For the complete documentation index, see llms.txt. Markdown versions of all docs pages are available by appending .md to any docs URL.
Configuration schema explorer
Explore the agentgateway standalone configuration schema interactively, including nested fields and validation details.
Generated from the agentgateway JSON schema.
- config
- enableIpv6boolean
- dns
- lookupFamilystring
- edns0boolean
- localXdsPathstring
- modelCatalog
- *filestring
- caAddressstring
- caAuthTokenstring
- xdsAddressstring
- xdsAuthTokenstring
- namespacestring
- gatewaystring
- trustDomainstring
- additionalTrustDomainsstring
- skipValidateTrustDomainboolean
- serviceAccountstring
- clusterIdstring
- networkstring
- adminAddrstring
- statsAddrstring
- readinessAddrstring
- session
- *keystring
- mcp
- sessionTtlstring
- connectionTerminationDeadlinestring
- connectionMinTerminationDeadlinestring
- workerThreadsstring
- tracing
- otlpEndpointstring
- headersobject
- otlpProtocolstring
- fields
- removestring[]
- addobject
- randomSamplingstring|number|boolean
- clientSamplingstring|number|boolean
- pathstring
- logging
- filterstring
- fields
- removestring[]
- addobject
- levelstring[]
- formatstring
- metrics
- removestring[]
- fields
- addobject
- backend
- keepalives
- enabledboolean
- timestring
- intervalstring
- retriesinteger
- connectTimeoutstring
- poolIdleTimeoutstring
- poolMaxSizeinteger
- hbone
- windowSizeinteger
- connectionWindowSizeinteger
- frameSizeinteger
- poolMaxStreamsPerConninteger
- poolUnusedReleaseTimeoutstring
- frontendPolicies
- http
- maxBufferSizeinteger
- http1MaxHeadersinteger
- http1IdleTimeoutstring
- http1HeaderCasestring
- http2WindowSizeinteger
- http2ConnectionWindowSizeinteger
- http2FrameSizeinteger
- http2MaxHeaderSizeinteger
- http2KeepaliveIntervalstring
- http2KeepaliveTimeoutstring
- maxConnectionDurationstring
- tls
- handshakeTimeoutstring
- alpnarray[]
- minVersionstring
- maxVersionstring
- cipherSuitesstring[]
- keyExchangeGroupsstring[]
- tcp
- *keepalives
- enabledboolean
- timestring
- intervalstring
- retriesinteger
- networkAuthorization
- *rules
- *allowstring
- proxy
- versionstring
- modestring
- proxyProtocol
- versionstring
- modestring
- connect
- *modestring
- accessLog
- filterstring
- addobject
- removestring[]
- otlp
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- logging
- filterstring
- addobject
- removestring[]
- otlp
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- tracing
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- binds
- *portinteger
- *listeners
- namestring
- namespacestring
- hostnamestring
- protocolstring
- tls
- modestring
- *certstring
- *keystring
- rootstring
- cipherSuitesstring[]
- minTLSVersionstring
- minTlsVersionstring
- maxTLSVersionstring
- maxTlsVersionstring
- keyExchangeGroupsstring[]
- routes
- namestring
- namespacestring
- ruleNamestring
- hostnamesstring[]
- matches
- headers
- *namestring
- *value
- *exactstring
- path
- *exactstring
- methodstring
- query
- *namestring
- *value
- *exactstring
- policies
- requestHeaderModifier
- addobject
- setobject
- removestring[]
- responseHeaderModifier
- addobject
- setobject
- removestring[]
- requestRedirect
- schemestring
- authority
- *fullstring
- path
- *fullstring
- statusinteger
- urlRewrite
- authority
- *fullstring
- path
- *fullstring
- requestMirror
- *backend
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- *percentagenumber
- directResponse
- *conditional
- conditionstring
- bodyarray|string
- bodyExpressionstring
- headersobject
- *statusinteger
- cors
- allowCredentialsboolean
- allowHeadersstring[]
- allowMethodsstring[]
- allowOriginsstring[]
- exposeHeadersstring[]
- maxAgestring
- mcpAuthorization
- *rules
- *allowstring
- mcpGuardrails
- *processors
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- authorization
- *rules
- *allowstring
- mcpAuthentication
- *issuerstring
- *audiencesstring[]
- provider
- *auth0object
- *resourceMetadataobject
- *jwks
- *filestring
- modestring
- authorizationLocation
- *header
- *namestring
- prefixstring
- jwtValidationOptions
- requiredClaimsstring[]
- clientIdstring
- a2aobject
- ai
- promptGuard
- streamingstring
- request
- *regex
- actionstring
- *rules
- *builtinstring
- response
- *regex
- actionstring
- *rules
- *builtinstring
- defaultsobject
- overridesobject
- transformationsobject
- prompts
- append
- *rolestring
- *contentstring
- prepend
- *rolestring
- *contentstring
- modelAliasesobject
- promptCaching
- cacheSystemboolean
- cacheMessagesboolean
- cacheToolsboolean
- minTokensinteger
- cacheMessageOffsetinteger
- routesobject
- backendTLS
- certstring
- keystring
- rootstring
- hostnamestring
- insecureboolean
- insecureHostboolean
- alpnstring[]
- subjectAltNamesstring[]
- keyExchangeGroupsstring[]
- backendTunnel
- *proxy
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- backendAuth
- *passthrough
- location
- *header
- *namestring
- prefixstring
- localRateLimit
- *conditional
- conditionstring
- maxTokensinteger
- tokensPerFillinteger
- *fillIntervalstring
- typestring
- remoteRateLimit
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- jwtAuth
- modestring
- location
- *header
- *namestring
- prefixstring
- *providers
- *issuerstring
- audiencesstring[]
- *jwks
- *filestring
- jwtValidationOptions
- requiredClaimsstring[]
- oidc
- *issuerstring
- discovery
- *filestring
- authorizationEndpointstring
- tokenEndpointstring
- tokenEndpointAuthstring
- jwks
- *filestring
- *clientIdstring
- *clientSecretstring
- *redirectURIstring
- scopesstring[]
- basicAuth
- *htpasswd
- *filestring
- realmstring
- modestring
- authorizationLocation
- *header
- *namestring
- prefixstring
- apiKey
- *keys
- *keystring
- metadata
- modestring
- location
- *header
- *namestring
- prefixstring
- extAuthz
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- extProc
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- transformations
- *conditional
- conditionstring
- request
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- response
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- csrf
- additionalOriginsstring[]
- buffer
- request
- maxBytesinteger
- response
- maxBytesinteger
- timeout
- requestTimeoutstring
- backendRequestTimeoutstring
- retry
- attemptsinteger
- backoffstring
- *codesinteger[]
- preconditionstring
- conditionstring
- backends
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- tcpRoutes
- namestring
- namespacestring
- ruleNamestring
- hostnamesstring[]
- policies
- backendTLS
- certstring
- keystring
- rootstring
- hostnamestring
- insecureboolean
- insecureHostboolean
- alpnstring[]
- subjectAltNamesstring[]
- keyExchangeGroupsstring[]
- backends
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- policies
- oidc
- *issuerstring
- discovery
- *filestring
- authorizationEndpointstring
- tokenEndpointstring
- tokenEndpointAuthstring
- jwks
- *filestring
- *clientIdstring
- *clientSecretstring
- *redirectURIstring
- scopesstring[]
- jwtAuth
- modestring
- location
- *header
- *namestring
- prefixstring
- *providers
- *issuerstring
- audiencesstring[]
- *jwks
- *filestring
- jwtValidationOptions
- requiredClaimsstring[]
- authorization
- *rules
