...
Parameter Name | Description | Default Value | Example |
---|---|---|---|
Label | Required. The name for the API policy. | JSON Validator | Task JSON Validator |
When this policy should be applied | An expression enabled field that determines the condition to be fulfilled for the API policy to execute. For example, if the value in this field is request.method == "POST", the API policy is executed only if the request method is a POST. | True | request.method == "POST" |
Signing Algorithm |
| RSA | ECDSA |
Key | The name of the custom header key. | ||
Extract into $token | Required. Specifies the location to find the key in the request. If one of the given locations is not found, this API policy will pass the request through to the next API policy. | ||
Custom Query String Parameter Keys | The names of the query parameters that can contain the key. If more than one name is given, they will all be checked. Click + to add more custom query string parameters. | ||
Authorization Header Type | If the key is in the Authorization header, this value is used as the “type” to check. | ||
Extract User Info* | Required. Specifies how to extract information about the user from the working object. | ||
User ID Expression | An expression that returns a string to be used as the user ID. | ||
Roles Expression | An expression that returns the list of roles for the user. | ||
Status | Indicates whether the API policy is enabled or disabled. | Enabled | Disabled |