Reference
mTLS Auth Policy
This policy will authenticate users based on mTLS certificates that are configured for your project. This policy is available only to enterprise customers (contact sales@zuplo.com to request info). When a requests is authenticated with an mTLS certificate, the certificate data will be set as the user object of the request. The user.sub
property will be the value of the certificates DN.
Paid Add On
This policy is only available as a paid add-on. If you would like to try this please reach out to us: sales@zuplo.com
Configuration
The configuration shows how to configure the policy in the 'policies.json' document.
Policy Configuration
name
<string> - The name of your policy instance. This is used as a reference in your routes.policyType
<string> - The identifier of the policy. This is used by the Zuplo UI. Value should bemtls-auth-inbound
.handler.export
<string> - The name of the exported type. Value should beMTLSAuthInboundPolicy
.handler.module
<string> - The module containing the policy. Value should be$import(@zuplo/runtime)
.handler.options
<object> - The options for this policy. See Policy Options below.
Policy Options
The options for this policy are specified below. All properties are optional unless specifically marked as required.
allowUnauthenticatedRequests
<boolean> -Indicates whether the request should continue if authentication fails. Default isDefaults tofalse
which means unauthenticated users will automatically receive a 401 response.false
.allowExpiredCertificates
<boolean> -Indicates whether the request should continue if the certificate is expired.Defaults tofalse
.allowRevokedCertificates
<boolean> -Indicates whether the request should continue if the certificate is revoked.Defaults tofalse
.
Using the Policy
Read more about how policies work