- *allowstring
- extAuthz
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- extProc
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- cors
- allowCredentialsboolean
- allowHeadersstring[]
- allowMethodsstring[]
- allowOriginsstring[]
- exposeHeadersstring[]
- maxAgestring
- transformations
- *conditional
- conditionstring
- request
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- response
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- basicAuth
- *htpasswd
- *filestring
- realmstring
- modestring
- authorizationLocation
- *header
- *namestring
- prefixstring
- apiKey
- *keys
- *keystring
- metadata
- modestring
- location
- *header
- *namestring
- prefixstring
- tunnelProtocolstring
- llm
- portinteger
- tls
- modestring
- *certstring
- *keystring
- rootstring
- cipherSuitesstring[]
- minTLSVersionstring
- minTlsVersionstring
- maxTLSVersionstring
- maxTlsVersionstring
- keyExchangeGroupsstring[]
- providers
- *namestring
- params
- modelstring
- apiKey
- *filestring
- awsRegionstring
- vertexRegionstring
- vertexProjectstring
- azureResourceNamestring
- azureResourceTypestring
- azureApiVersionstring
- azureProjectNamestring
- baseUrlstring
- hostOverridestring
- pathOverridestring
- pathPrefixstring
- tokenizeboolean
- *provider
- *referencestring
- defaults
- defaultsobject
- overridesobject
- transformationobject
- requestHeaders
- addobject
- setobject
- removestring[]
- responseHeaders
- addobject
- setobject
- removestring[]
- backendTLS
- certstring
- keystring
- rootstring
- hostnamestring
- insecureboolean
- insecureHostboolean
- alpnstring[]
- subjectAltNamesstring[]
- keyExchangeGroupsstring[]
- tls
- certstring
- keystring
- rootstring
- hostnamestring
- insecureboolean
- insecureHostboolean
- alpnstring[]
- subjectAltNamesstring[]
- keyExchangeGroupsstring[]
- auth
- *passthrough
- location
- *header
- *namestring
- prefixstring
- health
- unhealthyExpressionstring
- eviction
- durationstring
- restoreHealthnumber
- consecutiveFailuresinteger
- healthThresholdnumber
- backendTunnel
- *proxy
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- promptCaching
- cacheSystemboolean
- cacheMessagesboolean
- cacheToolsboolean
- minTokensinteger
- cacheMessageOffsetinteger
- *models
- *namestring
- visibilitystring
- params
- modelstring
- apiKey
- *filestring
- awsRegionstring
- vertexRegionstring
- vertexProjectstring
- azureResourceNamestring
- azureResourceTypestring
- azureApiVersionstring
- azureProjectNamestring
- baseUrlstring
- hostOverridestring
- pathOverridestring
- pathPrefixstring
- tokenizeboolean
- *provider
- *referencestring
- passthroughstring
- authorization
- *rules
- *allowstring
- defaultsobject
- overridesobject
- transformationobject
- requestHeaders
- addobject
- setobject
- removestring[]
- responseHeaders
- addobject
- setobject
- removestring[]
- backendTLS
- certstring
- keystring
- rootstring
- hostnamestring
- insecureboolean
- insecureHostboolean
- alpnstring[]
- subjectAltNamesstring[]
- keyExchangeGroupsstring[]
- tls
- certstring
- keystring
- rootstring
- hostnamestring
- insecureboolean
- insecureHostboolean
- alpnstring[]
- subjectAltNamesstring[]
- keyExchangeGroupsstring[]
- auth
- *passthrough
- location
- *header
- *namestring
- prefixstring
- health
- unhealthyExpressionstring
- eviction
- durationstring
- restoreHealthnumber
- consecutiveFailuresinteger
- healthThresholdnumber
- backendTunnel
- *proxy
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- guardrails
- streamingstring
- request
- *regex
- actionstring
- *rules
- *builtinstring
- response
- *regex
- actionstring
- *rules
- *builtinstring
- promptCaching
- cacheSystemboolean
- cacheMessagesboolean
- cacheToolsboolean
- minTokensinteger
- cacheMessageOffsetinteger
- matches
- headers
- *namestring
- *value
- *exactstring
- virtualModels
- *namestring
- *routing
- weighted
- *targets
- *modelstring
- weightinteger
- failover
- *targets
- *modelstring
- *priorityinteger
- conditional
- *targets
- whenstring
- *modelstring
- policies
- oidc
- *issuerstring
- discovery
- *filestring
- authorizationEndpointstring
- tokenEndpointstring
- tokenEndpointAuthstring
- jwks
- *filestring
- *clientIdstring
- *clientSecretstring
- *redirectURIstring
- scopesstring[]
- jwtAuth
- modestring
- location
- *header
- *namestring
- prefixstring
- *providers
- *issuerstring
- audiencesstring[]
- *jwks
- *filestring
- jwtValidationOptions
- requiredClaimsstring[]
- authorization
- *rules
- *allowstring
- extAuthz
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- extProc
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- cors
- allowCredentialsboolean
- allowHeadersstring[]
- allowMethodsstring[]
- allowOriginsstring[]
- exposeHeadersstring[]
- maxAgestring
- transformations
- *conditional
- conditionstring
- request
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- response
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- basicAuth
- *htpasswd
- *filestring
- realmstring
- modestring
- authorizationLocation
- *header
- *namestring
- prefixstring
- apiKey
- *keys
- *keystring
- metadata
- modestring
- location
- *header
- *namestring
- prefixstring
- guardrails
- streamingstring
- request
- *regex
- actionstring
- *rules
- *builtinstring
- response
- *regex
- actionstring
- *rules
- *builtinstring
- localRateLimit
- maxTokensinteger
- tokensPerFillinteger
- *fillIntervalstring
- typestring
- remoteRateLimit
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- mcp
- portinteger
- *targets
- *sse
- hoststring
- portinteger
- pathstring
- backendstring
- statefulModestring
- prefixModestring
- failureModestring
- policies
- requestHeaderModifier
- addobject
- setobject
- removestring[]
- responseHeaderModifier
- addobject
- setobject
- removestring[]
- requestRedirect
- schemestring
- authority
- *fullstring
- path
- *fullstring
- statusinteger
- urlRewrite
- authority
- *fullstring
- path
- *fullstring
- requestMirror
- *backend
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- *percentagenumber
- directResponse
- *conditional
- conditionstring
- bodyarray|string
- bodyExpressionstring
- headersobject
- *statusinteger
- cors
- allowCredentialsboolean
- allowHeadersstring[]
- allowMethodsstring[]
- allowOriginsstring[]
- exposeHeadersstring[]
- maxAgestring
- mcpAuthorization
- *rules
- *allowstring
- mcpGuardrails
- *processors
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- authorization
- *rules
- *allowstring
- mcpAuthentication
- *issuerstring
- *audiencesstring[]
- provider
- *auth0object
- *resourceMetadataobject
- *jwks
- *filestring
- modestring
- authorizationLocation
- *header
- *namestring
- prefixstring
- jwtValidationOptions
- requiredClaimsstring[]
- clientIdstring
- a2aobject
- ai
- promptGuard
- streamingstring
- request
- *regex
- actionstring
- *rules
- *builtinstring
- response
- *regex
- actionstring
- *rules
- *builtinstring
- defaultsobject
- overridesobject
- transformationsobject
- prompts
- append
- *rolestring
- *contentstring
- prepend
- *rolestring
- *contentstring
- modelAliasesobject
- promptCaching
- cacheSystemboolean
- cacheMessagesboolean
- cacheToolsboolean
- minTokensinteger
- cacheMessageOffsetinteger
- routesobject
