Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Rewrites the Agent Card URL to match the public URL of the gateway
>s|Category | A2A
>s|First Omni Gateway version available | v1.9.3
>s|Release Notes| xref:release-notes::flex-gateway/policies/a2a-agent-card-release-notes.adoc[]
>s| Returned Status Codes |
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Detects personally identifiable information (PII) in A2A JSON-RPC traffic
>s|Category | A2A
>s|First Omni Gateway version available | v1.9.3
>s|Release Notes| xref:release-notes::flex-gateway/policies/a2a-pii-detector-release-notes.adoc[]
>s| Returned Status Codes |
HTTP 403 with JSON-RPC 2.0 error code `-32602` (Invalid params)
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Decorates prompts with context information
>s|Category | A2A
>s|First Omni Gateway version available | v1.9.3
>s|Release Notes| xref:release-notes::flex-gateway/policies/a2a-prompt-decorator-release-notes.adoc[]
>s| Returned Status Codes | No return codes exist for this policy.
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Validates Agent requests to ensure they conform to the A2A specification
>s|Category | A2A
>s|First Omni Gateway version available | v1.9.3
>s|Release Notes| xref:release-notes::flex-gateway/policies/a2a-schema-validation-release-notes.adoc[]
>s| Returned Status Codes |
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Rate limits agent usage of upstream resources
>s|Category | A2A
>s|First Omni Gateway version available | v1.11.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/a2a-token-rate-limit-release-notes.adoc[]
.>s| Returned Status Codes
|429 - Too Many Requests: Token limit exceeded, requests are blocked until the current window finishes
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Tracks the number of requests made to agent or MCP server instances
>s|Category | A2A and MCP
>s|First Omni Gateway version available | 1.11.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/agent-connection-telemetry-release-notes.adoc[]
^s| Returned Status Codes | No return codes exist for this policy.
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Evaluates LLM prompts and responses against Azure AI Content Safety for harmful content, jailbreak attempts, hallucinations, and copyrighted material
>s|Category | LLM
>s|First Omni Gateway version available | v1.13.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/azure-content-safety-release-notes.adoc[]
.>s| Returned Status Codes
|403 - Forbidden: Content violates Azure Content Safety policies
|503 - Service Unavailable: Azure API call failed (only when fail-open is disabled)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Allows access based on the basic authorization mechanism, with user-password defined on LDAP
>s|Category | Security
>s|First Omni Gateway version available | v1.1.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/basic-auth-ldap-release-notes.adoc[]
.1+>.^s| Returned Status Codes
|401 - Unauthorized or invalid client application credentials
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Allows access based on the basic authorization mechanism, with a single user-password
>s|Category | Security
>s|First Omni Gateway version available | v1.0.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/basic-auth-simple-release-notes.adoc[]
.1+>.^s| Returned Status Codes
|400 - Unauthorized or invalid client application credentials in WSDL API using SOAP 1.2
| | 401 - Unauthorized or invalid client application credentials in HTTP or RAML APIs
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Evaluates LLM prompts and responses against Amazon Bedrock guardrails for content safety, PII detection, and contextual grounding
>s|Category | LLM
>s|First Omni Gateway version available | v1.13.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/bedrock-guardrails-release-notes.adoc[]
.>s| Returned Status Codes
|403 - Forbidden: Content violates guardrail policies
|503 - Service Unavailable: Bedrock API call failed (only when fail-open is disabled)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Allows access only to authorized client applications
>s|Category | Compliance
>s|First Omni Gateway version available | v1.0.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/client-id-enforcement-release-notes.adoc[]
.4+>.^s| Returned Status Codes
|401 - Unauthorized or invalid client application credentials
|500 - Bad response from authorization server, or WSDL SOAP Fault error
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s| Summary | Enables access to resources residing in external domains
>s| Category | Compliance
>s| First Omni Gateway version available | v1.0.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/cors-release-notes.adoc[]
.1+>.^s| Returned Status Codes
| No return codes exist for this policy
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Transforms the body of request or response traffic with a DataWeave script
>s|Category | Transformation
