Inbound Policies Directory
Inbound Policies Included in Flex Gateway
| Policy | Category | Summary |
|---|---|---|
A2A |
Rewrites the Agent Card URL to match the server instance public URL |
|
A2A |
Detects personally identifiable information (PII) in requests sent to the agent |
|
A2A |
Decorates prompts with context information |
|
A2A |
Validates Agent requests to ensure they conform to the A2A specification |
|
Security |
Allows access based on the basic authorization mechanism, with user-password defined on LDAP |
|
Security |
Allows access based on the basic authorization mechanism, with a single user-password |
|
Compliance |
Allows access only to authorized client applications |
|
Compliance |
Enables access to resources residing in external domains |
|
Security |
Authenticates requests with an external gRPC or HTTP authorization service |
|
Transformation |
Sends the incoming HTTP requests or outgoing HTTP responses to an external gRPC service for additional processing |
|
Transformation |
Adds headers to a request or a response |
|
Transformation |
Removes headers from a request or a response |
|
Quality of Service |
Monitors API upstream health at specific intervals |
|
Quality of Service |
Caches HTTP responses from an API implementation |
|
Security |
Allows a list or range of specified IP addresses to request access |
|
Security |
Blocks a single IP address or a range of IP addresses from accessing an API endpoint |
|
Security |
Protects against malicious JSON in API requests |
|
Security |
Validates a JWT |
|
MCP |
Controls access to tools, resources, and prompts based on user information such as Tiers, IP, Headers, or Claims |
|
MCP |
Validates MCP requests to ensure they conform to the MCP specification |
|
MCP |
Adds MCP support to a Flex Gateway MCP server instance. This policy is required for your MCP server instance to function properly. |
|
Troubleshooting |
Logs custom messages using information from incoming requests, responses from the backend, or information from other policies applied to the same API endpoint |
|
Security |
Allows access only to authorized client applications |
|
Security |
Allows access only to authorized client applications |
|
Quality of Service |
Monitors access to an API by defining the maximum number of requests processed within a period of time |
|
Quality of Service |
Monitors access to an API by defining the maximum number of requests processed within a timespan, based on SLAs |
|
Quality of Service |
Set a maximum duration Flex Gateway waits for a response from an upstream service |
|
Security |
Validates incoming traffic against a supplied OAS3 schema |
|
Security |
Validates incoming traffic against a specified WSDL schema |
|
Quality of Service |
Regulates API traffic |
|
SSE |
Logs every SSE event while streaming |
|
Quality of Service |
Set a maximum duration a stream can remain idle without receiving a request or response |
|
Troubleshooting |
Configure OpenTelemetry distributed tracing for an API |
|
Quality of Service |
Manages API instance traffic to multiple upstream services from a single consumer endpoint |
|
Traffic Management for Multiple Upstream Services (Weighted) |
Quality of Service |
Manages API instance traffic to multiple upstream services from a single consumer endpoint, using weighted percentages |
Security |
Enables authentication between a client and the API proxy |
|
Security |
Enables two-way authentication between the API proxy and an upstream service |
|
Security |
Protects against malicious XML in API requests |