- backendTLS
- certstring
- keystring
- rootstring
- hostnamestring
- insecureboolean
- insecureHostboolean
- alpnstring[]
- subjectAltNamesstring[]
- keyExchangeGroupsstring[]
- backendTunnel
- *proxy
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- backendAuth
- *passthrough
- location
- *header
- *namestring
- prefixstring
- localRateLimit
- *conditional
- conditionstring
- maxTokensinteger
- tokensPerFillinteger
- *fillIntervalstring
- typestring
- remoteRateLimit
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- jwtAuth
- modestring
- location
- *header
- *namestring
- prefixstring
- *providers
- *issuerstring
- audiencesstring[]
- *jwks
- *filestring
- jwtValidationOptions
- requiredClaimsstring[]
- oidc
- *issuerstring
- discovery
- *filestring
- authorizationEndpointstring
- tokenEndpointstring
- tokenEndpointAuthstring
- jwks
- *filestring
- *clientIdstring
- *clientSecretstring
- *redirectURIstring
- scopesstring[]
- basicAuth
- *htpasswd
- *filestring
- realmstring
- modestring
- authorizationLocation
- *header
- *namestring
- prefixstring
- apiKey
- *keys
- *keystring
- metadata
- modestring
- location
- *header
- *namestring
- prefixstring
- extAuthz
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- extProc
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- transformations
- *conditional
- conditionstring
- request
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- response
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- csrf
- additionalOriginsstring[]
- buffer
- request
- maxBytesinteger
- response
- maxBytesinteger
- timeout
- requestTimeoutstring
- backendRequestTimeoutstring
- retry
- attemptsinteger
- backoffstring
- *codesinteger[]
- preconditionstring
- conditionstring
- policies
- *name
- *namestring
- *namespacestring
- *target
- *gateway
- *gatewayNamestring
- *gatewayNamespacestring
- listenerNamestring
- portinteger
- phasestring
- *policy
- requestHeaderModifier
- addobject
- setobject
- removestring[]
- responseHeaderModifier
- addobject
- setobject
- removestring[]
- requestRedirect
- schemestring
- authority
- *fullstring
- path
- *fullstring
- statusinteger
- urlRewrite
- authority
- *fullstring
- path
- *fullstring
- requestMirror
- *backend
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- *percentagenumber
- directResponse
- *conditional
- conditionstring
- bodyarray|string
- bodyExpressionstring
- headersobject
- *statusinteger
- cors
- allowCredentialsboolean
- allowHeadersstring[]
- allowMethodsstring[]
- allowOriginsstring[]
- exposeHeadersstring[]
- maxAgestring
- mcpAuthorization
- *rules
- *allowstring
- mcpGuardrails
- *processors
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- authorization
- *rules
- *allowstring
- mcpAuthentication
- *issuerstring
- *audiencesstring[]
- provider
- *auth0object
- *resourceMetadataobject
- *jwks
- *filestring
- modestring
- authorizationLocation
- *header
- *namestring
- prefixstring
- jwtValidationOptions
- requiredClaimsstring[]
- clientIdstring
- a2aobject
- ai
- promptGuard
- streamingstring
- request
- *regex
- actionstring
- *rules
- *builtinstring
- response
- *regex
- actionstring
- *rules
- *builtinstring
- defaultsobject
- overridesobject
- transformationsobject
- prompts
- append
- *rolestring
- *contentstring
- prepend
- *rolestring
- *contentstring
- modelAliasesobject
- promptCaching
- cacheSystemboolean
- cacheMessagesboolean
- cacheToolsboolean
- minTokensinteger
- cacheMessageOffsetinteger
- routesobject
- backendTLS
- certstring
- keystring
- rootstring
- hostnamestring
- insecureboolean
- insecureHostboolean
- alpnstring[]
- subjectAltNamesstring[]
- keyExchangeGroupsstring[]
- backendTunnel
- *proxy
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- backendAuth
- *passthrough
- location
- *header
- *namestring
- prefixstring
- localRateLimit
- *conditional
- conditionstring
- maxTokensinteger
- tokensPerFillinteger
- *fillIntervalstring
- typestring
- remoteRateLimit
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- jwtAuth
- modestring
- location
- *header
- *namestring
- prefixstring
- *providers
- *issuerstring
- audiencesstring[]
- *jwks
- *filestring
- jwtValidationOptions
- requiredClaimsstring[]
- oidc
- *issuerstring
- discovery
- *filestring
- authorizationEndpointstring
- tokenEndpointstring
- tokenEndpointAuthstring
- jwks
- *filestring
- *clientIdstring
- *clientSecretstring
- *redirectURIstring
- scopesstring[]
- basicAuth
- *htpasswd
- *filestring
- realmstring
- modestring
- authorizationLocation
- *header
- *namestring
- prefixstring
- apiKey
- *keys
- *keystring
- metadata
- modestring
- location
- *header
- *namestring
- prefixstring
- extAuthz
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- extProc
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- transformations
- *conditional
- conditionstring
- request
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- response
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- csrf
- additionalOriginsstring[]
- buffer
- request
- maxBytesinteger
- response
- maxBytesinteger
- timeout
- requestTimeoutstring
- backendRequestTimeoutstring
- retry
- attemptsinteger
- backoffstring
- *codesinteger[]
- preconditionstring
- conditionstring
- workloads
- services
- backends
- *hoststring
- routeGroups
- *namestring
- *routes
- namestring
- namespacestring
- ruleNamestring
- hostnamesstring[]
- matches
- headers
- *namestring
- *value
- *exactstring
- path
- *exactstring
- methodstring
- query
- *namestring
- *value
- *exactstring
- policies
- requestHeaderModifier
- addobject
- setobject
- removestring[]
- responseHeaderModifier
- addobject
- setobject
- removestring[]
- requestRedirect
- schemestring
- authority
- *fullstring
- path
- *fullstring
- statusinteger
- urlRewrite
- authority
- *fullstring
- path
- *fullstring
- requestMirror
- *backend
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- *percentagenumber
- directResponse
- *conditional
- conditionstring
- bodyarray|string
- bodyExpressionstring
- headersobject
- *statusinteger
- cors
- allowCredentialsboolean
- allowHeadersstring[]
- allowMethodsstring[]
- allowOriginsstring[]
- exposeHeadersstring[]
- maxAgestring
- mcpAuthorization
- *rules
- *allowstring
- mcpGuardrails
- *processors
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- authorization
- *rules
- *allowstring
- mcpAuthentication
- *issuerstring
- *audiencesstring[]
- provider
- *auth0object
- *resourceMetadataobject
- *jwks
- *filestring
- modestring
- authorizationLocation
- *header
- *namestring
- prefixstring
- jwtValidationOptions
- requiredClaimsstring[]
- clientIdstring
- a2aobject
- ai
- promptGuard
- streamingstring
- request
- *regex
- actionstring
- *rules
- *builtinstring
- response
- *regex
- actionstring
- *rules
- *builtinstring
- defaultsobject
- overridesobject
- transformationsobject
- prompts
- append
- *rolestring
- *contentstring
- prepend
- *rolestring
- *contentstring
- modelAliasesobject
- promptCaching
- cacheSystemboolean
- cacheMessagesboolean
- cacheToolsboolean
- minTokensinteger
- cacheMessageOffsetinteger
- routesobject
- backendTLS
- certstring
- keystring
- rootstring
- hostnamestring
- insecureboolean