>s| First Omni Gateway version available | v1.12.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/dataweave-body-transformation-release-notes.adoc[]
.1+>.^s| Returned Status Codes
| `400` - The DataWeave script failed to execute or returned an invalid result
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Transforms headers of request or response traffic with a DataWeave script
>s|Category | Transformation
>s| First Omni Gateway version available | v1.12.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/dataweave-headers-transformation-release-notes.adoc[]
.1+>.^s| Returned Status Codes
| `400` - The DataWeave script failed to execute or returned an invalid result
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Filters requests by using a DataWeave script
>s|Category | Transformation
>s| First Omni Gateway version available | 1.12
>s|Release Notes| xref:release-notes::flex-gateway/policies/dataweave-request-filter-release-notes.adoc[]
.1+>.^s| Returned Status Codes
| `400` - The DataWeave script failed to execute or returned an invalid result
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Authenticates requests with an external gRPC or HTTP authorization service
>s|Category | Security
>s| First Omni Gateway version available | v1.6.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/external-authorization-release-notes.adoc[]
>s| Returned Status Codes | 403 - Forbidden, invalid client application credentials
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Sends the incoming HTTP requests or outgoing HTTP responses requests to an external gRPC service for additional processing
>s|Category | Transformation
>s|First Omni Gateway version available | v1.6.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/external-processing-release-notes.adoc[]
.1+>.^s| Returned Status Codes
| 403 - IP is rejected
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s| Summary | Blocks or allows requests that access the `__schema`, `__type`, and `__typename` GraphQL meta fields
>s| Category | Security
>s| First Omni Gateway version available | v1.13.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/graphql-introspection-control-release-notes.adoc[]
.1+>.^s| Returned status codes
| 403 Forbidden — The response follows the standard GraphQL error format, including a message such as `Introspection field '__schema' is not allowed`.
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s| Summary | Limits GraphQL operation depth, aliases, root fields, and directives
>s| Category | Security
>s| First Omni Gateway version available | v1.13.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/graphql-operation-limits-release-notes.adoc[]
.1+>.^s| Returned status codes
| 400 - Operations that exceed a configured limit. The response follows the standard GraphQL error format and lists each violation. For example, `Query depth of 7 exceeds the maximum allowed depth of 5`
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s| Summary | Validates incoming GraphQL operations against a GraphQL schema definition
>s| Category | Security
>s| First Omni Gateway version available | v1.13.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/graphql-schema-validation-release-notes.adoc[]
.1+>.^s| Returned status codes
| 400 - The operation doesn't satisfy the schema. When *Block request* is enabled, the JSON response includes GraphQL-style `errors` with a validation message.
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s| Summary | Calculates query complexity and blocks requests that exceed the defined budget
>s| Category | Security
>s| First Omni Gateway version available | v1.13.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/graphql-static-query-complexity-release-notes.adoc[]
.1+>.^s| Returned status codes
| 400 - Parse failures always trigger a 400 response. Complexity and list violations return this code only if *Block request* is enabled. The response includes a standard GraphQL errors object.
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Adds headers to a request or response.
>s|Category | Transformation
>s| First Omni Gateway version available | v1.0.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/header-injection-release-notes.adoc[]
>s| Returned Status Codes | 500 - The configuration includes an expression that was not evaluated.
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Removes headers from a request or a response
>s|Category | Transformation
>s| First Omni Gateway version available | v1.0.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/header-removal-release-notes.adoc[]
.1+>.^s| Returned Status Codes
| 500 - The configuration includes an expression that was not evaluated.
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Monitors API upstream health at specific intervals
>s|Category | Quality of Service
>s| First Omni Gateway version available | v1.4.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/health-check-release-notes.adoc[]
.1+>.^s| Returned Status Codes | No return codes exist for this policy.
