zuplo 6.67.32 → 6.68.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (644) hide show
  1. package/README.md +9 -0
  2. package/docs/_index.md +44 -0
  3. package/docs/ai-gateway/apps.mdx +28 -0
  4. package/docs/ai-gateway/custom-providers.mdx +54 -0
  5. package/docs/ai-gateway/getting-started.mdx +224 -0
  6. package/docs/ai-gateway/guardrails.mdx +65 -0
  7. package/docs/ai-gateway/integrations/ai-sdk.mdx +109 -0
  8. package/docs/ai-gateway/integrations/claude-code.mdx +49 -0
  9. package/docs/ai-gateway/integrations/codex.mdx +78 -0
  10. package/docs/ai-gateway/integrations/goose.mdx +104 -0
  11. package/docs/ai-gateway/integrations/langchain.mdx +66 -0
  12. package/docs/ai-gateway/integrations/openai.mdx +99 -0
  13. package/docs/ai-gateway/introduction.mdx +85 -0
  14. package/docs/ai-gateway/managing-apps.mdx +46 -0
  15. package/docs/ai-gateway/managing-providers.mdx +66 -0
  16. package/docs/ai-gateway/managing-teams.mdx +63 -0
  17. package/docs/ai-gateway/policies/akamai-ai-firewall.mdx +125 -0
  18. package/docs/ai-gateway/policies/comet-opik-tracing.mdx +139 -0
  19. package/docs/ai-gateway/policies/galileo-tracing.mdx +147 -0
  20. package/docs/ai-gateway/providers.mdx +32 -0
  21. package/docs/ai-gateway/teams.mdx +38 -0
  22. package/docs/ai-gateway/universal-api.mdx +43 -0
  23. package/docs/ai-gateway/usage-limits.mdx +89 -0
  24. package/docs/api-management/introduction.md +127 -0
  25. package/docs/articles/accounts/audit-logs.mdx +227 -0
  26. package/docs/articles/accounts/billing.mdx +25 -0
  27. package/docs/articles/accounts/default-api-key.mdx +30 -0
  28. package/docs/articles/accounts/delete-account.mdx +36 -0
  29. package/docs/articles/accounts/enterprise-sso.mdx +116 -0
  30. package/docs/articles/accounts/managing-account-members.mdx +45 -0
  31. package/docs/articles/accounts/managing-project-members.mdx +37 -0
  32. package/docs/articles/accounts/members-and-roles.mdx +21 -0
  33. package/docs/articles/accounts/roles-and-permissions.mdx +115 -0
  34. package/docs/articles/accounts/zuplo-api-keys.mdx +94 -0
  35. package/docs/articles/add-api-to-backstage.mdx +216 -0
  36. package/docs/articles/advanced-path-matching.mdx +139 -0
  37. package/docs/articles/api-key-administration.mdx +47 -0
  38. package/docs/articles/api-key-api.mdx +220 -0
  39. package/docs/articles/api-key-authentication.mdx +195 -0
  40. package/docs/articles/api-key-buckets.mdx +61 -0
  41. package/docs/articles/api-key-end-users.mdx +52 -0
  42. package/docs/articles/api-key-leak-detection.mdx +75 -0
  43. package/docs/articles/api-key-management.mdx +100 -0
  44. package/docs/articles/api-key-react-component.mdx +90 -0
  45. package/docs/articles/api-key-service-limits.mdx +14 -0
  46. package/docs/articles/archiving-requests-to-storage.mdx +119 -0
  47. package/docs/articles/branch-based-deployments.mdx +184 -0
  48. package/docs/articles/bypass-policy-for-testing.mdx +117 -0
  49. package/docs/articles/check-ip-address.mdx +17 -0
  50. package/docs/articles/ci-cd-azure/basic-deployment.mdx +49 -0
  51. package/docs/articles/ci-cd-azure/deploy-and-test.mdx +47 -0
  52. package/docs/articles/ci-cd-azure/local-testing.mdx +59 -0
  53. package/docs/articles/ci-cd-azure/multi-stage-deployment.mdx +88 -0
  54. package/docs/articles/ci-cd-azure/pr-preview-environments.mdx +50 -0
  55. package/docs/articles/ci-cd-azure/tag-based-releases.mdx +37 -0
  56. package/docs/articles/ci-cd-bitbucket/basic-deployment.mdx +27 -0
  57. package/docs/articles/ci-cd-bitbucket/deploy-and-test.mdx +41 -0
  58. package/docs/articles/ci-cd-bitbucket/local-testing.mdx +34 -0
  59. package/docs/articles/ci-cd-bitbucket/multi-stage-deployment.mdx +52 -0
  60. package/docs/articles/ci-cd-bitbucket/pr-preview-environments.mdx +46 -0
  61. package/docs/articles/ci-cd-bitbucket/tag-based-releases.mdx +27 -0
  62. package/docs/articles/ci-cd-circleci/basic-deployment.mdx +34 -0
  63. package/docs/articles/ci-cd-circleci/deploy-and-test.mdx +44 -0
  64. package/docs/articles/ci-cd-circleci/local-testing.mdx +50 -0
  65. package/docs/articles/ci-cd-circleci/multi-stage-deployment.mdx +82 -0
  66. package/docs/articles/ci-cd-circleci/pr-preview-environments.mdx +47 -0
  67. package/docs/articles/ci-cd-circleci/tag-based-releases.mdx +38 -0
  68. package/docs/articles/ci-cd-github/basic-deployment.mdx +48 -0
  69. package/docs/articles/ci-cd-github/cleanup-on-branch-delete.mdx +123 -0
  70. package/docs/articles/ci-cd-github/deploy-and-test.mdx +82 -0
  71. package/docs/articles/ci-cd-github/local-testing.mdx +102 -0
  72. package/docs/articles/ci-cd-github/multi-stage-deployment.mdx +136 -0
  73. package/docs/articles/ci-cd-github/pr-preview-environments.mdx +106 -0
  74. package/docs/articles/ci-cd-github/tag-based-releases.mdx +99 -0
  75. package/docs/articles/ci-cd-gitlab/basic-deployment.mdx +28 -0
  76. package/docs/articles/ci-cd-gitlab/deploy-and-test.mdx +44 -0
  77. package/docs/articles/ci-cd-gitlab/local-testing.mdx +39 -0
  78. package/docs/articles/ci-cd-gitlab/mr-preview-environments.mdx +52 -0
  79. package/docs/articles/ci-cd-gitlab/multi-stage-deployment.mdx +64 -0
  80. package/docs/articles/ci-cd-gitlab/tag-based-releases.mdx +28 -0
  81. package/docs/articles/composite-policy-reference.mdx +284 -0
  82. package/docs/articles/configuring-auth0-for-mcp-auth.mdx +186 -0
  83. package/docs/articles/configuring-okta-for-mcp-auth.mdx +208 -0
  84. package/docs/articles/convert-urls-to-openapi.mdx +62 -0
  85. package/docs/articles/cors.mdx +447 -0
  86. package/docs/articles/custom-audit-log-policy.mdx +95 -0
  87. package/docs/articles/custom-ci-cd-azure.mdx +81 -0
  88. package/docs/articles/custom-ci-cd-bitbucket.mdx +80 -0
  89. package/docs/articles/custom-ci-cd-circleci.mdx +78 -0
  90. package/docs/articles/custom-ci-cd-github.mdx +99 -0
  91. package/docs/articles/custom-ci-cd-gitlab.mdx +79 -0
  92. package/docs/articles/custom-ci-cd.mdx +82 -0
  93. package/docs/articles/custom-code-patterns.md +418 -0
  94. package/docs/articles/custom-domains.mdx +258 -0
  95. package/docs/articles/custom-logging-example.mdx +139 -0
  96. package/docs/articles/ddos-protection.mdx +138 -0
  97. package/docs/articles/development-options.mdx +49 -0
  98. package/docs/articles/environment-variables.mdx +134 -0
  99. package/docs/articles/environments.mdx +143 -0
  100. package/docs/articles/fastly-zuplo-host-setup.mdx +41 -0
  101. package/docs/articles/github-deployment-testing.mdx +101 -0
  102. package/docs/articles/gke-with-upstream-auth-policy.mdx +192 -0
  103. package/docs/articles/graphql-security.mdx +180 -0
  104. package/docs/articles/handling-form-data.mdx +61 -0
  105. package/docs/articles/health-checks.mdx +109 -0
  106. package/docs/articles/hosting-options.mdx +70 -0
  107. package/docs/articles/lazy-load-configuration-into-cache.mdx +92 -0
  108. package/docs/articles/limits.mdx +98 -0
  109. package/docs/articles/local-development-debugging.mdx +44 -0
  110. package/docs/articles/local-development-env-variables.mdx +23 -0
  111. package/docs/articles/local-development-installing-packages.mdx +23 -0
  112. package/docs/articles/local-development-routes-designer.mdx +27 -0
  113. package/docs/articles/local-development-services.mdx +40 -0
  114. package/docs/articles/local-development-troubleshooting.mdx +56 -0
  115. package/docs/articles/local-development.mdx +81 -0
  116. package/docs/articles/log-plugin-aws-cloudwatch.mdx +83 -0
  117. package/docs/articles/log-plugin-datadog.mdx +84 -0
  118. package/docs/articles/log-plugin-dynatrace.mdx +75 -0
  119. package/docs/articles/log-plugin-gcp.mdx +75 -0
  120. package/docs/articles/log-plugin-loki.mdx +136 -0