- insecureHostboolean
- alpnstring[]
- subjectAltNamesstring[]
- keyExchangeGroupsstring[]
- backendTunnel
- *proxy
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- backendAuth
- *passthrough
- location
- *header
- *namestring
- prefixstring
- localRateLimit
- *conditional
- conditionstring
- maxTokensinteger
- tokensPerFillinteger
- *fillIntervalstring
- typestring
- remoteRateLimit
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- jwtAuth
- modestring
- location
- *header
- *namestring
- prefixstring
- *providers
- *issuerstring
- audiencesstring[]
- *jwks
- *filestring
- jwtValidationOptions
- requiredClaimsstring[]
- oidc
- *issuerstring
- discovery
- *filestring
- authorizationEndpointstring
- tokenEndpointstring
- tokenEndpointAuthstring
- jwks
- *filestring
- *clientIdstring
- *clientSecretstring
- *redirectURIstring
- scopesstring[]
- basicAuth
- *htpasswd
- *filestring
- realmstring
- modestring
- authorizationLocation
- *header
- *namestring
- prefixstring
- apiKey
- *keys
- *keystring
- metadata
- modestring
- location
- *header
- *namestring
- prefixstring
- extAuthz
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- extProc
- *conditional
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
- transformations
- *conditional
- conditionstring
- request
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- response
- addobject
- setobject
- removestring[]
- bodystring
- metadataobject
- csrf
- additionalOriginsstring[]
- buffer
- request
- maxBytesinteger
- response
- maxBytesinteger
- timeout
- requestTimeoutstring
- backendRequestTimeoutstring
- retry
- attemptsinteger
- backoffstring
- *codesinteger[]
- preconditionstring
- conditionstring
- backends
- *service
- *name
- *namespacestring
- *hostnamestring
- *portinteger
config
No description for this field.
Validation
Defaultnull
config.enableIpv6
No description for this field.
config.dns
DNS resolver settings.
config.dns.lookupFamily
Controls which IP address families the DNS resolver will query for
upstream connections.
Accepted values: All, Auto, V4Preferred, V4Only, V6Only.
Defaults to Auto (IPv4-only when enableIpv6 is false, both when true).
upstream connections.
Accepted values: All, Auto, V4Preferred, V4Only, V6Only.
Defaults to Auto (IPv4-only when enableIpv6 is false, both when true).
Validation
ConstAll
config.dns.edns0
Whether to enable EDNS0 (Extension Mechanisms for DNS) in the resolver.
When
Can also be set via the
When
None, the system-provided resolver setting is preserved.Can also be set via the
DNS_EDNS0 environment variable.config.localXdsPath
Local XDS path. If not specified, the current configuration file will be used.
config.modelCatalog
Model cost catalog sources; entries are merged in order, with later entries taking precedence.
config.modelCatalog.file
No description for this field.
config.caAddress
No description for this field.
config.caAuthToken
No description for this field.
config.xdsAddress
No description for this field.
config.xdsAuthToken
No description for this field.
config.namespace
No description for this field.
config.gateway
No description for this field.
config.trustDomain
No description for this field.
config.additionalTrustDomains
Comma-separated list of additional SPIFFE trust domains accepted on inbound HBONE
connections. The local trust_domain is always implicitly included.
connections. The local trust_domain is always implicitly included.
config.skipValidateTrustDomain
When true, skip SPIFFE trust-domain verification on inbound HBONE connections.
config.serviceAccount
No description for this field.
config.clusterId
No description for this field.
config.network
No description for this field.
config.adminAddr
Admin UI address in the format "ip:port", "localhost:port", "unix:/path/to/socket", or "off"
config.statsAddr
Stats/metrics server address in the format "ip:port", "localhost:port", "unix:/path/to/socket", or "off"
config.readinessAddr
Readiness probe server address in the format "ip:port", "localhost:port", "unix:/path/to/socket", or "off"
config.session
Configuration for stateful session management
config.session.key
The AES-256-GCM session protection key to be used for session tokens.
If not set, sessions will not be encrypted.
For example, generated via
If not set, sessions will not be encrypted.
For example, generated via
openssl rand -hex 32.config.mcp
MCP gateway settings.
config.mcp.sessionTtl
No description for this field.
Validation
Defaultnull
config.connectionTerminationDeadline
No description for this field.
Validation
Defaultnull
config.connectionMinTerminationDeadline
No description for this field.
Validation
Defaultnull
config.workerThreads
No description for this field.
config.tracing
No description for this field.
config.tracing.otlpEndpoint
No description for this field.
config.tracing.headers
No description for this field.
Validation
Default{}
config.tracing.otlpProtocol
No description for this field.
Validation
Enumgrpc, http
Defaultgrpc
config.tracing.fields
No description for this field.
config.tracing.fields.remove
No description for this field.
Validation
Default[]
config.tracing.fields.add
No description for this field.
Validation
Default{}
config.tracing.randomSampling
Expression to determine the amount of *random sampling*.
Random sampling will initiate a new trace span if the incoming request does not have a trace already.
This should evaluate to either a float between 0.0-1.0 (0-100%) or true/false.
This defaults to 'false'.
Random sampling will initiate a new trace span if the incoming request does not have a trace already.
This should evaluate to either a float between 0.0-1.0 (0-100%) or true/false.
This defaults to 'false'.
config.tracing.clientSampling
Expression to determine the amount of *client sampling*.
Client sampling determines whether to initiate a new trace span if the incoming request does have a trace already.
This should evaluate to either a float between 0.0-1.0 (0-100%) or true/false.
This defaults to 'true'.
Client sampling determines whether to initiate a new trace span if the incoming request does have a trace already.
This should evaluate to either a float between 0.0-1.0 (0-100%) or true/false.
This defaults to 'true'.
config.tracing.path
OTLP path. Default is /v1/traces
config.logging
No description for this field.
config.logging.filter
No description for this field.
config.logging.fields
No description for this field.
config.logging.fields.remove
No description for this field.
Validation
Default[]
config.logging.fields.add
No description for this field.
Validation
Default{}
config.logging.level
No description for this field.
config.logging.format
No description for this field.
Validation
Enumtext, json
config.metrics
No description for this field.
config.metrics.remove
No description for this field.
Validation
Default[]
config.metrics.fields
No description for this field.
config.metrics.fields.add
No description for this field.
Validation
Default{}
config.backend
No description for this field.
Validation
Default{"keepalives": {"enabled": true, "time": "3m0s", "interval": "3m0s", "retries": 9}, "connectTimeout": "10s", "poolIdleTimeout": "1m30s", "poolMaxSize": null}
config.backend.keepalives
No description for this field.