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Caches HTTP responses from an API implementation
>s|Category | Quality of Service
>s| First Omni Gateway version available | v1.0.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/http-caching-release-notes.adoc[]
.1+>.^s| Returned Status Codes
| No return codes exist for this policy
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary| Scans incoming requests to protect against SQL, XSS, and custom injection attacks
>s|Category| Security
>s|First Omni Gateway version available |v1.12.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/injection-protection-release-notes.adoc[]
>s|Returned Status Codes|`400` - Bad Request
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Allows a list or range of specified IP addresses to request access
>s|Category | Security
>s|First Omni Gateway version available | v1.0.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/ip-allowlist-release-notes.adoc[]
.1+>.^s| Returned Status Codes
| 403 - IP is rejected
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Blocks a single IP address or a range of IP addresses from accessing an API endpoint
>s|Category | Security
>s|First Omni Gateway version available | v1.0.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/ip-blocklist-release-notes.adoc[]
.1+>.^s| Returned Status Codes
| 403 - IP is rejected
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary| Protects against malicious JSON in API requests
>s|Category| Security
>s|First Omni Gateway version available | v1.4.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/json-threat-protection-release-notes.adoc[]
>s|Returned Status Codes| 400 - Bad Request
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s| Summary | Validates a JWT
>s| Category | Security
>s| First Omni Gateway version available | v1.0.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/jwt-validation-release-notes.adoc[]
.4+>.^s| Returned Status Codes |
|400 - Token was not provided in the request.

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Detects personally identifiable information (PII) in OpenAI-format LLM requests and responses
>s|Category | LLM
>s|First Omni Gateway version available | v1.13.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/llm-pii-detection-release-notes.adoc[]
>s| Returned Status Codes
|403 - Forbidden
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Rate limits LLM Proxy usage based on token consumption
>s|Category | LLM
>s|First Omni Gateway version available | v1.11.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/llm-token-rate-limit-release-notes.adoc[]
.>s| Returned Status Codes
|429 - Too Many Requests: Token limit exceeded, requests are blocked until the current window finishes
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Controls access to tools, resources, and prompts based on user information such as Tiers, IP, Headers, or Claims
>s|Category | MCP
>s|First Omni Gateway version available | v1.9.3
>s|Release Notes| xref:release-notes::flex-gateway/policies/mcp-access-control-release-notes.adoc[]
>s| Returned Status Codes | 400 - Invalid token
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Restricts which MCP tools are exposed by defining Allow and Block rules
>s|Category | MCP
>s|First Omni Gateway version available | v1.9.3
>s|Release Notes| xref:release-notes::flex-gateway/policies/mcp-global-access-policy-release-notes.adoc[]
>s| Returned Status Codes | 403 — Returned when a call targets a blocked tool
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Optimizes MCP tool responses for token consumption by transforming HTML to Markdown and removing unnecessary data
>s|Category | MCP
>s|First Omni Gateway version available | v1.12.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/mcp-payload-optimization-release-notes.adoc[]
>s| Returned Status Codes | No return codes exist for this policy. The policy modifies response bodies and doesn't block traffic based on content.
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Blocks elicitation responses containing personally identifiable information (PII) from reaching MCP servers
>s|Category | MCP
>s|First Omni Gateway version available | v1.9.3
>s|Release Notes| xref:release-notes::flex-gateway/policies/mcp-pii-detector-release-notes.adoc[]
>s| Returned Status Codes | No return codes exist for this policy. The policy reports a policy violation when PII is detected.
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Validates MCP requests to ensure they conform to the MCP specification
>s|Category | MCP
>s|First Omni Gateway version available | v1.9.3
>s|Release Notes| xref:release-notes::flex-gateway/policies/mcp-schema-validation-release-notes.adoc[]
>s| Returned Status Codes |
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Adds MCP support to an Omni Gateway MCP server instance. This policy is required for your MCP server instance to function properly.
