Overview
Policy Catalog
Zuplo includes policies for any solution you need for securing and sharing your API. See the policy introduction to learn about using policies.
In addition to the built-in policies, Zuplo is fully programmable so developers can simply write code to customize any aspect of Zuplo.
Inbound Policies
A/B Test Inbound
Access Control List
Add or Set Query Parameters
Add or Set Request Headers
Amberflo Metering / Billing
API Key Authentication
Archive Request to AWS S3
Archive Request to Azure Storage
Archive Request to GCP Storage
Aserto Authorization
Audit Logs
Auth0 JWT Auth
AuthZEN Authorization
AWS Cognito JWT Auth
Axiomatics Authorization
Basic Auth
Bot Detection
Brown Out
Caching
Change Method
Clear Request Headers
Clerk JWT Auth
Complex Rate Limiting
Composite Inbound (Group Policies)
Curity Phantom Token Auth
Custom Code Inbound
Firebase JWT Auth
Form Data to JSON
Geo-location filtering
GraphQL Complexity Limit
GraphQL Disable Introspection
HMAC Auth
IP Restriction
JWT Auth
JWT Scope Validation
LDAP Auth
Mock API Response
Moesif Analytics & Billing
Monetization
mTLS Auth
Okta FGA Authorization
Okta JWT Auth
OpenFGA Authorization
PropelAuth JWT Auth
Quota
Rate Limiting
RBAC Authorization
Readme Metrics
Remove Query Parameters
Remove Request Headers
Request Size Limit
Request Validation
Require Origin
Set Body
Sleep / Delay
Stripe Webhook Auth
Supabase JWT Auth
Transform Request Body
Upstream Azure AD Service Auth
Upstream Firebase Admin Auth
Upstream Firebase User Auth
Upstream GCP Federated Auth
Upstream GCP Self-Signed JWT
Upstream GCP Service Auth
Outbound Policies
A/B Test Outbound
Archive Response to AWS S3
Archive Response to Azure Storage
Clear Response Headers
Composite Outbound (Group Policies)
Custom Code Outbound
Prompt Injection Detection
Remove Response Headers
Replace String in Response Body
Set Headers
Set Status Code
Transform Response Body
XML to JSON Outbound