  121. package/docs/articles/log-plugin-new-relic.mdx +84 -0
  122. package/docs/articles/log-plugin-splunk.mdx +104 -0
  123. package/docs/articles/log-plugin-sumo.mdx +73 -0
  124. package/docs/articles/log-plugin-vmware-log-insight.mdx +154 -0
  125. package/docs/articles/log-request-response-data.mdx +398 -0
  126. package/docs/articles/logging.mdx +115 -0
  127. package/docs/articles/manual-mcp-oauth-testing.mdx +193 -0
  128. package/docs/articles/mcp-quickstart.mdx +135 -0
  129. package/docs/articles/metrics-plugins.mdx +371 -0
  130. package/docs/articles/migrate-from-apigee.md +408 -0
  131. package/docs/articles/migrate-from-aws-api-gateway.md +248 -0
  132. package/docs/articles/migrate-from-azure-apim.md +292 -0
  133. package/docs/articles/migrate-from-kong.md +300 -0
  134. package/docs/articles/migration-overview.md +81 -0
  135. package/docs/articles/monetization/api-access.mdx +69 -0
  136. package/docs/articles/monetization/billing-models.md +520 -0
  137. package/docs/articles/monetization/developer-portal.md +167 -0
  138. package/docs/articles/monetization/features.mdx +98 -0
  139. package/docs/articles/monetization/index.mdx +113 -0
  140. package/docs/articles/monetization/meters.mdx +135 -0
  141. package/docs/articles/monetization/monetization-policy.md +314 -0
  142. package/docs/articles/monetization/plan-examples.mdx +366 -0
  143. package/docs/articles/monetization/plans.mdx +266 -0
  144. package/docs/articles/monetization/pricing-models.mdx +225 -0
  145. package/docs/articles/monetization/private-plans.md +154 -0
  146. package/docs/articles/monetization/quickstart.md +355 -0
  147. package/docs/articles/monetization/rate-cards.mdx +171 -0
  148. package/docs/articles/monetization/stripe-integration.md +195 -0
  149. package/docs/articles/monetization/subscription-lifecycle.md +298 -0
  150. package/docs/articles/monetization/tax-collection.md +166 -0
  151. package/docs/articles/monetization/troubleshooting.md +272 -0
  152. package/docs/articles/monetization-custom.mdx +71 -0
  153. package/docs/articles/monetization-integrations.mdx +104 -0
  154. package/docs/articles/monitoring-your-gateway.mdx +53 -0
  155. package/docs/articles/monorepo-deployment.mdx +350 -0
  156. package/docs/articles/multiple-auth-policies.mdx +81 -0
  157. package/docs/articles/non-standard-ports.mdx +30 -0
  158. package/docs/articles/oauth-authentication.mdx +54 -0
  159. package/docs/articles/openapi-server-urls.mdx +60 -0
  160. package/docs/articles/openapi.mdx +130 -0
  161. package/docs/articles/opentelemetry.mdx +250 -0
  162. package/docs/articles/per-user-rate-limits-using-db.mdx +112 -0
  163. package/docs/articles/performance-testing.mdx +304 -0
  164. package/docs/articles/plugin-akamai-api-security.mdx +76 -0
  165. package/docs/articles/plugin-azure-blob.mdx +73 -0
  166. package/docs/articles/plugin-azure-event-hubs.mdx +64 -0
  167. package/docs/articles/plugin-hydrolix-traffic-peak.mdx +147 -0
  168. package/docs/articles/policies.mdx +33 -0
  169. package/docs/articles/rename-or-move-project.mdx +39 -0
  170. package/docs/articles/rick-and-morty-api-developer-portal-example.mdx +23 -0
  171. package/docs/articles/routing.mdx +193 -0
  172. package/docs/articles/s3-signed-url-uploads.mdx +521 -0
  173. package/docs/articles/secure-tunnel.mdx +84 -0
  174. package/docs/articles/securing-backend-mtls.mdx +268 -0
  175. package/docs/articles/securing-your-backend.mdx +148 -0
  176. package/docs/articles/security.mdx +105 -0
  177. package/docs/articles/sharing-code-across-projects.mdx +412 -0
  178. package/docs/articles/source-control-setup-azure.mdx +13 -0
  179. package/docs/articles/source-control-setup-bitbucket.mdx +43 -0
  180. package/docs/articles/source-control-setup-github.mdx +172 -0
  181. package/docs/articles/source-control-setup-gitlab.mdx +12 -0
  182. package/docs/articles/source-control.mdx +80 -0
  183. package/docs/articles/step-1-setup-basic-gateway-local.mdx +136 -0
  184. package/docs/articles/step-1-setup-basic-gateway.mdx +118 -0
  185. package/docs/articles/step-2-add-rate-limiting-local.mdx +126 -0
  186. package/docs/articles/step-2-add-rate-limiting.mdx +82 -0
  187. package/docs/articles/step-3-add-api-key-auth-local.mdx +199 -0
  188. package/docs/articles/step-3-add-api-key-auth.mdx +166 -0
  189. package/docs/articles/step-4-deploying-to-the-edge.mdx +220 -0
  190. package/docs/articles/step-5-dynamic-rate-limiting.mdx +167 -0
  191. package/docs/articles/support.mdx +144 -0
  192. package/docs/articles/terraform.mdx +114 -0
  193. package/docs/articles/testing-graphql.mdx +34 -0
  194. package/docs/articles/testing.mdx +522 -0
  195. package/docs/articles/troubleshooting-slow-responses.mdx +301 -0
  196. package/docs/articles/troubleshooting.md +302 -0
  197. package/docs/articles/tsconfig.mdx +105 -0
  198. package/docs/articles/tunnel-setup.mdx +195 -0
  199. package/docs/articles/tunnel-troubleshooting.mdx +50 -0
  200. package/docs/articles/update-zup-in-github-action.mdx +110 -0
  201. package/docs/articles/use-openapi-extension-data.mdx +79 -0
  202. package/docs/articles/users/multifactor-authentication.mdx +64 -0
  203. package/docs/articles/users/profile.mdx +13 -0
  204. package/docs/articles/versioning-on-zuplo.mdx +89 -0
  205. package/docs/articles/waf-ddos-akamai.md +133 -0
  206. package/docs/articles/waf-ddos-aws-waf-shield.mdx +85 -0
  207. package/docs/articles/waf-ddos-fastly.mdx +251 -0
  208. package/docs/articles/waf-ddos.mdx +140 -0
  209. package/docs/articles/zuplo-waf.mdx +156 -0
  210. package/docs/ask.mdx +3 -0
  211. package/docs/cli/authentication.mdx +56 -0
  212. package/docs/cli/connectivity.mdx +38 -0
  213. package/docs/cli/create-zuplo-api.mdx +80 -0
  214. package/docs/cli/delete.mdx +79 -0
  215. package/docs/cli/deploy.mdx +156 -0
  216. package/docs/cli/deploy.partial.mdx +46 -0
  217. package/docs/cli/dev.mdx +115 -0
  218. package/docs/cli/docs.mdx +66 -0
  219. package/docs/cli/editor.mdx +50 -0
  220. package/docs/cli/global-options.mdx +19 -0
  221. package/docs/cli/init.mdx +74 -0
  222. package/docs/cli/link.mdx +74 -0
  223. package/docs/cli/list.mdx +55 -0
  224. package/docs/cli/mtls-certificate-create.mdx +94 -0
  225. package/docs/cli/mtls-certificate-delete.mdx +55 -0
  226. package/docs/cli/mtls-certificate-describe.mdx +55 -0
  227. package/docs/cli/mtls-certificate-disable.mdx +55 -0
  228. package/docs/cli/mtls-certificate-list.mdx +47 -0
  229. package/docs/cli/mtls-certificate-update.mdx +72 -0
  230. package/docs/cli/openapi-convert.mdx +111 -0
  231. package/docs/cli/openapi-merge.mdx +138 -0
  232. package/docs/cli/openapi-merge.partial.mdx +29 -0
  233. package/docs/cli/openapi-overlay.mdx +123 -0
  234. package/docs/cli/overview.mdx +78 -0
  235. package/docs/cli/project-create.mdx +43 -0
  236. package/docs/cli/source-migrate.mdx +18 -0
  237. package/docs/cli/source-upgrade.mdx +41 -0
  238. package/docs/cli/test.mdx +70 -0
  239. package/docs/cli/test.partial.mdx +7 -0
  240. package/docs/cli/tunnel-create.mdx +53 -0
  241. package/docs/cli/tunnel-create.partial.mdx +9 -0
  242. package/docs/cli/tunnel-delete.mdx +35 -0
  243. package/docs/cli/tunnel-delete.partial.mdx +9 -0
  244. package/docs/cli/tunnel-describe.mdx +45 -0
  245. package/docs/cli/tunnel-describe.partial.mdx +5 -0
  246. package/docs/cli/tunnel-list.mdx +35 -0
  247. package/docs/cli/tunnel-list.partial.mdx +9 -0
  248. package/docs/cli/tunnel-rate-token.partial.mdx +9 -0
  249. package/docs/cli/tunnel-rotate-token.mdx +39 -0
  250. package/docs/cli/tunnel-services-describe.mdx +45 -0
  251. package/docs/cli/tunnel-services-describe.partial.mdx +9 -0
