of your MCP Server
105
+ 1. Enter a label, try `todos`
106
+ 1. Choose **None** for Authentication as we didn't add auth to our API
107
+ 1. Click **Connect**
108
+
109
+ If successfully connected, you'll see your 'tools' listed in the playground.
110
+
111
+ <ModalScreenshot size="sm">
112
+
113
+ ![Add tools](../../public/media/mcp-quickstart/add-tools.png)
114
+
115
+ </ModalScreenshot>
116
+
117
+ No need to deselect any tools, let's add them all!
118
+
119
+ 1. Test your MCP Server via the playground
120
+
121
+ Let's prompt the LLM in the playground. Ask the model to
122
+
123
+ `list out all the todos`
124
+
125
+ The model should recognize that it needs to call the todos MCP Server and
126
+ will ask for your approval.
127
+
128
+ Click **Approve** and you should see the todos listed 👏
129
+
130
+ ![The prompt](../../public/media/mcp-quickstart/the-prompt.png)
131
+
132
+ </Stepper>
133
+
134
+ Congratulations! Now go read more about the
135
+ [MCP Server handler](/docs/handlers/mcp-server).
@@ -0,0 +1,371 @@
1
+ ---
2
+ title: Metrics Plugins
3
+ ---
4
+
5
+ An essential part of any application is the ability to continuously monitor its
6
+ performance in production to detect any issues. Zuplo provides support for
7
+ sending metrics to a variety of services. If you want your logs to be sent to
8
+ your metrics service, you can enable one of Zuplo's logging plugins. Currently,
9
+ Zuplo supports logging to the following sources:
10
+
11
+ - Datadog
12
+ - Dynatrace
13
+ - New Relic
14
+ - OpenTelemetry
15
+
16
+ If you would like to log to a different source, reach out to support@zuplo.com
17
+ and we'd be happy to work with you to add a new logging plugin.
18
+
19
+ To configure your logging, you must create a `zuplo.runtime.ts` file in the
20
+ `modules`. The examples below show the content of the file with each of the
21
+ different logging plugins.
22
+
23
+ <EnterpriseFeature name="Custom metrics" />
24
+
25
+ ## Metrics
26
+
27
+ Zuplo supports the following metrics:
28
+
29
+ - request latency
30
+ - This measures the total time (in milliseconds) that a request takes once it
31
+ has entered the API Gateway. It includes any outbound calls from the
32
+ gateway.
33
+ - request content length
34
+ - The content length of the request as reported by the content-length header.
35
+ May be omitted if the content-length header isn't present.
36
+ - response content length.
37
+ - The content length of the response as reported by the content-length header.
38
+ May be omitted if the content-length header isn't present.
39
+
40
+ ## Plugins
41
+
42
+ Below, you will find details on each metrics plugin.
43
+
44
+ ### Datadog
45
+
46
+ By default, we send all metrics to Datadog. However, you have the option below
47
+ to configure which metrics you want to send.
48
+
49
+ Due to the pricing model of Datadog, we recommend being thrifty with what's
50
+ being sent. Refer to
51
+ [counting custom metrics](https://docs.Datadoghq.com/account_management/billing/custom_metrics/?tab=countrate#counting-custom-metrics)
52
+ for more information. In general, try to avoid high-dimensionality/cardinality
53
+ tags since those are counted as separate metrics. This
54
+ [article by Datadog](https://www.Datadoghq.com/blog/the-power-of-tagged-metrics/)
55
+ has some good guidelines.
56
+
57
+ :::warning{title="Metrics Aggregation"}
58
+
59
+ Your Zuplo API can be deployed to many edge locations. Each location will send
60
+ metrics to Datadog independently. For low volume APIs this may be okay, but
61
+ typically you will want to aggregate metrics before sending to Datadog. You can
62
+ use a tool like the
63
+ [OpenTelemetry Collector](https://opentelemetry.io/docs/collector/) for the
64
+ aggregation.