Validation
Default{"enabled": true, "time": "3m0s", "interval": "3m0s", "retries": 9}
config.backend.keepalives.enabled
No description for this field.
Validation
Defaulttrue
config.backend.keepalives.time
No description for this field.
Validation
Default3m0s
config.backend.keepalives.interval
No description for this field.
Validation
Default3m0s
config.backend.keepalives.retries
No description for this field.
Validation
Default9
Formatuint32
Minimum0
config.backend.connectTimeout
No description for this field.
Validation
Default10s
config.backend.poolIdleTimeout
The maximum duration to keep an idle connection alive.
Validation
Default1m30s
config.backend.poolMaxSize
The maximum number of connections allowed in the pool, per hostname. If set, this will limit
the total number of connections kept alive to any given host.
Note: excess connections will still be created, they will just not remain idle.
If unset, there is no limit
the total number of connections kept alive to any given host.
Note: excess connections will still be created, they will just not remain idle.
If unset, there is no limit
Validation
Defaultnull
Formatuint
Minimum0
config.hbone
No description for this field.
config.hbone.windowSize
No description for this field.
Validation
Formatuint32
Minimum0
config.hbone.connectionWindowSize
No description for this field.
Validation
Formatuint32
Minimum0
config.hbone.frameSize
No description for this field.
Validation
Formatuint32
Minimum0
config.hbone.poolMaxStreamsPerConn
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
config.hbone.poolUnusedReleaseTimeout
No description for this field.
frontendPolicies
No description for this field.
frontendPolicies.http
Settings for handling incoming HTTP requests.
Validation
Defaultnull
frontendPolicies.http.maxBufferSize
Maximum request or response body size buffered by the frontend.
Validation
Default2097152
Formatuint
Minimum0
frontendPolicies.http.http1MaxHeaders
Maximum number of headers allowed in an HTTP/1 request. Changing this value causes a
performance degradation, even when set lower than the default of 100.
performance degradation, even when set lower than the default of 100.
Validation
Defaultnull
Formatuint
Minimum0
frontendPolicies.http.http1IdleTimeout
How long an idle HTTP/1 connection may stay open.
Validation
Default10m0s
frontendPolicies.http.http1HeaderCase
Header casing behavior for HTTP/1 responses.
Validation
Constlowercase
Defaultlowercase
frontendPolicies.http.http2WindowSize
HTTP/2 stream flow-control window size.
Validation
Defaultnull
Formatuint32
Minimum0
frontendPolicies.http.http2ConnectionWindowSize
HTTP/2 connection flow-control window size.
Validation
Defaultnull
Formatuint32
Minimum0
frontendPolicies.http.http2FrameSize
Maximum HTTP/2 frame size.
Validation
Defaultnull
Formatuint32
Minimum0
frontendPolicies.http.http2MaxHeaderSize
Maximum size of HTTP/2 request headers.
Validation
Defaultnull
Formatuint32
Minimum0
frontendPolicies.http.http2KeepaliveInterval
Interval between HTTP/2 keepalive pings.
Validation
Defaultnull
frontendPolicies.http.http2KeepaliveTimeout
Time to wait for an HTTP/2 keepalive ping response.
Validation
Defaultnull
frontendPolicies.http.maxConnectionDuration
Maximum time a connection may stay open. After this duration, the connection is gracefully
closed after the current in-flight request completes. Useful for even traffic distribution
behind load balancers during scaling events.
closed after the current in-flight request completes. Useful for even traffic distribution
behind load balancers during scaling events.
Validation
Defaultnull
frontendPolicies.tls
Settings for handling incoming TLS connections.
Validation
Defaultnull
frontendPolicies.tls.handshakeTimeout
Maximum time allowed to complete the downstream TLS handshake.
Validation
Default15s
frontendPolicies.tls.alpn
ALPN protocols advertised to downstream clients.
Validation
Defaultnull
frontendPolicies.tls.minVersion
Minimum TLS version accepted from downstream clients.
Validation
EnumTLS_V1_0, TLS_V1_1, TLS_V1_2, TLS_V1_3
frontendPolicies.tls.maxVersion
Maximum TLS version accepted from downstream clients.
Validation
EnumTLS_V1_0, TLS_V1_1, TLS_V1_2, TLS_V1_3
frontendPolicies.tls.cipherSuites
Cipher suites allowed for downstream TLS.
frontendPolicies.tls.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
frontendPolicies.tcp
Settings for handling incoming TCP connections.
Validation
Defaultnull
frontendPolicies.tcp.keepalives
TCP keepalive settings for downstream connections.
frontendPolicies.tcp.keepalives.enabled
No description for this field.
Validation
Defaulttrue
frontendPolicies.tcp.keepalives.time
No description for this field.
Validation
Default3m0s
frontendPolicies.tcp.keepalives.interval
No description for this field.
Validation
Default3m0s
frontendPolicies.tcp.keepalives.retries
No description for this field.
Validation
Default9
Formatuint32
Minimum0
frontendPolicies.networkAuthorization
CEL authorization for downstream network connections.
Validation
Defaultnull
frontendPolicies.networkAuthorization.rules
CEL authorization rules to evaluate for a request.
frontendPolicies.networkAuthorization.rules.allow
No description for this field.
frontendPolicies.proxy
Enable downstream PROXY protocol handling on this gateway or port, including
version matching and whether PROXY headers are required or optional.
version matching and whether PROXY headers are required or optional.
Validation
Defaultnull
frontendPolicies.proxy.version
PROXY protocol versions accepted from downstream clients.
Validation
Constv1
Defaultv2
frontendPolicies.proxy.mode
Whether downstream connections must include a PROXY protocol header.
Validation
Conststrict
Defaultstrict
frontendPolicies.proxyProtocol
Enable downstream PROXY protocol handling on this gateway or port, including
version matching and whether PROXY headers are required or optional.
version matching and whether PROXY headers are required or optional.
Validation
Defaultnull
frontendPolicies.proxyProtocol.version
PROXY protocol versions accepted from downstream clients.
Validation
Constv1
Defaultv2
frontendPolicies.proxyProtocol.mode
Whether downstream connections must include a PROXY protocol header.
Validation
Conststrict
Defaultstrict
frontendPolicies.connect
Enable or disable downstream HTTP CONNECT handling.
Validation
Defaultnull
frontendPolicies.connect.mode
How downstream HTTP CONNECT requests are handled.
Validation
Constdeny
frontendPolicies.accessLog
Settings for request access logs.
Validation
Defaultnull
frontendPolicies.accessLog.filter
CEL expression that decides whether a request is logged.
frontendPolicies.accessLog.add
Access log fields to add, computed from CEL expressions.
frontendPolicies.accessLog.remove
Access log field names to remove.
Validation
Unique itemstrue
frontendPolicies.accessLog.otlp
OTLP log export settings.
frontendPolicies.accessLog.otlp.service
No description for this field.
frontendPolicies.accessLog.otlp.service.name
No description for this field.
frontendPolicies.accessLog.otlp.service.name.namespace
No description for this field.
frontendPolicies.accessLog.otlp.service.name.hostname
No description for this field.
frontendPolicies.accessLog.otlp.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
frontendPolicies.logging
Settings for request access logs.