  252. package/docs/cli/tunnel-services-update.mdx +48 -0
  253. package/docs/cli/variable-create.mdx +91 -0
  254. package/docs/cli/variable-create.partial.mdx +5 -0
  255. package/docs/cli/variable-update.mdx +75 -0
  256. package/docs/cli/variable-update.partial.mdx +5 -0
  257. package/docs/concepts/api-keys.md +146 -0
  258. package/docs/concepts/authentication.mdx +109 -0
  259. package/docs/concepts/how-zuplo-works.mdx +120 -0
  260. package/docs/concepts/project-structure.mdx +174 -0
  261. package/docs/concepts/rate-limiting.md +246 -0
  262. package/docs/concepts/request-lifecycle.mdx +56 -0
  263. package/docs/concepts/source-control-and-deployment.mdx +229 -0
  264. package/docs/conferences/conference-prize-terms.mdx +80 -0
  265. package/docs/dedicated/akamai/ai-powered-applications.mdx +223 -0
  266. package/docs/dedicated/akamai/architecture.mdx +280 -0
  267. package/docs/dedicated/akamai/caching.mdx +212 -0
  268. package/docs/dedicated/akamai/cdn.mdx +156 -0
  269. package/docs/dedicated/architecture.mdx +208 -0
  270. package/docs/dedicated/custom-domains.mdx +31 -0
  271. package/docs/dedicated/federated-gateways.mdx +80 -0
  272. package/docs/dedicated/networking.mdx +69 -0
  273. package/docs/dedicated/overview.mdx +80 -0
  274. package/docs/dedicated/source-control.mdx +63 -0
  275. package/docs/dev-portal/dev-portal-create-consumer-on-auth.mdx +134 -0
  276. package/docs/dev-portal/introduction.mdx +65 -0
  277. package/docs/dev-portal/local-development.mdx +72 -0
  278. package/docs/dev-portal/migration.mdx +526 -0
  279. package/docs/dev-portal/node-modules.mdx +45 -0
  280. package/docs/dev-portal/updating.mdx +28 -0
  281. package/docs/dev-portal/zudoku/components/alert.mdx +130 -0
  282. package/docs/dev-portal/zudoku/components/badge.mdx +70 -0
  283. package/docs/dev-portal/zudoku/components/button.mdx +132 -0
  284. package/docs/dev-portal/zudoku/components/callout.mdx +112 -0
  285. package/docs/dev-portal/zudoku/components/card.mdx +104 -0
  286. package/docs/dev-portal/zudoku/components/checkbox.mdx +72 -0
  287. package/docs/dev-portal/zudoku/components/client-only.mdx +79 -0
  288. package/docs/dev-portal/zudoku/components/code-tabs.mdx +179 -0
  289. package/docs/dev-portal/zudoku/components/dialog.mdx +167 -0
  290. package/docs/dev-portal/zudoku/components/head.mdx +199 -0
  291. package/docs/dev-portal/zudoku/components/icons.mdx +27 -0
  292. package/docs/dev-portal/zudoku/components/input.mdx +96 -0
  293. package/docs/dev-portal/zudoku/components/label.mdx +86 -0
  294. package/docs/dev-portal/zudoku/components/link.mdx +242 -0
  295. package/docs/dev-portal/zudoku/components/markdown.mdx +151 -0
  296. package/docs/dev-portal/zudoku/components/mermaid.mdx +81 -0
  297. package/docs/dev-portal/zudoku/components/playground.mdx +87 -0
  298. package/docs/dev-portal/zudoku/components/secret.mdx +78 -0
  299. package/docs/dev-portal/zudoku/components/select.mdx +176 -0
  300. package/docs/dev-portal/zudoku/components/shadcn.mdx +73 -0
  301. package/docs/dev-portal/zudoku/components/slider.mdx +108 -0
  302. package/docs/dev-portal/zudoku/components/slot.mdx +119 -0
  303. package/docs/dev-portal/zudoku/components/stepper.mdx +138 -0
  304. package/docs/dev-portal/zudoku/components/switch.mdx +96 -0
  305. package/docs/dev-portal/zudoku/components/syntax-highlight.mdx +602 -0
  306. package/docs/dev-portal/zudoku/components/textarea.mdx +78 -0
  307. package/docs/dev-portal/zudoku/components/tooltip.mdx +195 -0
  308. package/docs/dev-portal/zudoku/components/typography.mdx +61 -0
  309. package/docs/dev-portal/zudoku/configuration/ai-assistants.md +64 -0
  310. package/docs/dev-portal/zudoku/configuration/api-catalog.md +108 -0
  311. package/docs/dev-portal/zudoku/configuration/api-reference.md +397 -0
  312. package/docs/dev-portal/zudoku/configuration/authentication-auth0.md +173 -0
  313. package/docs/dev-portal/zudoku/configuration/authentication-azure-ad.md +238 -0
  314. package/docs/dev-portal/zudoku/configuration/authentication-clerk.md +110 -0
  315. package/docs/dev-portal/zudoku/configuration/authentication-firebase.md +61 -0
  316. package/docs/dev-portal/zudoku/configuration/authentication-pingfederate.md +136 -0
  317. package/docs/dev-portal/zudoku/configuration/authentication-supabase.md +225 -0
  318. package/docs/dev-portal/zudoku/configuration/authentication.md +199 -0
  319. package/docs/dev-portal/zudoku/configuration/build-configuration.mdx +147 -0
  320. package/docs/dev-portal/zudoku/configuration/docs.md +282 -0
  321. package/docs/dev-portal/zudoku/configuration/footer.mdx +214 -0
  322. package/docs/dev-portal/zudoku/configuration/llms.md +89 -0
  323. package/docs/dev-portal/zudoku/configuration/navigation.mdx +408 -0
  324. package/docs/dev-portal/zudoku/configuration/overview.md +380 -0
  325. package/docs/dev-portal/zudoku/configuration/protected-routes.md +149 -0
  326. package/docs/dev-portal/zudoku/configuration/search.md +169 -0
  327. package/docs/dev-portal/zudoku/configuration/sentry.mdx +44 -0
  328. package/docs/dev-portal/zudoku/configuration/site.md +124 -0
  329. package/docs/dev-portal/zudoku/configuration/slots.mdx +124 -0
  330. package/docs/dev-portal/zudoku/configuration/vite-config.md +18 -0
  331. package/docs/dev-portal/zudoku/custom-plugins.md +287 -0
  332. package/docs/dev-portal/zudoku/customization/colors-theme.mdx +275 -0
  333. package/docs/dev-portal/zudoku/customization/fonts.md +110 -0
  334. package/docs/dev-portal/zudoku/extending/events.md +124 -0
  335. package/docs/dev-portal/zudoku/guides/custom-pages.md +106 -0
  336. package/docs/dev-portal/zudoku/guides/environment-variables.md +99 -0
  337. package/docs/dev-portal/zudoku/guides/mermaid.mdx +70 -0
  338. package/docs/dev-portal/zudoku/guides/navigation-migration.md +87 -0
  339. package/docs/dev-portal/zudoku/guides/navigation-rules.mdx +197 -0
  340. package/docs/dev-portal/zudoku/guides/processors.mdx +234 -0
  341. package/docs/dev-portal/zudoku/guides/static-files.md +55 -0
  342. package/docs/dev-portal/zudoku/guides/transforming-examples.md +156 -0
  343. package/docs/dev-portal/zudoku/guides/using-multiple-apis.md +87 -0
  344. package/docs/dev-portal/zudoku/markdown/admonitions.md +128 -0
  345. package/docs/dev-portal/zudoku/markdown/code-blocks.md +196 -0
  346. package/docs/dev-portal/zudoku/markdown/frontmatter.md +172 -0
  347. package/docs/dev-portal/zudoku/markdown/mdx.md +68 -0
  348. package/docs/dev-portal/zudoku/markdown/overview.md +275 -0
  349. package/docs/dev-portal/zudoku/plugins.md +5 -0
  350. package/docs/dev-portal/zudoku/writing.mdx +72 -0
  351. package/docs/errors/bad-request.mdx +39 -0
  352. package/docs/errors/build-error.mdx +45 -0
  353. package/docs/errors/fatal-project-error.mdx +39 -0
  354. package/docs/errors/gateway-timeout.mdx +33 -0
  355. package/docs/errors/get-head-body-error.mdx +41 -0
  356. package/docs/errors/main-mod-error.mdx +40 -0
  357. package/docs/errors/no-project-set.mdx +41 -0
  358. package/docs/errors/not-found.mdx +43 -0
  359. package/docs/errors/rate-limit-exceeded.mdx +31 -0
  360. package/docs/errors/schema-validation-failed.mdx +51 -0
  361. package/docs/errors/system-configuration-error.mdx +44 -0
  362. package/docs/errors/unauthorized.mdx +50 -0
  363. package/docs/errors/unknown-error.mdx +42 -0
  364. package/docs/errors.mdx +14 -0
  365. package/docs/guides/canary-routing-for-employees.mdx +385 -0
  366. package/docs/guides/geolocation-backend-routing.mdx +404 -0
  367. package/docs/guides/modify-openapi-paths.mdx +371 -0
  368. package/docs/guides/openapi-overlays.mdx +492 -0
  369. package/docs/guides/overview.mdx +12 -0
