Parameters
See plugin common configurations for configuration options available to all plugins.
external_user_label_field
string
default:
groupsKey of the user labels when using an external identity provider for authentication.
The key should be a JSONPath when the user labels are in a nested JSON object and a field name otherwise.
The values to the key are expected to be in a string array and will be used for ACL tag matching.
external_user_label_field_key
string
Key of the user label field when
external_user_label_fieldis a JSONPath. For example, ifexternal_user_label_fieldis$.orgs..team,external_user_label_field_keyshould be configured toteam.external_user_label_field_parser
string
vaild vaule:
segmented_text,json,ortableType of parser to parse for user labels.
When user labels are in serialized JSON format, use the
jsonparser to deserialize the JSON object to a structured list of strings. When user labels are delimited strings, use thesegmented_textparser and configure the delimiter inexternal_user_label_field_separatorto parse the strings into a structured list of strings. When user labels are in a list, use thetableparser.external_user_label_field_separator
string
Delimiter to use by parser when user labels are delimited; that is, when
external_user_label_field_parserissegmented_text.allow_labels
object
List of labels associated with a key that if present, the request should be allowed access.
At least one of the
allow_labelsanddeny_labelsshould be configured.deny_labels
object
List of labels associated with a key that if present, the request should be denied access.
At least one of the
allow_labelsanddeny_labelsshould be configured.rejected_code
integer
default:
403vaild vaule:
greater than or equal to 200
HTTP status code to return when the request is rejected.
rejected_msg
string
default:
The consumer is forbidden.Error message to return when the request is rejected.