Validation
Defaultnull
frontendPolicies.logging.filter
CEL expression that decides whether a request is logged.
frontendPolicies.logging.add
Access log fields to add, computed from CEL expressions.
frontendPolicies.logging.remove
Access log field names to remove.
Validation
Unique itemstrue
frontendPolicies.logging.otlp
OTLP log export settings.
frontendPolicies.logging.otlp.service
No description for this field.
frontendPolicies.logging.otlp.service.name
No description for this field.
frontendPolicies.logging.otlp.service.name.namespace
No description for this field.
frontendPolicies.logging.otlp.service.name.hostname
No description for this field.
frontendPolicies.logging.otlp.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
frontendPolicies.tracing
Settings for exporting request traces.
Validation
Defaultnull
frontendPolicies.tracing.service
No description for this field.
frontendPolicies.tracing.service.name
No description for this field.
frontendPolicies.tracing.service.name.namespace
No description for this field.
frontendPolicies.tracing.service.name.hostname
No description for this field.
frontendPolicies.tracing.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds
No description for this field.
binds.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds.listeners
No description for this field.
binds.listeners.name
No description for this field.
Validation
Defaultnull
binds.listeners.namespace
No description for this field.
Validation
Defaultnull
binds.listeners.hostname
Can be a wildcard
binds.listeners.protocol
No description for this field.
Validation
EnumHTTP, HTTPS, TLS, TCP, HBONE
binds.listeners.tls
No description for this field.
binds.listeners.tls.mode
Certificate source mode. Static mode uses cert/key as the leaf certificate; dynamic CA
mode uses cert/key as a CA for on-demand SNI leaf certificate issuance.
mode uses cert/key as a CA for on-demand SNI leaf certificate issuance.
Validation
Enumstatic, dynamicCa
Defaultstatic
binds.listeners.tls.cert
No description for this field.
binds.listeners.tls.key
No description for this field.
binds.listeners.tls.root
No description for this field.
binds.listeners.tls.cipherSuites
Optional cipher suite allowlist (order is preserved).
binds.listeners.tls.minTLSVersion
Minimum supported TLS version (only TLS 1.2 and 1.3 are supported).
Validation
EnumTLS_V1_0, TLS_V1_1, TLS_V1_2, TLS_V1_3
binds.listeners.tls.minTlsVersion
Minimum supported TLS version (only TLS 1.2 and 1.3 are supported).
Validation
EnumTLS_V1_0, TLS_V1_1, TLS_V1_2, TLS_V1_3
binds.listeners.tls.maxTLSVersion
Maximum supported TLS version (only TLS 1.2 and 1.3 are supported).
Validation
EnumTLS_V1_0, TLS_V1_1, TLS_V1_2, TLS_V1_3
binds.listeners.tls.maxTlsVersion
Maximum supported TLS version (only TLS 1.2 and 1.3 are supported).
Validation
EnumTLS_V1_0, TLS_V1_1, TLS_V1_2, TLS_V1_3
binds.listeners.tls.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
binds.listeners.routes
No description for this field.
binds.listeners.routes.name
No description for this field.
Validation
Defaultnull
binds.listeners.routes.namespace
No description for this field.
Validation
Defaultnull
binds.listeners.routes.ruleName
No description for this field.
Validation
Defaultnull
binds.listeners.routes.hostnames
Can be a wildcard
binds.listeners.routes.matches
No description for this field.
Validation
Default[{"path": {"pathPrefix": "/"}}]
binds.listeners.routes.matches.headers
No description for this field.
binds.listeners.routes.matches.headers.name
No description for this field.
binds.listeners.routes.matches.headers.value
No description for this field.
binds.listeners.routes.matches.headers.value.exact
No description for this field.
binds.listeners.routes.matches.path
No description for this field.
Validation
Default{"pathPrefix": "/"}
binds.listeners.routes.matches.path.exact
No description for this field.
binds.listeners.routes.matches.method
No description for this field.
binds.listeners.routes.matches.query
No description for this field.
binds.listeners.routes.matches.query.name
No description for this field.
binds.listeners.routes.matches.query.value
No description for this field.
binds.listeners.routes.matches.query.value.exact
No description for this field.
binds.listeners.routes.policies
No description for this field.
binds.listeners.routes.policies.requestHeaderModifier
Modify request headers before forwarding.
Validation
Defaultnull
binds.listeners.routes.policies.requestHeaderModifier.add
Headers to append without replacing existing values.
binds.listeners.routes.policies.requestHeaderModifier.set
Headers to set, replacing any existing values.
binds.listeners.routes.policies.requestHeaderModifier.remove
Header names to remove.
binds.listeners.routes.policies.responseHeaderModifier
Modify response headers before returning to the client.
Validation
Defaultnull
binds.listeners.routes.policies.responseHeaderModifier.add
Headers to append without replacing existing values.
binds.listeners.routes.policies.responseHeaderModifier.set
Headers to set, replacing any existing values.
binds.listeners.routes.policies.responseHeaderModifier.remove
Header names to remove.
binds.listeners.routes.policies.requestRedirect
Return a redirect response instead of forwarding the request.
Validation
Defaultnull
binds.listeners.routes.policies.requestRedirect.scheme
Scheme to use in the redirect URL, such as
http or https.binds.listeners.routes.policies.requestRedirect.authority
Host or port rewrite to apply to the redirect URL.
binds.listeners.routes.policies.requestRedirect.authority.full
No description for this field.
binds.listeners.routes.policies.requestRedirect.path
Path rewrite to apply to the redirect URL.
binds.listeners.routes.policies.requestRedirect.path.full
No description for this field.
binds.listeners.routes.policies.requestRedirect.status
HTTP status code to return for the redirect.
Validation
Formatuint16
Minimum1
Maximum65535
binds.listeners.routes.policies.urlRewrite
Rewrite the request path or authority before forwarding.
Validation
Defaultnull
binds.listeners.routes.policies.urlRewrite.authority
Host or port rewrite to apply before forwarding the request.
binds.listeners.routes.policies.urlRewrite.authority.full
No description for this field.
binds.listeners.routes.policies.urlRewrite.path
Path rewrite to apply before forwarding the request.
binds.listeners.routes.policies.urlRewrite.path.full
No description for this field.
binds.listeners.routes.policies.requestMirror
Send a copy of matching requests to another backend.
Validation
Defaultnull
binds.listeners.routes.policies.requestMirror.backend
Backend that receives mirrored request copies.
binds.listeners.routes.policies.requestMirror.backend.service
No description for this field.
binds.listeners.routes.policies.requestMirror.backend.service.name
No description for this field.
binds.listeners.routes.policies.requestMirror.backend.service.name.namespace
No description for this field.
binds.listeners.routes.policies.requestMirror.backend.service.name.hostname
No description for this field.
binds.listeners.routes.policies.requestMirror.backend.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds.listeners.routes.policies.requestMirror.percentage
Fraction of matching requests to mirror, from 0.0 to 1.0.
Validation
Formatdouble
binds.listeners.routes.policies.directResponse
Return a configured response instead of forwarding the request.
binds.listeners.routes.policies.directResponse.conditional
conditional policy entries. An entry without a condition must be the final fallback.
binds.listeners.routes.policies.directResponse.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
binds.listeners.routes.policies.directResponse.conditional.body
Static response body, encoded as bytes.
binds.listeners.routes.policies.directResponse.conditional.bodyExpression
CEL expression that computes the response body.
binds.listeners.routes.policies.directResponse.conditional.headers
Response headers computed from CEL expressions.
binds.listeners.routes.policies.directResponse.conditional.status
HTTP status code to return.
