Skip to main content

Gate: Plugin - Request validator

In some cases, you may want to perform custom validation of your requests. It's possible to do that with the request-validator plugin.

request-validator makes decision if the request is valid based on the response of your validation endpoint.

Example usage

Please see API authentication at the edge.

Yourrequest validation endpointValidationresultHTTP requestheadersUserYour systemLoad balancerDestination endpointGateHTTP requestHTTP request?

Configuring Gate

GATE_PLUGINS_<PLUGIN NUMBER>_TYPE=request-validator
GATE_PLUGINS_<PLUGIN NUMBER>_PARAMETERS_VALIDATE_URL=<URL of validation endpoint>

In the Environment variables configuration, <PLUGIN NUMBER> defined plugin execution order.

where:

  • <URL of validation endpoint> URL to be called by the plugin.

To learn more about configuring Gate, please visit the configuration page and plugins section.

info

The order of plugins in configuration determines their execution order.

Validation endpoint

The configured endpoint is called on every request with the GET method. All headers of the original request are forwarded to the validation endpoint. Two additional headers are included in the request:

  • SlashID-Target-Method
  • SlashID-Target-Location

These carry the method and location of the original request, respectively.

If the endpoint returns 2XX status code, the request is considered as valid. If 5XX HTTP status is returned, Gate will respond with 502 Bad Gateway HTTP status. In all other cases, Gate will return 401 Unauthorized.

note

Requests with the OPTIONS method are not validated and are always valid.

Disabling plugin for specific URLs

You can enable or disable this plugin for specific URLs by using the enabled option in the URLs configuration.

GATE_URLS_0_PATTERN=svc-example.com/*
GATE_URLS_0_TARGET=http://example:8080

GATE_URLS_1_PATTERN=svc-another-example.com/
GATE_URLS_1_TARGET=https://another-example:8080