  370. package/docs/guides/user-based-backend-routing.mdx +437 -0
  371. package/docs/handlers/aws-lambda.mdx +201 -0
  372. package/docs/handlers/custom-handler.mdx +112 -0
  373. package/docs/handlers/legacy-dev-portal-handler.mdx +135 -0
  374. package/docs/handlers/mcp-server.mdx +730 -0
  375. package/docs/handlers/openapi.mdx +78 -0
  376. package/docs/handlers/redirect.mdx +115 -0
  377. package/docs/handlers/system-handlers.mdx +41 -0
  378. package/docs/handlers/url-forward.mdx +204 -0
  379. package/docs/handlers/url-rewrite.mdx +224 -0
  380. package/docs/handlers/websocket-handler.mdx +154 -0
  381. package/docs/home.mdx +6 -0
  382. package/docs/managed-edge/overview.md +78 -0
  383. package/docs/mcp-server/configuration-migration-guide.mdx +344 -0
  384. package/docs/mcp-server/custom-tools.mdx +487 -0
  385. package/docs/mcp-server/graphql.mdx +241 -0
  386. package/docs/mcp-server/introduction.mdx +122 -0
  387. package/docs/mcp-server/openai-apps-sdk.mdx +160 -0
  388. package/docs/mcp-server/prompts.mdx +283 -0
  389. package/docs/mcp-server/resources.mdx +288 -0
  390. package/docs/mcp-server/testing.mdx +53 -0
  391. package/docs/mcp-server/tools.mdx +306 -0
  392. package/docs/policies/_index.md +92 -0
  393. package/docs/policies/ab-test-inbound/intro.md +8 -0
  394. package/docs/policies/ab-test-inbound/policy.ts +14 -0
  395. package/docs/policies/ab-test-inbound/schema.json +27 -0
  396. package/docs/policies/ab-test-outbound/intro.md +8 -0
  397. package/docs/policies/ab-test-outbound/policy.ts +26 -0
  398. package/docs/policies/ab-test-outbound/schema.json +27 -0
  399. package/docs/policies/acl-policy-inbound/intro.md +5 -0
  400. package/docs/policies/acl-policy-inbound/policy.ts +32 -0
  401. package/docs/policies/acl-policy-inbound/schema.json +52 -0
  402. package/docs/policies/akamai-ai-firewall/schema.json +98 -0
  403. package/docs/policies/amberflo-metering-inbound/doc.md +183 -0
  404. package/docs/policies/amberflo-metering-inbound/intro.md +20 -0
  405. package/docs/policies/amberflo-metering-inbound/schema.json +108 -0
  406. package/docs/policies/api-key-inbound/doc.md +77 -0
  407. package/docs/policies/api-key-inbound/intro.md +30 -0
  408. package/docs/policies/api-key-inbound/schema.json +84 -0
  409. package/docs/policies/archive-request-aws-s3-inbound/intro.md +4 -0
  410. package/docs/policies/archive-request-aws-s3-inbound/policy.ts +58 -0
  411. package/docs/policies/archive-request-aws-s3-inbound/schema.json +68 -0
  412. package/docs/policies/archive-request-azure-storage-inbound/doc.md +31 -0
  413. package/docs/policies/archive-request-azure-storage-inbound/intro.md +4 -0
  414. package/docs/policies/archive-request-azure-storage-inbound/policy.ts +54 -0
  415. package/docs/policies/archive-request-azure-storage-inbound/schema.json +53 -0
  416. package/docs/policies/archive-request-gcp-storage-inbound/doc.md +63 -0
  417. package/docs/policies/archive-request-gcp-storage-inbound/intro.md +4 -0
  418. package/docs/policies/archive-request-gcp-storage-inbound/policy.ts +68 -0
  419. package/docs/policies/archive-request-gcp-storage-inbound/schema.json +47 -0
  420. package/docs/policies/archive-response-aws-s3-outbound/intro.md +2 -0
  421. package/docs/policies/archive-response-aws-s3-outbound/policy.ts +59 -0
  422. package/docs/policies/archive-response-aws-s3-outbound/schema.json +68 -0
  423. package/docs/policies/archive-response-azure-storage-outbound/doc.md +31 -0
  424. package/docs/policies/archive-response-azure-storage-outbound/intro.md +3 -0
  425. package/docs/policies/archive-response-azure-storage-outbound/policy.ts +54 -0
  426. package/docs/policies/archive-response-azure-storage-outbound/schema.json +53 -0
  427. package/docs/policies/audit-log-inbound/doc.md +78 -0
  428. package/docs/policies/audit-log-inbound/intro.md +10 -0
  429. package/docs/policies/audit-log-inbound/schema.json +81 -0
  430. package/docs/policies/auth0-jwt-auth-inbound/doc.md +125 -0
  431. package/docs/policies/auth0-jwt-auth-inbound/intro.md +17 -0
  432. package/docs/policies/auth0-jwt-auth-inbound/schema.json +74 -0
  433. package/docs/policies/authzen-inbound/doc.md +24 -0
  434. package/docs/policies/authzen-inbound/intro.md +31 -0
  435. package/docs/policies/authzen-inbound/schema.json +126 -0
  436. package/docs/policies/axiomatics-authz-inbound/doc.md +144 -0
  437. package/docs/policies/axiomatics-authz-inbound/intro.md +11 -0
  438. package/docs/policies/axiomatics-authz-inbound/schema.json +161 -0
  439. package/docs/policies/basic-auth-inbound/intro.md +9 -0
  440. package/docs/policies/basic-auth-inbound/schema.json +99 -0
  441. package/docs/policies/bot-detection-inbound/intro.md +4 -0
  442. package/docs/policies/bot-detection-inbound/schema.json +56 -0
  443. package/docs/policies/brownout-inbound/doc.md +55 -0
  444. package/docs/policies/brownout-inbound/intro.md +12 -0
  445. package/docs/policies/brownout-inbound/schema.json +115 -0
  446. package/docs/policies/caching-inbound/doc.md +209 -0
  447. package/docs/policies/caching-inbound/intro.md +23 -0
  448. package/docs/policies/caching-inbound/schema.json +98 -0
  449. package/docs/policies/change-method-inbound/schema.json +56 -0
  450. package/docs/policies/clear-headers-inbound/schema.json +59 -0
  451. package/docs/policies/clear-headers-outbound/schema.json +59 -0
  452. package/docs/policies/clerk-jwt-auth-inbound/doc.md +85 -0
  453. package/docs/policies/clerk-jwt-auth-inbound/intro.md +4 -0
  454. package/docs/policies/clerk-jwt-auth-inbound/schema.json +68 -0
  455. package/docs/policies/cognito-jwt-auth-inbound/intro.md +7 -0
  456. package/docs/policies/cognito-jwt-auth-inbound/schema.json +74 -0
  457. package/docs/policies/comet-opik-tracing-inbound/schema.json +65 -0
  458. package/docs/policies/complex-rate-limit-inbound/doc.md +20 -0
  459. package/docs/policies/complex-rate-limit-inbound/intro.md +23 -0
  460. package/docs/policies/complex-rate-limit-inbound/schema.json +142 -0
  461. package/docs/policies/composite-inbound/doc.md +69 -0
  462. package/docs/policies/composite-inbound/intro.md +15 -0
  463. package/docs/policies/composite-inbound/schema.json +59 -0
  464. package/docs/policies/composite-outbound/intro.md +6 -0
  465. package/docs/policies/composite-outbound/schema.json +59 -0
  466. package/docs/policies/curity-phantom-token-inbound/doc.md +109 -0
  467. package/docs/policies/curity-phantom-token-inbound/intro.md +3 -0
  468. package/docs/policies/curity-phantom-token-inbound/schema.json +68 -0
  469. package/docs/policies/custom-code-inbound/doc.md +267 -0
  470. package/docs/policies/custom-code-inbound/intro.md +2 -0
  471. package/docs/policies/custom-code-inbound/schema.json +48 -0
  472. package/docs/policies/custom-code-outbound/doc.md +235 -0
  473. package/docs/policies/custom-code-outbound/intro.md +2 -0
  474. package/docs/policies/custom-code-outbound/schema.json +43 -0
  475. package/docs/policies/firebase-jwt-inbound/intro.md +6 -0
  476. package/docs/policies/firebase-jwt-inbound/schema.json +68 -0
  477. package/docs/policies/formdata-to-json-inbound/schema.json +60 -0
  478. package/docs/policies/galileo-tracing-inbound/schema.json +65 -0
  479. package/docs/policies/geo-filter-inbound/doc.md +33 -0
  480. package/docs/policies/geo-filter-inbound/schema.json +108 -0
  481. package/docs/policies/graphql-complexity-limit-inbound/doc.md +48 -0
  482. package/docs/policies/graphql-complexity-limit-inbound/intro.md +2 -0
  483. package/docs/policies/graphql-complexity-limit-inbound/schema.json +90 -0
  484. package/docs/policies/graphql-disable-introspection-inbound/doc.md +66 -0