Validation
Formatuint16
Minimum1
Maximum65535
binds.listeners.routes.policies.cors
Handle CORS preflight requests and append configured CORS headers to applicable requests.
Validation
Defaultnull
binds.listeners.routes.policies.cors.allowCredentials
Add
Access-Control-Allow-Credentials: true on allowed CORS responses.Validation
Defaultfalse
binds.listeners.routes.policies.cors.allowHeaders
Values to return in
Access-Control-Allow-Headers for allowed preflight requests.Validation
Default[]
binds.listeners.routes.policies.cors.allowMethods
Values to return in
Access-Control-Allow-Methods for allowed preflight requests.Validation
Default[]
binds.listeners.routes.policies.cors.allowOrigins
Request origins that receive CORS response headers. Use
* to match any origin.Validation
Default[]
binds.listeners.routes.policies.cors.exposeHeaders
Values to return in
Access-Control-Expose-Headers for allowed CORS responses.Validation
Default[]
binds.listeners.routes.policies.cors.maxAge
Value to return in
Access-Control-Max-Age for allowed preflight requests.Validation
Defaultnull
binds.listeners.routes.policies.mcpAuthorization
Authorization rules for MCP requests.
Validation
Defaultnull
binds.listeners.routes.policies.mcpAuthorization.rules
CEL authorization rules to evaluate for a request.
binds.listeners.routes.policies.mcpAuthorization.rules.allow
No description for this field.
binds.listeners.routes.policies.mcpGuardrails
External MCP policy processors.
Validation
Defaultnull
binds.listeners.routes.policies.mcpGuardrails.processors
Ordered list of policy processors applied to matched methods; the first
to reject a request short-circuits the chain. Processors may run on the
request or response side, or both; see
to reject a request short-circuits the chain. Processors may run on the
request or response side, or both; see
Processor.methods.Validation
Min items1
binds.listeners.routes.policies.mcpGuardrails.processors.service
No description for this field.
binds.listeners.routes.policies.mcpGuardrails.processors.service.name
No description for this field.
binds.listeners.routes.policies.mcpGuardrails.processors.service.name.namespace
No description for this field.
binds.listeners.routes.policies.mcpGuardrails.processors.service.name.hostname
No description for this field.
binds.listeners.routes.policies.mcpGuardrails.processors.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds.listeners.routes.policies.authorization
Authorization rules for incoming HTTP requests.
Validation
Defaultnull
binds.listeners.routes.policies.authorization.rules
CEL authorization rules to evaluate for a request.
binds.listeners.routes.policies.authorization.rules.allow
No description for this field.
binds.listeners.routes.policies.mcpAuthentication
Authenticate MCP clients.
binds.listeners.routes.policies.mcpAuthentication.issuer
Expected token issuer, matched against the JWT
iss claim.binds.listeners.routes.policies.mcpAuthentication.audiences
Accepted token audiences, matched against the JWT
aud claim.binds.listeners.routes.policies.mcpAuthentication.provider
Identity provider type used to derive MCP authorization metadata and default JWKS URLs.
binds.listeners.routes.policies.mcpAuthentication.provider.auth0
No description for this field.
binds.listeners.routes.policies.mcpAuthentication.resourceMetadata
Protected resource metadata returned to MCP clients.
binds.listeners.routes.policies.mcpAuthentication.jwks
JSON Web Key Set used to verify token signatures. Can be inline, from a file, or fetched remotely.
binds.listeners.routes.policies.mcpAuthentication.jwks.file
No description for this field.
binds.listeners.routes.policies.mcpAuthentication.mode
Controls whether MCP requests must include a valid JWT.
Validation
Conststrict
Defaultstrict
binds.listeners.routes.policies.mcpAuthentication.authorizationLocation
Where to read the JWT from in incoming MCP requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
binds.listeners.routes.policies.mcpAuthentication.authorizationLocation.header
No description for this field.
binds.listeners.routes.policies.mcpAuthentication.authorizationLocation.header.name
Header name containing the credential.
binds.listeners.routes.policies.mcpAuthentication.authorizationLocation.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .binds.listeners.routes.policies.mcpAuthentication.jwtValidationOptions
Claim requirements to enforce after the token signature is verified.
binds.listeners.routes.policies.mcpAuthentication.jwtValidationOptions.requiredClaims
Claims that must be present in the token before validation.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Validation
Default["exp"]
Unique itemstrue
binds.listeners.routes.policies.mcpAuthentication.clientId
OAuth client ID advertised to MCP clients when needed.
binds.listeners.routes.policies.a2a
Mark this traffic as A2A to enable A2A processing and telemetry.
Validation
Defaultnull
binds.listeners.routes.policies.ai
Mark this as LLM traffic to enable LLM processing.
Validation
Defaultnull
binds.listeners.routes.policies.ai.promptGuard
Prompt and response guardrails to apply to LLM traffic.
binds.listeners.routes.policies.ai.promptGuard.streaming
Apply prompt guards to streaming responses and realtime websocket messages.
Validation
ConstDisabled
binds.listeners.routes.policies.ai.promptGuard.request
Guards applied to client requests before they reach the LLM.
binds.listeners.routes.policies.ai.promptGuard.request.regex
No description for this field.
binds.listeners.routes.policies.ai.promptGuard.request.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
binds.listeners.routes.policies.ai.promptGuard.request.regex.rules
Regex or built-in patterns to evaluate.
binds.listeners.routes.policies.ai.promptGuard.request.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
binds.listeners.routes.policies.ai.promptGuard.response
Guards applied to LLM responses before they reach the client.
binds.listeners.routes.policies.ai.promptGuard.response.regex
No description for this field.
binds.listeners.routes.policies.ai.promptGuard.response.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
binds.listeners.routes.policies.ai.promptGuard.response.regex.rules
Regex or built-in patterns to evaluate.
binds.listeners.routes.policies.ai.promptGuard.response.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
binds.listeners.routes.policies.ai.defaults
Default request body values added only when the client did not provide them.
binds.listeners.routes.policies.ai.overrides
Request body values that replace client-provided values.
binds.listeners.routes.policies.ai.transformations
Request body values computed from CEL expressions.
binds.listeners.routes.policies.ai.prompts
Messages to add before or after the client prompt.
Validation
Min properties1
binds.listeners.routes.policies.ai.prompts.append
Messages appended to the end of each chat request.
binds.listeners.routes.policies.ai.prompts.append.role
No description for this field.
binds.listeners.routes.policies.ai.prompts.append.content
No description for this field.
binds.listeners.routes.policies.ai.prompts.prepend
Messages prepended to the beginning of each chat request.
binds.listeners.routes.policies.ai.prompts.prepend.role
No description for this field.
binds.listeners.routes.policies.ai.prompts.prepend.content
No description for this field.
binds.listeners.routes.policies.ai.modelAliases
Model name aliases that rewrite requested model names.
binds.listeners.routes.policies.ai.promptCaching
Prompt caching settings for providers that support cache markers.
binds.listeners.routes.policies.ai.promptCaching.cacheSystem
Add cache markers to system prompts when supported by the provider.
