#Policy Fundamentals
Policies are modules that can intercept an incoming request or outgoing response. You can have multiple policies and apply them to multiple routes. There are built-in policies but of course, being a developer-focused platform you can easily create custom policies.
#How policies work
An inbound policy can intercept a request and modify the request before it
reaches the request handler (or the next policy). It can also short-circuit the
whole request lifecycle and immediately respond to the client.
An outbound policy intercepts the response from your request handler, allowing
you to transform your response, or return a new one entirely.
#Built-In Policies
Zuplo includes many built-in policies that make it easy to handle things like authentication, validation, and request modification.
Explore the navigation to see all of the built-in policies.
#Custom Policies
The ability to write custom policies that run in-process of your Gateway is at the core of what makes Zuplo the Programmable API Gateway. You can write policies to handle virtually any task. To learn more about writing custom policies see the documentation.