  485. package/docs/policies/graphql-disable-introspection-inbound/intro.md +15 -0
  486. package/docs/policies/graphql-disable-introspection-inbound/schema.json +48 -0
  487. package/docs/policies/graphql-introspection-filter-outbound/doc.md +148 -0
  488. package/docs/policies/graphql-introspection-filter-outbound/schema.json +79 -0
  489. package/docs/policies/hmac-auth-inbound/doc.md +30 -0
  490. package/docs/policies/hmac-auth-inbound/intro.md +10 -0
  491. package/docs/policies/hmac-auth-inbound/policy.ts +70 -0
  492. package/docs/policies/hmac-auth-inbound/schema.json +53 -0
  493. package/docs/policies/http-deprecation-outbound/doc.md +73 -0
  494. package/docs/policies/http-deprecation-outbound/schema.json +83 -0
  495. package/docs/policies/ip-restriction-inbound/intro.md +8 -0
  496. package/docs/policies/ip-restriction-inbound/policy.ts +40 -0
  497. package/docs/policies/ip-restriction-inbound/schema.json +58 -0
  498. package/docs/policies/jwt-scopes-inbound/schema.json +59 -0
  499. package/docs/policies/ldap-auth-inbound/schema.json +56 -0
  500. package/docs/policies/mock-api-inbound/schema.json +72 -0
  501. package/docs/policies/moesif-inbound/doc.md +44 -0
  502. package/docs/policies/moesif-inbound/intro.md +6 -0
  503. package/docs/policies/moesif-inbound/schema.json +68 -0
  504. package/docs/policies/monetization-inbound/doc.md +87 -0
  505. package/docs/policies/monetization-inbound/intro.md +6 -0
  506. package/docs/policies/monetization-inbound/schema.json +102 -0
  507. package/docs/policies/mtls-auth-inbound/intro.md +6 -0
  508. package/docs/policies/mtls-auth-inbound/schema.json +68 -0
  509. package/docs/policies/okta-fga-authz-inbound/doc.md +181 -0
  510. package/docs/policies/okta-fga-authz-inbound/intro.md +20 -0
  511. package/docs/policies/okta-fga-authz-inbound/schema.json +104 -0
  512. package/docs/policies/okta-jwt-auth-inbound/intro.md +7 -0
  513. package/docs/policies/okta-jwt-auth-inbound/schema.json +74 -0
  514. package/docs/policies/open-id-jwt-auth-inbound/doc.md +58 -0
  515. package/docs/policies/open-id-jwt-auth-inbound/intro.md +30 -0
  516. package/docs/policies/open-id-jwt-auth-inbound/schema.json +128 -0
  517. package/docs/policies/openfga-authz-inbound/doc.md +207 -0
  518. package/docs/policies/openfga-authz-inbound/intro.md +17 -0
  519. package/docs/policies/openfga-authz-inbound/schema.json +191 -0
  520. package/docs/policies/openmeter-inbound/doc.md +163 -0
  521. package/docs/policies/openmeter-inbound/intro.md +18 -0
  522. package/docs/policies/openmeter-inbound/schema.json +183 -0
  523. package/docs/policies/prompt-injection-outbound/doc.md +106 -0
  524. package/docs/policies/prompt-injection-outbound/intro.md +4 -0
  525. package/docs/policies/prompt-injection-outbound/schema.json +74 -0
  526. package/docs/policies/propel-auth-jwt-inbound/doc.md +88 -0
  527. package/docs/policies/propel-auth-jwt-inbound/intro.md +4 -0
  528. package/docs/policies/propel-auth-jwt-inbound/schema.json +74 -0
  529. package/docs/policies/query-param-to-header-inbound/doc.md +70 -0
  530. package/docs/policies/query-param-to-header-inbound/intro.md +5 -0
  531. package/docs/policies/query-param-to-header-inbound/schema.json +74 -0
  532. package/docs/policies/quota-inbound/doc.md +235 -0
  533. package/docs/policies/quota-inbound/intro.md +7 -0
  534. package/docs/policies/quota-inbound/schema.json +133 -0
  535. package/docs/policies/rate-limit-inbound/doc.md +78 -0
  536. package/docs/policies/rate-limit-inbound/intro.md +30 -0
  537. package/docs/policies/rate-limit-inbound/schema.json +134 -0
  538. package/docs/policies/rbac-policy-inbound/intro.md +3 -0
  539. package/docs/policies/rbac-policy-inbound/policy.ts +42 -0
  540. package/docs/policies/rbac-policy-inbound/schema.json +52 -0
  541. package/docs/policies/readme-metrics-inbound/doc.md +1 -0
  542. package/docs/policies/readme-metrics-inbound/intro.md +3 -0
  543. package/docs/policies/readme-metrics-inbound/schema.json +84 -0
  544. package/docs/policies/remove-headers-inbound/schema.json +59 -0
  545. package/docs/policies/remove-headers-outbound/schema.json +59 -0
  546. package/docs/policies/remove-query-params-inbound/schema.json +59 -0
  547. package/docs/policies/replace-string-outbound/schema.json +69 -0
  548. package/docs/policies/request-size-limit-inbound/schema.json +60 -0
  549. package/docs/policies/request-validation-inbound/doc.md +72 -0
  550. package/docs/policies/request-validation-inbound/intro.md +24 -0
  551. package/docs/policies/request-validation-inbound/schema.json +98 -0
  552. package/docs/policies/require-origin-inbound/intro.md +12 -0
  553. package/docs/policies/require-origin-inbound/schema.json +65 -0
  554. package/docs/policies/secret-masking-outbound/doc.md +41 -0
  555. package/docs/policies/secret-masking-outbound/intro.md +13 -0
  556. package/docs/policies/secret-masking-outbound/schema.json +65 -0
  557. package/docs/policies/semantic-cache-inbound/doc.md +63 -0
  558. package/docs/policies/semantic-cache-inbound/intro.md +4 -0
  559. package/docs/policies/semantic-cache-inbound/schema.json +179 -0
  560. package/docs/policies/set-body-inbound/intro.md +7 -0
  561. package/docs/policies/set-body-inbound/schema.json +56 -0
  562. package/docs/policies/set-headers-inbound/doc.md +41 -0
  563. package/docs/policies/set-headers-inbound/intro.md +2 -0
  564. package/docs/policies/set-headers-inbound/schema.json +83 -0
  565. package/docs/policies/set-headers-outbound/schema.json +83 -0
  566. package/docs/policies/set-query-params-inbound/schema.json +83 -0
  567. package/docs/policies/set-status-outbound/schema.json +62 -0
  568. package/docs/policies/sleep-inbound/schema.json +56 -0
  569. package/docs/policies/stripe-webhook-verification-inbound/intro.md +2 -0
  570. package/docs/policies/stripe-webhook-verification-inbound/schema.json +60 -0
  571. package/docs/policies/supabase-jwt-auth-inbound/doc.md +29 -0
  572. package/docs/policies/supabase-jwt-auth-inbound/intro.md +12 -0
  573. package/docs/policies/supabase-jwt-auth-inbound/schema.json +86 -0
  574. package/docs/policies/transform-body-inbound/intro.md +8 -0
  575. package/docs/policies/transform-body-inbound/policy.ts +16 -0
  576. package/docs/policies/transform-body-inbound/schema.json +27 -0
  577. package/docs/policies/transform-body-outbound/intro.md +8 -0
  578. package/docs/policies/transform-body-outbound/policy.ts +19 -0
  579. package/docs/policies/transform-body-outbound/schema.json +27 -0
  580. package/docs/policies/upstream-azure-ad-service-auth-inbound/doc.md +82 -0
  581. package/docs/policies/upstream-azure-ad-service-auth-inbound/intro.md +20 -0
  582. package/docs/policies/upstream-azure-ad-service-auth-inbound/schema.json +84 -0
  583. package/docs/policies/upstream-firebase-admin-auth-inbound/intro.md +10 -0
  584. package/docs/policies/upstream-firebase-admin-auth-inbound/schema.json +68 -0
  585. package/docs/policies/upstream-firebase-user-auth-inbound/intro.md +2 -0
  586. package/docs/policies/upstream-firebase-user-auth-inbound/schema.json +113 -0
  587. package/docs/policies/upstream-gcp-federated-auth-inbound/doc.md +139 -0
  588. package/docs/policies/upstream-gcp-federated-auth-inbound/intro.md +21 -0
  589. package/docs/policies/upstream-gcp-federated-auth-inbound/schema.json +96 -0
  590. package/docs/policies/upstream-gcp-jwt-inbound/intro.md +10 -0
  591. package/docs/policies/upstream-gcp-jwt-inbound/schema.json +62 -0
  592. package/docs/policies/upstream-gcp-service-auth-inbound/doc.md +132 -0
  593. package/docs/policies/upstream-gcp-service-auth-inbound/intro.md +25 -0
  594. package/docs/policies/upstream-gcp-service-auth-inbound/schema.json +95 -0
