Skip to main content

Parameters

See plugin common configurations for configuration options available to all plugins.

  • external_user_label_field

    string


    default: groups


    Key of the user labels when using an external identity provider for authentication.

    The key should be a JSONPath when the user labels are in a nested JSON object and a field name otherwise.

    The values to the key are expected to be in a string array and will be used for ACL tag matching.

  • external_user_label_field_key

    string


    Key of the user label field when external_user_label_field is a JSONPath. For example, if external_user_label_field is $.orgs..team, external_user_label_field_key should be configured to team.

  • external_user_label_field_parser

    string


    vaild vaule:

    segmented_text, json,or table


    Type of parser to parse for user labels.

    When user labels are in serialized JSON format, use the json parser to deserialize the JSON object to a structured list of strings. When user labels are delimited strings, use the segmented_text parser and configure the delimiter in external_user_label_field_separator to parse the strings into a structured list of strings. When user labels are in a list, use the table parser.

  • external_user_label_field_separator

    string


    Delimiter to use by parser when user labels are delimited; that is, when external_user_label_field_parser is segmented_text.

  • allow_labels

    object


    List of labels associated with a key that if present, the request should be allowed access.

    At least one of the allow_labels and deny_labels should be configured.

  • deny_labels

    object


    List of labels associated with a key that if present, the request should be denied access.

    At least one of the allow_labels and deny_labels should be configured.

  • rejected_code

    integer


    default: 403


    vaild vaule:

    greater or equal to 200


    HTTP status code to return when the request is rejected.

  • rejected_msg

    string


    default: The consumer is forbidden.


    Error message to return when the request is rejected.


API7.ai Logo

API Management for Modern Architectures with Edge, API Gateway, Kubernetes, and Service Mesh.

Product

API7 Cloud

SOC2 Type IIISO 27001HIPAAGDPRRed Herring

Copyright © APISEVEN Ltd. 2019 – 2024. Apache, Apache APISIX, APISIX, and associated open source project names are trademarks of the

Apache Software Foundation