Policies

Policy Catalog

Zuplo includes policies for any solution you need for securing and sharing your API. See the policy introduction to learn about using policies.

In addition to the built-in policies, Zuplo is fully programmable so developers can simply write code to customize any aspect of Zuplo.

Plan:

Inbound Policies

A/B Test Inbound

Access Control List

Add or Set Query Parameters

Add or Set Request Headers

Akamai Firewall for AI

Amberflo Metering / Billing

API Key Authentication

Archive Request to AWS S3

Archive Request to Azure Storage

Archive Request to GCP Storage

AuthZEN Authorization

AWS Cognito JWT Auth

Add-On

Axiomatics Authorization

Clear Request Headers

Clerk JWT Auth

Add-On

Complex Rate Limiting

Composite Inbound (Group Policies)

Curity Phantom Token Auth

Custom Code Inbound

Firebase JWT Auth

Form Data to JSON

Geo-location filtering

GraphQL Complexity Limit

GraphQL Disable Introspection

Moesif Analytics & Billing

Okta FGA Authorization

Okta JWT Auth

Add-On

OpenFGA Authorization

OpenMeter

PropelAuth JWT Auth

Query Parameter to Header

Remove Query Parameters

Remove Request Headers

Transform Request Body

Add-On

Upstream Azure AD Service Auth

Upstream Firebase Admin Auth

Upstream Firebase User Auth

Add-On

Upstream GCP Federated Auth

Add-On

Upstream GCP Self-Signed JWT

Add-On

Upstream GCP Service Auth

Add-On

Upstream Zuplo JWT

Web Bot Auth

Outbound Policies

A/B Test Outbound

Akamai Firewall for AI

Archive Response to AWS S3

Archive Response to Azure Storage

Clear Response Headers

Composite Outbound (Group Policies)

Custom Code Outbound

GraphQL Introspection Filter

HTTP Deprecation

Remove Response Headers

Replace String in Response Body

Secret Masking

Set Headers

Set Status Code

Transform Response Body

XML to JSON

Edit this page

Last modified on October 3, 2025

GitHub Action Automation API Key Authentication Policy