  595. package/docs/policies/upstream-zuplo-jwt-auth-inbound/doc.md +213 -0
  596. package/docs/policies/upstream-zuplo-jwt-auth-inbound/intro.md +16 -0
  597. package/docs/policies/upstream-zuplo-jwt-auth-inbound/schema.json +101 -0
  598. package/docs/policies/validate-json-schema-inbound/doc.md +129 -0
  599. package/docs/policies/validate-json-schema-inbound/intro.md +7 -0
  600. package/docs/policies/validate-json-schema-inbound/schema.json +56 -0
  601. package/docs/policies/web-bot-auth-inbound/doc.md +104 -0
  602. package/docs/policies/web-bot-auth-inbound/intro.md +16 -0
  603. package/docs/policies/web-bot-auth-inbound/schema.json +76 -0
  604. package/docs/policies/xml-to-json-outbound/doc.md +71 -0
  605. package/docs/policies/xml-to-json-outbound/intro.md +4 -0
  606. package/docs/policies/xml-to-json-outbound/schema.json +117 -0
  607. package/docs/programmable-api/audit-log.mdx +74 -0
  608. package/docs/programmable-api/background-dispatcher.mdx +124 -0
  609. package/docs/programmable-api/background-loader.mdx +104 -0
  610. package/docs/programmable-api/cache.mdx +186 -0
  611. package/docs/programmable-api/compatibility-dates.mdx +201 -0
  612. package/docs/programmable-api/console-logging.mdx +48 -0
  613. package/docs/programmable-api/context-data.mdx +127 -0
  614. package/docs/programmable-api/custom-cors-policy.mdx +64 -0
  615. package/docs/programmable-api/environment.mdx +328 -0
  616. package/docs/programmable-api/hooks.mdx +569 -0
  617. package/docs/programmable-api/http-problems.mdx +385 -0
  618. package/docs/programmable-api/jwt-service-plugin.mdx +420 -0
  619. package/docs/programmable-api/logger.mdx +223 -0
  620. package/docs/programmable-api/memory-zone-read-through-cache.mdx +96 -0
  621. package/docs/programmable-api/node-modules.mdx +67 -0
  622. package/docs/programmable-api/not-found-handler.mdx +47 -0
  623. package/docs/programmable-api/oauth-protected-resource-plugin.mdx +46 -0
  624. package/docs/programmable-api/overview.mdx +213 -0
  625. package/docs/programmable-api/problem-response-formatter.mdx +183 -0
  626. package/docs/programmable-api/request-user.mdx +289 -0
  627. package/docs/programmable-api/reusing-code.mdx +26 -0
  628. package/docs/programmable-api/route-raw.mdx +55 -0
  629. package/docs/programmable-api/runtime-behaviors.mdx +25 -0
  630. package/docs/programmable-api/runtime-errors.mdx +246 -0
  631. package/docs/programmable-api/runtime-extensions.mdx +340 -0
  632. package/docs/programmable-api/safely-clone-a-request-or-response.mdx +57 -0
  633. package/docs/programmable-api/streaming-zone-cache.mdx +155 -0
  634. package/docs/programmable-api/web-crypto-apis.mdx +219 -0
  635. package/docs/programmable-api/web-standard-apis.mdx +109 -0
  636. package/docs/programmable-api/zone-cache.mdx +131 -0
  637. package/docs/programmable-api/zp-body-removed.mdx +32 -0
  638. package/docs/programmable-api/zuplo-context.mdx +414 -0
  639. package/docs/programmable-api/zuplo-id-token.mdx +90 -0
  640. package/docs/programmable-api/zuplo-json.mdx +91 -0
  641. package/docs/programmable-api/zuplo-request.mdx +200 -0
  642. package/docs/sample-apis.mdx +78 -0
  643. package/docs/self-hosted/overview.md +60 -0
  644. package/package.json +6 -5
@@ -0,0 +1,148 @@
1
+ This policy filters GraphQL introspection responses to selectively hide types
2
+ and fields from your schema. It intercepts introspection query responses and
3
+ removes configured types and fields, allowing you to expose a subset of your
4
+ GraphQL schema to external clients (like MCP servers or AI agents).
5
+
6
+ ### How It Works
7
+
8
+ The policy processes responses from GraphQL introspection queries, which are
9
+ typically made by GraphQL clients and development tools to discover your API's
10
+ schema structure. When an introspection response is detected (containing
11
+ `__schema` as a top level key), the policy filters out:
12
+
13
+ - Entire types specified in `excludeTypes`
14
+ - Specific fields on types specified in `excludeTypeFields`
15
+
16
+ This allows you to hide internal types, sensitive fields, or admin-only
17
+ operations from public consumers while keeping them available for internal use.
18
+
19
+ ### Policy Configuration
20
+
21
+ Configure the policy with optional `excludeTypes` and `excludeTypeFields`
22
+ options:
23
+
24
+ ```json
25
+ {
26
+ "name": "filter-introspection",
27
+ "policyType": "graphql-introspection-filter-outbound",
28
+ "handler": {
29
+ "export": "GraphQLIntrospectionFilterOutboundPolicy",
30
+ "module": "$import(@zuplo/graphql)",
31
+ "options": {
32
+ "excludeTypes": ["UserInternal", "AdminType", "DebugInfo"],
33
+ "excludeTypeFields": {
34
+ "User": ["password", "ssn"],
35
+ "Query": ["adminUsers", "debugInfo"]
36
+ }
37
+ }
38
+ }
39
+ }
40
+ ```
41
+
42
+ ### Configuration Options
43
+
44
+ - **excludeTypes** (optional): Array of GraphQL type names to completely remove
45
+ from the schema. Types must match exactly.
46
+
47
+ - **excludeTypeFields** (optional): Object mapping type names to arrays of field
48
+ names to remove. Only specified fields on the given types will be filtered.
49
+
50
+ ### Usage Examples
51
+
52
+ #### Hiding Internal Types
53
+
54
+ Remove internal implementation types from the public schema:
55
+
56
+ ```json
57
+ {
58
+ "name": "hide-internal-types",
59
+ "policyType": "graphql-introspection-filter-outbound",
60
+ "handler": {
61
+ "export": "GraphQLIntrospectionFilterOutboundPolicy",
62
+ "module": "$import(@zuplo/graphql)",
63
+ "options": {
64
+ "excludeTypes": ["InternalMetadata", "DebugInfo", "SystemStatus"]
65
+ }
66
+ }
67
+ }
68
+ ```
69
+
70
+ #### Filtering Sensitive Fields
71
+
72
+ Hide sensitive fields like passwords and admin operations:
73
+
74
+ ```json
75
+ {
76
+ "name": "filter-sensitive-fields",
77
+ "policyType": "graphql-introspection-filter-outbound",
78
+ "handler": {
79
+ "export": "GraphQLIntrospectionFilterOutboundPolicy",
80
+ "module": "$import(@zuplo/graphql)",
81
+ "options": {
82
+ "excludeTypeFields": {
83
+ "User": ["password", "ssn", "creditCard"],
84
+ "Query": ["adminUsers", "systemDiagnostics"],
85
+ "Mutation": ["deleteAllUsers", "resetDatabase"]
86
+ }
87
+ }
88
+ }
89
+ }
90
+ ```
91
+
92
+ #### Complete Example with URL Rewrite
93
+
94
+ Apply filtering on a route that forwards to a GraphQL endpoint:
95
+
96
+ ```json
97
+ {
98
+ "paths": {
99
+ "/graphql": {
100
+ "x-zuplo-path": {
101
+ "pathMode": "open-api"
102
+ },
103
+ "post": {
104
+ "summary": "GraphQL API",
105
+ "x-zuplo-route": {
106
+ "corsPolicy": "anything-goes",
107
+ "handler": {
108
+ "export": "urlRewriteHandler",
109
+ "module": "$import(@zuplo/runtime)",
110
+ "options": {
111
+ "rewritePattern": "https://api.example.com/graphql"
112
+ }
113
+ },
114
+ "policies": {
115
+ "outbound": ["filter-introspection"]
116
+ }
117
+ },
118
+ "responses": {}
119
+ }
120
+ }
121
+ }
122
+ }
123
+ ```
124
+
125
+ ### Important Notes
126
+
127
+ - This policy only filters introspection responses - it does not enforce
128
+ authorization on the actual GraphQL operations. You must still implement
129
+ proper authorization in your GraphQL resolvers.
130
+ - If a client tries to query a filtered field or type directly, that will be
131
+ handled by your GraphQL server's validation, not by this policy.
132
+ - The policy only processes successful (200 OK) JSON responses that contain
133
+ `__schema` in the response body.
134
+ - If the response cannot be parsed as JSON or is not an introspection response,
135
+ the original response is returned unchanged.
136
+ - Non-introspection GraphQL queries and mutations pass through without
137
+ modification.