65
+
66
+ :::
67
+
68
+ ```ts
69
+ import {
70
+ RuntimeExtensions,
71
+ DatadogMetricsPlugin,
72
+ environment,
73
+ } from "@zuplo/runtime";
74
+
75
+ export function runtimeInit(runtime: RuntimeExtensions) {
76
+ runtime.addPlugin(
77
+ new DatadogMetricsPlugin({
78
+ apiKey: environment.Datadog_API_KEY,
79
+ // You can add what tags you want.
80
+ // See https://docs.Datadoghq.com/tagging/#defining-tags for more information
81
+ tags: [
82
+ "app:my-service-name",
83
+ `environment:${environment.ENVIRONMENT ?? "DEVELOPMENT"}`,
84
+ ],
85
+ metrics: {
86
+ latency: true,
87
+ requestContentLength: true,
88
+ responseContentLength: true,
89
+ },
90
+ // You can also choose to add additional tags to include in the metrics.
91
+ // Be mindful of what other information you wish to include since it will incur costs on your cardinality
92
+ include: {
93
+ country: false,
94
+ httpMethod: false,
95
+ statusCode: false,
96
+ },
97
+ }),
98
+ );
99
+ }
100
+ ```
101
+
102
+ The above configuration applies globally for all metrics send to Datadog. If you
103
+ wish to dynamically configure information for a particular ZuploContext, you can
104
+ use the `DatadogMetricsPlugin` in your code. Currently, the only configuration
105
+ you can set is the tags. The values you set here will be appended to those set
106
+ globally in the `zuplo.runtime.ts` file.
107
+
108
+ ```ts
109
+ import {
110
+ ZuploContext,
111
+ ZuploRequest,
112
+ DatadogMetricsPlugin,
113
+ } from "@zuplo/runtime";
114
+
115
+ export default async function (request: ZuploRequest, context: ZuploContext) {
116
+ const someValue = "hello";
117
+ DatadogMetricsPlugin.setContext(context, {
118
+ tags: [`my-custom-tag:${someValue}`],
119
+ });
120
+
121
+ return "What zup?";
122
+ }
123
+ ```
124
+
125
+ ### Dynatrace
126
+
127
+ By default, we send all metrics to Dynatrace. However, you have the option below
128
+ to configure which metrics you want to send.
129
+
130
+ :::warning{title="Strict format"}
131
+
132
+ Dynatrace has a strict format for its payload, which has some _surprising_
133
+ requirements.
134
+
135
+ From
136
+ https://docs.dynatrace.com/docs/extend-dynatrace/extend-metrics/reference/metric-ingestion-protocol#dimension
137
+
138
+ > Allowed characters for the key are lowercase letters, numbers, hyphens (-),
139
+ > periods (.), and underscores (\_). Special letters (like ö) aren't allowed.
140
+
141
+ The _surprising_ part is that uppercase characters are **not** allowed.
142
+
143
+ Do be mindful when you are crafting your own dimensions since an invalid
144
+ property will cause the entire payload to be rejected.
145
+
146
+ :::
147
+
148
+ ```ts
149
+ import {
150
+ RuntimeExtensions,
151
+ DynatraceMetricsPlugin,
152
+ environment,
153
+ } from "@zuplo/runtime";
154
+
155
+ export function runtimeInit(runtime: RuntimeExtensions) {
156
+ runtime.addPlugin(
157
+ new DynatraceMetricsPlugin({
158
+ // You can find the documentation on how to get your URL at
159
+ // https://www.dynatrace.com/support/help/dynatrace-api/environment-api/metric-v2/post-ingest-metrics#example
160
+ url: "https://demo.live.dynatrace.com/api/v2/metrics/ingest",
161
+ apiToken: environment.DYNATRACE_API_TOKEN,
162
+ // Dimensions should conform to Dynatrace ingest protocol
163
+ // See https://www.dynatrace.com/support/help/extend-dynatrace/extend-metrics/reference/metric-ingestion-protocol
164
+ dimensions: [
165
+ 'app="my-service-name"',
166
+ `environment="${environment.ENVIRONMENT ?? "DEVELOPMENT"}"`,
167
+ ],
168
+ metrics: {
169
+ latency: true,
170
+ requestContentLength: true,
171
+ responseContentLength: true,
172
+ },
173
+ // You can also choose to add additional tags to include in the metrics.