>s|Category | MCP
>s|First Omni Gateway version available | v1.9.3
>s|Release Notes| xref:release-notes::flex-gateway/policies/mcp-support-release-notes.adoc[]
>s| Returned Status Codes | No return codes exist for this policy.
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Redefines tool names and descriptions to reduce prompt complexity and improve LLM comprehension
>s|Category | MCP
>s|First Omni Gateway version available | v1.11.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/mcp-tool-mapping-release-notes.adoc[]
>s| Returned Status Codes | No return codes exist for this policy.
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Logs custom messages using information from incoming requests, responses from the backend, or information from other policies applied to the same API endpoint
>s|Category | Troubleshooting
>s|First Omni Gateway version available | v1.0.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/message-logging-release-notes.adoc[]
.1+>.^s| Returned Status Codes
| No return codes exist for this policy
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Serves OAuth 2.0 Protected Resource Metadata at the well-known endpoint
>s|Category | Security
>s|First Omni Gateway version available | v1.13.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/oauth-protected-resource-metadata-release-notes.adoc[]
.2+>.^s| Returned Status Codes
|404 - Request path does not match the well-known endpoint
|405 - HTTP method is not GET
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Allows access only to authorized client applications
>s|Category | Security
>s| First Omni Gateway version available | v1.3.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/oauth-token-introspection-release-notes.adoc[]
.4+>.^s| Returned Status Codes
|400 - Invalid token
|401 - Unauthorized access or error when connecting to the authorization server
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary | Allows access only to authorized client applications
>s|Category | Security
>s| First Omni Gateway version available | v1.0.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/openid-token-enforcement-release-notes.adoc[]
.4+>.^s| Returned Status Codes
|400 - Invalid token
|401 - Unauthorized access or error when connecting to the authorization server
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s| Summary | Monitors access to an API by defining the maximum number of requests processed within a timespan, based on SLAs
>s| Category | Quality of Service
>s| First Omni Gateway version available | v1.2.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/rate-limiting-sla-release-notes.adoc[]
.4+>.^s| Returned Status Codes
|401 - Request blocked due to invalid client credentials (client ID or client secret) provided
|429 - Quota exceeded; requests blocked until the current window finishes
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s| Summary | Monitors access to an API by defining the maximum number of requests processed within a period of time
>s| Category | Quality of Service
>s| First Omni Gateway version available | v1.2.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/rate-limiting-release-notes.adoc[]
.4+>.^s| Returned Status Codes
|429 - Quota exceeded, requests are blocked until the current window finishes
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Blocks LLM requests that match deny-list regex patterns
>s|Category | LLM
>s|First Omni Gateway version available | v1.11.4
>s|Release Notes| xref:release-notes::flex-gateway/policies/regex-prompt-guard-policy-release-notes.adoc[]
.>s| Returned Status Codes
|403 - Forbidden: Request blocked because prompt content matched one or more denied patterns
|===
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary | Sets the maximum duration that Omni Gateway waits for a response from an upstream service
>s|Category | Quality of Service
>s|First Omni Gateway version available | v1.9.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/response-timeout-release-notes.adoc[]
^s| Returned Status Codes | 504 - Upstream request timeout
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ endif::[]
>s|Summary| Validates incoming traffic against a supplied API schema
>s|Category| Security
>s|First Omni Gateway version available | v1.4.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/schema-validation-release-notes.adoc[]
>s|Returned Status Codes| 400 - The request properties do not comply with the API specifications.
|===

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ endif::[]
>s|Summary| Validates incoming traffic against a specified WSDL schema
>s|Category| Security
>s|First Omni Gateway version available |v1.10.0
>s|Release Notes| xref:release-notes::flex-gateway/policies/soap-schema-validation-release-notes.adoc[]
>.^s| Returned Status Codes
| The policy returns a `400` for a client error or `500` for a server error. Error messages are defined by SOAP standard responses.
|===
Expand Down
Loading