138
+
139
+ ### Security Considerations
140
+
141
+ - Filtering introspection is a form of security through obscurity - always
142
+ implement proper authentication and authorization at the resolver level
143
+ - Consider combining this policy with authentication policies to control who can
144
+ access your GraphQL endpoint
145
+ - Use this policy to reduce information disclosure about your API's internal
146
+ structure, but don't rely on it as your only security measure
147
+ - Keep in mind that determined attackers may still discover hidden fields
148
+ through other means
@@ -0,0 +1,79 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft-07/schema",
3
+ "$id": "http://zuplo.com/schemas/policies/auth0-jwt-auth-inbound.json",
4
+ "type": "object",
5
+ "title": "GraphQL Introspection Filter",
6
+ "isDeprecated": false,
7
+ "isPaidAddOn": false,
8
+ "isEnterprise": false,
9
+ "isInternal": false,
10
+ "isBeta": false,
11
+ "isHidden": false,
12
+ "products": ["api-gateway"],
13
+ "description": "Filters GraphQL introspection responses to exclude specific types and fields.\n\nThis policy intercepts GraphQL introspection query responses and removes configured types and fields from the schema. Useful for hiding internal types or sensitive fields from the public schema.",
14
+ "deprecatedMessage": "",
15
+ "required": ["handler"],
16
+ "properties": {
17
+ "handler": {
18
+ "type": "object",
19
+ "default": {},
20
+ "required": ["export", "module", "options"],
21
+ "properties": {
22
+ "export": {
23
+ "const": "GraphQLIntrospectionFilterOutboundPolicy",
24
+ "description": "The name of the exported type"
25
+ },
26
+ "module": {
27
+ "const": "$import(@zuplo/graphql)",
28
+ "description": "The module containing the policy"
29
+ },
30
+ "options": {
31
+ "title": "GraphQLIntrospectionFilterOutboundPolicyOptions",
32
+ "type": "object",
33
+ "description": "The options for the GraphQL introspection filtering outbound policy.",
34
+ "required": [],
35
+ "additionalProperties": false,
36
+ "properties": {
37
+ "excludeTypes": {
38
+ "type": "array",
39
+ "items": {
40
+ "type": "string"
41
+ },
42
+ "description": "GraphQL Types to exclude from the schema (exact match).",
43
+ "examples": ["UserInternal", "Admin", "DebugInfo"]
44
+ },
45
+ "excludeTypeFields": {
46
+ "type": "object",
47
+ "additionalProperties": {
48
+ "type": "array",
49
+ "items": {
50
+ "type": "string"
51
+ }
52
+ },
53
+ "description": "Fields on specific GraphQL Types to exclude.",
54
+ "examples": [
55
+ {
56
+ "User": ["password", "email"],
57
+ "Query": ["adminUsers"]
58
+ }
59
+ ]
60
+ }
61
+ }
62
+ }
63
+ },
64
+ "examples": [
65
+ {
66
+ "export": "GraphQLIntrospectionFilterOutboundPolicy",
67
+ "module": "$import(@zuplo/graphql)",
68
+ "options": {
69
+ "excludeTypeFields": {
70
+ "User": ["password", "email"],
71
+ "Query": ["adminUsers"]
72
+ },
73
+ "excludeTypes": "UserInternal"
74
+ }
75
+ }
76
+ ]
77
+ }
78
+ }
79
+ }
@@ -0,0 +1,30 @@
1
+ The example below demonstrates how you could sign a value in order to create an
2
+ HMAC signature for use with this policy.
3
+
4
+ ```ts
5
+ const token = await sign("my data", environment.MY_SECRET);
6
+
7
+ async function sign(
8
+ key: string | ArrayBuffer,
9
+ val: string,
10
+ ): Promise<ArrayBuffer> {
11
+ const encoder = new TextEncoder();
12
+ const cryptoKey = await crypto.subtle.importKey(
13
+ "raw",
14
+ typeof key === "string" ? encoder.encode(key) : key,
15
+ { name: "HMAC", hash: { name: "SHA-256" } },
16
+ false,
17
+ ["sign"],
18
+ );
19
+ const token = await crypto.subtle.sign(
20
+ "HMAC",
21
+ cryptoKey,
22
+ encoder.encode(val),
23
+ );
24
+ return Array.prototype.map
25
+ .call(new Uint8Array(token), function (x) {
26
+ return ("0" + x.toString(16)).slice(-2);
27
+ })
28
+ .join("");
29
+ }
30
+ ```
@@ -0,0 +1,10 @@
1
+ This example policy demonstrates how to use a shared secret to create an
2
+ [HMAC](https://en.wikipedia.org/wiki/HMAC) signature to sign a payload (in this
3
+ case the body). When the request is sent, the signature is sent in the request
4
+ header. The policy can then verify that the signature matches the payload - thus
5
+ ensuring that the sender had the same shared secret.
6
+
7
+ This policy is configured with the value of the `secret`. Normally, you would
8
+ store this as an environment variable secret. Additionally, the policy option
9
+ `headerName` is used to set the header that will be used by the client to send
10
+ the signature.
@@ -0,0 +1,70 @@
1
+ import { HttpProblems, ZuploContext, ZuploRequest } from "@zuplo/runtime";
2
+
3
+ interface PolicyOptions {
4
+ secret: string;
5
+ headerName: string;
6
+ }
7
+
8
+ export default async function (
9
+ request: ZuploRequest,
10
+ context: ZuploContext,
11
+ options: PolicyOptions,
12
+ policyName: string,
13
+ ) {
14
+ // Validate the policy options
15
+ if (typeof options.secret !== "string") {
16
+ throw new Error(
17
+ `The option 'secret' on policy '${policyName}' must be a string. Received ${typeof options.secret}.`,
18
+ );
19
+ }
20
+ if (typeof options.headerName !== "string") {
21
+ throw new Error(
22
+ `The option 'headerName' on policy '${policyName}' must be a string. Received ${typeof options.headerName}.`,
23
+ );
24
+ }
25
+
26
+ // Get the authorization header
27
+ const token = request.headers.get(options.headerName);
28
+
29
+ // No auth header, unauthorized
30
+ if (!token) {
31
+ return HttpProblems.unauthorized(request, context);
32
+ }
33
+
34
+ // Convert the hex encoded token to an Uint8Array
35
+ const tokenData = new Uint8Array(
36
+ token.match(/../g)!.map((h) => parseInt(h, 16)),
37
+ );
38
+
39
+ // Get the data to verify
40
+ // This could be anything (headers, query parameter, etc.)
41
+ // For this example, we will just verify the entire body value
42
+ const data = await request.text();
43
+
44
+ // Create a crypto key from a secret stored as an environment variable
45
+ const encoder = new TextEncoder();
46
+ const encodedSecret = encoder.encode(options.secret);
47
+ const key = await crypto.subtle.importKey(
48
+ "raw",
49
+ encodedSecret,
50
+ { name: "HMAC", hash: "SHA-256" },
51
+ false,
52
+ ["verify"],
53
+ );
54
+
55
+ // Verify that the data
56
+ const verified = await crypto.subtle.verify(
57
+ "HMAC",
58
+ key,
59
+ tokenData,
60
+ encoder.encode(data),
61
+ );
62
+
63
+ // Check if the data is verified, if not return unauthorized
64
+ if (!verified) {
65
+ return HttpProblems.unauthorized(request, context);
66
+ }
67
+
68
+ // Request is authorized, continue
69
+ return request;
70
+ }
@@ -0,0 +1,53 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft-07/schema",
3
+ "$id": "http://zuplo.com/schemas/policies/hmac-auth-inbound.json",
4
+ "type": "object",
5
+ "title": "HMAC Auth",
6
+ "isCustom": true,
7
+ "products": ["api-gateway"],
8
+ "description": "Authenticate requests using the HMAC-SHA256 authentication scheme.",
9
+ "required": ["handler"],
10
+ "properties": {
11
+ "handler": {
12
+ "type": "object",
13
+ "default": {},
14
+ "required": ["export", "module", "options"],
15
+ "properties": {
16
+ "export": {
17
+ "const": "default",
18
+ "description": "The export from the custom policy"
19
+ },
20
+ "module": {
21
+ "const": "$import(./modules/YOUR_MODULE)",
22
+ "description": "The module containing the policy"
23
+ },
24
+ "options": {
25
+ "type": "object",
26
+ "description": "The options for this policy",
27
+ "required": ["secret", "headerName"],
28
+ "properties": {
29
+ "secret": {
30
+ "type": "string",
31
+ "description": "The secret to use for HMAC authentication"
32
+ },
33
+ "headerName": {
34
+ "type": "string",
35
+ "description": "The header where the HMAC signature is send"
36
+ }
37
+ }
38
+ }
39
+ },
40
+ "examples": [
41
+ {
42
+ "_name": "basic",
43
+ "export": "default",
44
+ "module": "$import(./modules/YOUR_MODULE)",
45
+ "options": {
46
+ "secret": "$env(MY_SECRET)",
47
+ "headerName": "signed-request"
48
+ }
49
+ }
50
+ ]
51
+ }
52
+ }
53
+ }
@@ -0,0 +1,73 @@
1
+ This policy adds HTTP deprecation headers to outgoing responses following the
2
+ [IETF HTTP Deprecation Header](https://datatracker.ietf.org/doc/html/draft-ietf-httpapi-deprecation-header)
3
+ standard. It supports the `Deprecation`, `Sunset`, and `Link` headers to signal
4
+ to API consumers that an endpoint is deprecated.
5
+
6
+ ## Configuration
7
+
8
+ - `deprecation` **(required)**: The deprecation value. Use `true` to indicate
9
+ the endpoint is already deprecated, an ISO 8601 date string with timezone
10
+ offset (e.g. `"2024-12-31T23:59:59Z"`) for a specific deprecation date, or a
11
+ Unix timestamp number.
12
+ - `sunset`: An ISO 8601 date string with timezone offset indicating when the
13
+ endpoint will be removed. Sets the `Sunset` header.