174
+ include: {
175
+ country: false,
176
+ method: false,
177
+ statusCode: false,
178
+ },
179
+ }),
180
+ );
181
+ }
182
+ ```
183
+
184
+ The above configuration applies globally for all metrics send to Dynatrace. If
185
+ you wish to dynamically configure information for a particular ZuploContext, you
186
+ can use the `DynatraceMetricsPlugin` in your code. Currently, the only
187
+ configuration you can set is the dimensions. The values you set here will be
188
+ appended to those set globally in the `zuplo.runtime.ts` file.
189
+
190
+ ```ts
191
+ import {
192
+ ZuploContext,
193
+ ZuploRequest,
194
+ DynatraceMetricsPlugin,
195
+ } from "@zuplo/runtime";
196
+
197
+ export default async function (request: ZuploRequest, context: ZuploContext) {
198
+ const someValue = "hello";
199
+ DynatraceMetricsPlugin.setContext(context, {
200
+ dimentions: [`my-custom-dimension="${someValue}"`],
201
+ });
202
+
203
+ return "What zup?";
204
+ }
205
+ ```
206
+
207
+ ### New Relic
208
+
209
+ By default, we send all metrics to New Relic. However, you have the option below
210
+ to configure which metrics you want to send.
211
+
212
+ New Relic's Metric API provides a powerful way to monitor your API's
213
+ performance. The metrics are sent to New Relic's Metric API endpoint
214
+ (https://metric-api.newrelic.com/metric/v1) by default, but you can customize
215
+ this if needed.
216
+
217
+ ```ts
218
+ import {
219
+ RuntimeExtensions,
220
+ NewRelicMetricsPlugin,
221
+ environment,
222
+ } from "@zuplo/runtime";
223
+
224
+ export function runtimeInit(runtime: RuntimeExtensions) {
225
+ runtime.addPlugin(
226
+ new NewRelicMetricsPlugin({
227
+ apiKey: environment.NEW_RELIC_API_KEY,
228
+ // Optional: customize the URL if needed
229
+ // url: "https://metric-api.newrelic.com/metric/v1",
230
+ // You can add custom attributes to all metrics
231
+ attributes: {
232
+ service: "my-service-name",
233
+ environment: environment.ENVIRONMENT ?? "DEVELOPMENT",
234
+ },
235
+ metrics: {
236
+ latency: true,
237
+ requestContentLength: true,
238
+ responseContentLength: true,
239
+ },
240
+ // You can also choose to add additional attributes to include in the metrics
241
+ include: {
242
+ country: false,
243
+ httpMethod: false,
244
+ statusCode: false,
245
+ path: false,
246
+ },
247
+ }),
248
+ );
249
+ }
250
+ ```
251
+
252
+ The above configuration applies globally for all metrics sent to New Relic. If
253
+ you wish to dynamically configure information for a particular ZuploContext, you
254
+ can use the `NewRelicMetricsPlugin` in your code. Currently, the only
255
+ configuration you can set is the attributes. The values you set here will be
256
+ appended to those set globally in the `zuplo.runtime.ts` file.
257
+
258
+ ```ts
259
+ import {
260
+ ZuploContext,
261
+ ZuploRequest,
262
+ NewRelicMetricsPlugin,
263
+ } from "@zuplo/runtime";
264
+
265
+ export default async function (request: ZuploRequest, context: ZuploContext) {
266
+ const someValue = "hello";
267
+ NewRelicMetricsPlugin.setContext(context, {
268
+ attributes: { "my-custom-attribute": someValue },
269
+ });
270
+
271
+ return "What zup?";
272
+ }
273
+ ```
274
+
275
+ :::warning{title="Metrics Aggregation"}
276
+
277
+ Your Zuplo API can be deployed to many edge locations. Each location will send
278
+ metrics to New Relic independently. For low volume APIs this may be okay, but
279
+ typically you will want to aggregate metrics before sending to New Relic. You
280
+ can use a tool like the
281
+ [OpenTelemetry Collector](https://opentelemetry.io/docs/collector/) for the
282
+ aggregation.
