Contact Us 1-800-596-4880

Inbound Policies Directory

Inbound Policies Included in Flex Gateway

Policy Category Summary

A2A Agent Card

A2A

Rewrites the Agent Card URL to match the server instance public URL

A2A PII Detector

A2A

Detects personally identifiable information (PII) in requests sent to the agent

A2A Prompt Decorator

A2A

Decorates prompts with context information

A2A Schema Validation

A2A

Validates Agent requests to ensure they conform to the A2A specification

Basic Authentication: LDAP

Security

Allows access based on the basic authorization mechanism, with user-password defined on LDAP

Basic Authentication: Simple

Security

Allows access based on the basic authorization mechanism, with a single user-password

Client ID Enforcement

Compliance

Allows access only to authorized client applications

Cross-Origin Resource Sharing (CORS)

Compliance

Enables access to resources residing in external domains

External Authorization

Security

Authenticates requests with an external gRPC or HTTP authorization service

External Processing

Transformation

Sends the incoming HTTP requests or outgoing HTTP responses to an external gRPC service for additional processing

Header Injection

Transformation

Adds headers to a request or a response

Header Removal

Transformation

Removes headers from a request or a response

Health Check

Quality of Service

Monitors API upstream health at specific intervals

HTTP Caching

Quality of Service

Caches HTTP responses from an API implementation

IP Allowlist

Security

Allows a list or range of specified IP addresses to request access

IP Blocklist

Security

Blocks a single IP address or a range of IP addresses from accessing an API endpoint

JSON Threat Protection

Security

Protects against malicious JSON in API requests

JWT Validation

Security

Validates a JWT

MCP Attribute-Based Access Control

MCP

Controls access to tools, resources, and prompts based on user information such as Tiers, IP, Headers, or Claims

MCP Schema Validation

MCP

Validates MCP requests to ensure they conform to the MCP specification

MCP Support

MCP

Adds MCP support to a Flex Gateway MCP server instance. This policy is required for your MCP server instance to function properly.

Message Logging

Troubleshooting

Logs custom messages using information from incoming requests, responses from the backend, or information from other policies applied to the same API endpoint

OAuth 2.0 Token Introspection

Security

Allows access only to authorized client applications

OpenID Connect OAuth 2.0 Access Token Enforcement

Security

Allows access only to authorized client applications

Rate Limiting

Quality of Service

Monitors access to an API by defining the maximum number of requests processed within a period of time

Rate Limiting: SLA-based

Quality of Service

Monitors access to an API by defining the maximum number of requests processed within a timespan, based on SLAs

Response Idle Timeout

Quality of Service

Set a maximum duration Flex Gateway waits for a response from an upstream service

Schema Validation

Security

Validates incoming traffic against a supplied OAS3 schema

Spike Control

Quality of Service

Regulates API traffic

SSE Logging

SSE

Logs every SSE event while streaming

Stream Idle Timeout

Quality of Service

Set a maximum duration a stream can remain idle without receiving a request or response

Traffic Management for Multiple Upstream Services

Quality of Service

Manages API instance traffic to multiple upstream services from a single consumer endpoint

Traffic Management for Multiple Upstream Services (Weighted)

Quality of Service

Manages API instance traffic to multiple upstream services from a single consumer endpoint, using weighted percentages

Transport Layer Security (TLS) - Inbound

Security

Enables authentication between a client and the API proxy

Transport Layer Security (TLS) - Outbound

Security

Enables two-way authentication between the API proxy and an upstream service