14
+ - `link`: A URL to documentation about the deprecation or a migration guide.
15
+ Sets the `Link` header.
16
+
17
+ ## Usage
18
+
19
+ Apply this policy to outbound responses in your route configuration:
20
+
21
+ ```json
22
+ {
23
+ "policies": [
24
+ {
25
+ "name": "http-deprecation-policy",
26
+ "policyType": "http-deprecation-outbound",
27
+ "handler": {
28
+ "export": "HttpDeprecationOutboundPolicy",
29
+ "module": "$import(@zuplo/runtime)",
30
+ "options": {
31
+ "deprecation": "2025-01-15T00:00:00Z",
32
+ "sunset": "2025-06-30T23:59:59Z",
33
+ "link": "https://example.com/docs/v2-migration"
34
+ }
35
+ }
36
+ }
37
+ ]
38
+ }
39
+ ```
40
+
41
+ If the endpoint is already deprecated and you don't need a specific date, you
42
+ can set `deprecation` to `true`:
43
+
44
+ ```json
45
+ {
46
+ "policies": [
47
+ {
48
+ "name": "http-deprecation-policy",
49
+ "policyType": "http-deprecation-outbound",
50
+ "handler": {
51
+ "export": "HttpDeprecationOutboundPolicy",
52
+ "module": "$import(@zuplo/runtime)",
53
+ "options": {
54
+ "deprecation": true,
55
+ "link": "https://example.com/docs/v2-migration"
56
+ }
57
+ }
58
+ }
59
+ ]
60
+ }
61
+ ```
62
+
63
+ ## Response Headers
64
+
65
+ Based on the configuration above, the policy sets the following headers on the
66
+ response:
67
+
68
+ - **`Deprecation`** - Set to the string `"true"` when input is `true`, an
69
+ HTTP-date when input is an ISO 8601 string, or an RFC 9651 timestamp
70
+ (`@epoch`) when input is a Unix timestamp number.
71
+ - **`Sunset`** - An HTTP-date indicating when the endpoint will be removed.
72
+ - **`Link`** - A link to deprecation documentation, formatted as
73
+ `<URL>; rel="deprecation"; type="text/html"`.
@@ -0,0 +1,83 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft-07/schema",
3
+ "$id": "http://zuplo.com/schemas/policies/auth0-jwt-auth-inbound.json",
4
+ "type": "object",
5
+ "title": "HTTP Deprecation",
6
+ "isDeprecated": false,
7
+ "isPaidAddOn": false,
8
+ "isEnterprise": false,
9
+ "isInternal": false,
10
+ "isBeta": false,
11
+ "isHidden": false,
12
+ "products": ["api-gateway"],
13
+ "description": "Sets HTTP deprecation headers on the outgoing response following the IETF HTTP Deprecation Header standard. Supports the Deprecation, Sunset, and Link headers.",
14
+ "deprecatedMessage": "",
15
+ "required": ["handler"],
16
+ "properties": {
17
+ "handler": {
18
+ "type": "object",
19
+ "default": {},
20
+ "required": ["export", "module", "options"],
21
+ "properties": {
22
+ "export": {
23
+ "const": "HttpDeprecationOutboundPolicy",
24
+ "description": "The name of the exported type"
25
+ },
26
+ "module": {
27
+ "const": "$import(@zuplo/runtime)",
28
+ "description": "The module containing the policy"
29
+ },
30
+ "options": {
31
+ "title": "HttpDeprecationOutboundPolicyOptions",
32
+ "type": "object",
33
+ "description": "The options for the HTTP Deprecation outbound policy.",
34
+ "additionalProperties": false,
35
+ "required": ["deprecation"],
36
+ "properties": {
37
+ "deprecation": {
38
+ "oneOf": [
39
+ {
40
+ "type": "boolean",
41
+ "const": true,
42
+ "description": "Set to true to indicate the endpoint is deprecated without a specific date."
43
+ },
44
+ {
45
+ "type": "string",
46
+ "description": "An ISO 8601 date string indicating when the endpoint was or will be deprecated. Converted to an HTTP-date in the header."
47
+ },
48
+ {
49
+ "type": "number",
50
+ "description": "A Unix timestamp indicating when the endpoint was or will be deprecated. Formatted as an RFC 9651 date in the header."
51
+ }
52
+ ],
53
+ "description": "The deprecation value. Use `true` for already deprecated, an ISO 8601 date string for a specific date, or a Unix timestamp number.",
54
+ "examples": [true, "2024-12-31T23:59:59Z", 1735689599]
55
+ },
56
+ "sunset": {
57
+ "type": "string",
58
+ "description": "An ISO 8601 date string indicating when the endpoint will be removed. Sets the Sunset header.",
59
+ "examples": ["2025-06-30T23:59:59Z"]
60
+ },
61
+ "link": {
62
+ "type": "string",
63
+ "format": "uri",
64
+ "description": "A URL to documentation about the deprecation or migration guide. Sets the Link header.",
65
+ "examples": ["https://example.com/docs/v2-migration"]
66
+ }
67
+ }
68
+ }
69
+ },
70
+ "examples": [
71
+ {
72
+ "export": "HttpDeprecationOutboundPolicy",
73
+ "module": "$import(@zuplo/runtime)",
74
+ "options": {
75
+ "deprecation": true,
76
+ "link": "https://example.com/docs/v2-migration",
77
+ "sunset": "2025-06-30T23:59:59Z"
78
+ }
79
+ }
80
+ ]
81
+ }
82
+ }
83
+ }
@@ -0,0 +1,8 @@
1
+ This custom policy allows you to specify a set of IP addresses that are allowed
2
+ or blocked from making requests on your API. This can be useful for adding
3
+ light-weight security to your API in non-critical scenarios. For example, if you
4
+ want to ensure only employees on your corporate VPN can't access development
5
+ environments.
6
+
7
+ Generally, this policy shouldn't be relied upon as the only security for
8
+ protecting sensitive workloads.
@@ -0,0 +1,40 @@
1
+ import { HttpProblems, ZuploContext, ZuploRequest } from "@zuplo/runtime";
2
+ import ipRangeCheck from "ip-range-check";
3
+
4
+ interface PolicyOptions {
5
+ allowedIpAddresses?: string[];
6
+ blockedIpAddresses?: string[];
7
+ }
8
+
9
+ export default async function (
10
+ request: ZuploRequest,
11
+ context: ZuploContext,
12
+ options: PolicyOptions,
13
+ policyName: string,
14
+ ) {
15
+ // TODO: Validate the policy options. Skipping in the example for brevity
16
+
17
+ // Get the incoming IP address
18
+ const ip = request.headers.get("true-client-ip");
19
+
20
+ // If the allowed IP addresses are set, then the incoming IP
21
+ // must be in that list
22
+ if (options.allowedIpAddresses) {
23
+ const allowed = ipRangeCheck(ip, options.allowedIpAddresses);
24
+ if (!allowed) {
25
+ return HttpProblems.unauthorized(request, context);
26
+ }
27
+ }
28
+
29
+ // If the blocked IP addresses are set, then the incoming IP
30
+ // can't be in that list
31
+ if (options.blockedIpAddresses) {
32
+ const blocked = ipRangeCheck(ip, options.allowedIpAddresses);
33
+ if (blocked) {
34
+ return HttpProblems.unauthorized(request, context);
35
+ }
36
+ }
37
+
38
+ // If we made it this far, the IP address is allowed, continue
39
+ return request;
40
+ }
@@ -0,0 +1,58 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft-07/schema",
3
+ "$id": "http://zuplo.com/schemas/policies/ip-restriction-inbound.json",
4
+ "type": "object",
5
+ "title": "IP Restriction",
6
+ "isCustom": true,
7
+ "products": ["api-gateway"],
8
+ "description": "Block or allow requests based on their IP address.",
9
+ "required": ["handler"],
10
+ "properties": {
11
+ "handler": {
12
+ "type": "object",
13
+ "default": {},
14
+ "required": ["export", "module", "options"],
15
+ "properties": {
16
+ "export": {
17
+ "const": "default",
18
+ "description": "The name of the exported type"
19
+ },
20
+ "module": {
21
+ "const": "$import(./modules/YOUR_MODULE)",
22
+ "description": "The module containing the policy"
23
+ },
24
+ "options": {
25
+ "type": "object",
26
+ "description": "The options for this policy",
27
+ "required": [],
28
+ "properties": {
29
+ "allowedIpAddresses": {
30
+ "type": "array",
31
+ "items": {
32
+ "type": "string"
33
+ },
34
+ "description": "The IP addresses or CIDR ranges to allow"
35
+ },
36
+ "blockedIpAddresses": {
37
+ "type": "array",
38
+ "items": {
39
+ "type": "string"
40
+ },
41
+ "description": "The IP addresses or CIDR ranges to allow"
42
+ }
43
+ }
44
+ }
45
+ },
46
+ "examples": [
47
+ {
48
+ "_name": "basic",
49
+ "export": "default",
50
+ "module": "$import(./modules/YOUR_MODULE)",
51
+ "options": {
52
+ "allowedIpAddresses": ["184.42.1.4", "102.1.5.2/24"]
53
+ }
54
+ }
55
+ ]
56
+ }
57
+ }
58
+ }