283
+
284
+ :::
285
+
286
+ ### OpenTelemetry
287
+
288
+ The OpenTelemetry metrics plugin sends metrics to any OpenTelemetry-compatible
289
+ collector using the
290
+ [OTLP HTTP JSON format](https://opentelemetry.io/docs/specs/otlp/#json-protobuf-encoding).
291
+ This allows you to integrate with a wide variety of observability backends that
292
+ support OpenTelemetry, including Grafana, Jaeger, Honeycomb, and many others.
293
+
294
+ By default, we send all metrics to your OpenTelemetry collector. However, you
295
+ have the option below to configure which metrics you want to send.
296
+
297
+ ```ts
298
+ import {
299
+ RuntimeExtensions,
300
+ OTelMetricsPlugin,
301
+ environment,
302
+ } from "@zuplo/runtime";
303
+
304
+ export function runtimeInit(runtime: RuntimeExtensions) {
305
+ runtime.addPlugin(
306
+ new OTelMetricsPlugin({
307
+ // The OTLP HTTP endpoint URL for your collector
308
+ url: "https://otel-collector.example.com:4318/v1/metrics",
309
+ // Optional headers for authentication
310
+ headers: {
311
+ Authorization: `Bearer ${environment.OTEL_API_KEY}`,
312
+ },
313
+ // Resource attributes to include with all metrics
314
+ attributes: {
315
+ "service.name": "my-api",
316
+ "deployment.environment": environment.ENVIRONMENT ?? "development",
317
+ },
318
+ metrics: {
319
+ latency: true,
320
+ requestContentLength: true,
321
+ responseContentLength: true,
322
+ },
323
+ // You can also choose to add additional attributes to include in the metrics
324
+ include: {
325
+ country: false,
326
+ httpMethod: false,
327
+ statusCode: false,
328
+ path: false,
329
+ },
330
+ }),
331
+ );
332
+ }
333
+ ```
334
+
335
+ The plugin uses
336
+ [OpenTelemetry semantic conventions](https://opentelemetry.io/docs/specs/semconv/)
337
+ for metric names and attributes:
338
+
339
+ | Metric | Name | Unit |
340
+ | ----------------------- | -------------------------------- | ---- |
341
+ | Request latency | `http.server.request.duration` | ms |
342
+ | Request content length | `http.server.request.body.size` | By |
343
+ | Response content length | `http.server.response.body.size` | By |
344
+
345
+ When `include` options are enabled, the following attributes are added:
346
+
347
+ | Option | Attribute |
348
+ | ------------ | ----------------------------- |
349
+ | `country` | `client.geo.country_iso_code` |
350
+ | `httpMethod` | `http.request.method` |
351
+ | `statusCode` | `http.response.status_code` |
352
+ | `path` | `http.route` |
353
+
354
+ The above configuration applies globally for all metrics sent to your
355
+ OpenTelemetry collector. If you wish to dynamically configure information for a
356
+ particular ZuploContext, you can use the `OTelMetricsPlugin` in your code.
357
+ Currently, the only configuration you can set is the attributes. The values you
358
+ set here will be appended to those set globally in the `zuplo.runtime.ts` file.
359
+
360
+ ```ts
361
+ import { ZuploContext, ZuploRequest, OTelMetricsPlugin } from "@zuplo/runtime";
362
+
363
+ export default async function (request: ZuploRequest, context: ZuploContext) {
364
+ const someValue = "hello";
365
+ OTelMetricsPlugin.setContext(context, {
366
+ attributes: { "my.custom.attribute": someValue },
367
+ });
368
+
369
+ return "What zup?";
370
+ }
371
+ ```