Validation
Defaulttrue
binds.listeners.routes.policies.ai.promptCaching.cacheMessages
Add cache markers to chat messages when supported by the provider.
Validation
Defaulttrue
binds.listeners.routes.policies.ai.promptCaching.cacheTools
Add cache markers to tool definitions when supported by the provider.
Validation
Defaultfalse
binds.listeners.routes.policies.ai.promptCaching.minTokens
Minimum prompt size required before cache markers are added.
Validation
Default1024
Formatuint
Minimum0
binds.listeners.routes.policies.ai.promptCaching.cacheMessageOffset
Message offset used when choosing where to place cache markers.
Validation
Default0
Formatuint
Minimum0
binds.listeners.routes.policies.ai.routes
Route type overrides selected by request path suffix.
binds.listeners.routes.policies.backendTLS
TLS settings used when connecting to the backend.
binds.listeners.routes.policies.backendTLS.cert
Client certificate file to present to the backend.
binds.listeners.routes.policies.backendTLS.key
Private key file for the client certificate.
binds.listeners.routes.policies.backendTLS.root
Root certificate bundle used to verify the backend certificate.
binds.listeners.routes.policies.backendTLS.hostname
Server name to use for TLS verification and SNI.
binds.listeners.routes.policies.backendTLS.insecure
Skip certificate trust verification for the backend connection.
Validation
Defaultfalse
binds.listeners.routes.policies.backendTLS.insecureHost
Skip hostname verification for the backend certificate.
Validation
Defaultfalse
binds.listeners.routes.policies.backendTLS.alpn
ALPN protocols to offer to the backend.
Validation
Defaultnull
binds.listeners.routes.policies.backendTLS.subjectAltNames
Additional subject alternative names accepted for the backend certificate.
Validation
Defaultnull
binds.listeners.routes.policies.backendTLS.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
Validation
Defaultnull
binds.listeners.routes.policies.backendTunnel
Tunnel settings used when connecting to the backend.
Validation
Defaultnull
binds.listeners.routes.policies.backendTunnel.proxy
Proxy backend used to tunnel the connection.
binds.listeners.routes.policies.backendTunnel.proxy.service
No description for this field.
binds.listeners.routes.policies.backendTunnel.proxy.service.name
No description for this field.
binds.listeners.routes.policies.backendTunnel.proxy.service.name.namespace
No description for this field.
binds.listeners.routes.policies.backendTunnel.proxy.service.name.hostname
No description for this field.
binds.listeners.routes.policies.backendTunnel.proxy.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds.listeners.routes.policies.backendAuth
Authentication credentials sent to the backend.
Validation
Defaultnull
binds.listeners.routes.policies.backendAuth.passthrough
No description for this field.
binds.listeners.routes.policies.backendAuth.passthrough.location
Where to place the forwarded credential in the backend request.
binds.listeners.routes.policies.backendAuth.passthrough.location.header
No description for this field.
binds.listeners.routes.policies.backendAuth.passthrough.location.header.name
Header name containing the credential.
binds.listeners.routes.policies.backendAuth.passthrough.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .binds.listeners.routes.policies.localRateLimit
Local rate limits for incoming requests.
binds.listeners.routes.policies.localRateLimit.conditional
conditional policy entries. An entry without a condition must be the final fallback.
binds.listeners.routes.policies.localRateLimit.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
binds.listeners.routes.policies.localRateLimit.conditional.maxTokens
Maximum number of tokens that can accumulate in the local bucket.
Validation
Default0
Formatuint64
Minimum0
binds.listeners.routes.policies.localRateLimit.conditional.tokensPerFill
Number of tokens added to the local bucket each fill interval.
Validation
Default0
Formatuint64
Minimum0
binds.listeners.routes.policies.localRateLimit.conditional.fillInterval
How often the local bucket is refilled.
binds.listeners.routes.policies.localRateLimit.conditional.type
Whether this limit counts requests or LLM tokens.
Validation
Constrequests
Defaultrequests
binds.listeners.routes.policies.remoteRateLimit
Remote rate limit checks for incoming requests.
binds.listeners.routes.policies.remoteRateLimit.conditional
conditional policy entries. An entry without a condition must be the final fallback.
binds.listeners.routes.policies.remoteRateLimit.conditional.service
No description for this field.
binds.listeners.routes.policies.remoteRateLimit.conditional.service.name
No description for this field.
binds.listeners.routes.policies.remoteRateLimit.conditional.service.name.namespace
No description for this field.
binds.listeners.routes.policies.remoteRateLimit.conditional.service.name.hostname
No description for this field.
binds.listeners.routes.policies.remoteRateLimit.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds.listeners.routes.policies.jwtAuth
Authenticate incoming requests with JWT bearer tokens.
binds.listeners.routes.policies.jwtAuth.mode
Controls whether requests must include a JWT and how validation failures are handled.
Validation
Conststrict
Defaultoptional
binds.listeners.routes.policies.jwtAuth.location
Where to read the JWT from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
binds.listeners.routes.policies.jwtAuth.location.header
No description for this field.
binds.listeners.routes.policies.jwtAuth.location.header.name
Header name containing the credential.
binds.listeners.routes.policies.jwtAuth.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .binds.listeners.routes.policies.jwtAuth.providers
Trusted issuers and their signing keys.
binds.listeners.routes.policies.jwtAuth.providers.issuer
Expected token issuer, matched against the JWT
iss claim.binds.listeners.routes.policies.jwtAuth.providers.audiences
Accepted token audiences, matched against the JWT
aud claim when set.binds.listeners.routes.policies.jwtAuth.providers.jwks
JSON Web Key Set used to verify token signatures. Can be inline, from a file, or fetched remotely.
binds.listeners.routes.policies.jwtAuth.providers.jwks.file
No description for this field.
binds.listeners.routes.policies.jwtAuth.providers.jwtValidationOptions
Claim requirements to enforce after the token signature is verified.
binds.listeners.routes.policies.jwtAuth.providers.jwtValidationOptions.requiredClaims
Claims that must be present in the token before validation.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Validation
Default["exp"]
Unique itemstrue
binds.listeners.routes.policies.oidc
Authenticate browser requests with OIDC authorization code flow.
binds.listeners.routes.policies.oidc.issuer
Issuer used for discovery and ID token validation.
binds.listeners.routes.policies.oidc.discovery
Optional discovery document override. If omitted, discovery uses
${issuer}/.well-known/openid-configuration.binds.listeners.routes.policies.oidc.discovery.file
No description for this field.
binds.listeners.routes.policies.oidc.authorizationEndpoint
Authorization endpoint used to start the browser login flow.
Validation
Defaultnull
binds.listeners.routes.policies.oidc.tokenEndpoint
Token endpoint used to exchange the authorization code.
Validation
Defaultnull
binds.listeners.routes.policies.oidc.tokenEndpointAuth
Token endpoint client authentication method for explicit provider configuration.
Discovery mode derives this from provider metadata. Explicit mode defaults to
clientSecretBasic when omitted.Validation
EnumclientSecretBasic, clientSecretPost
Defaultnull
binds.listeners.routes.policies.oidc.jwks
JWKS source used to validate returned ID tokens.
binds.listeners.routes.policies.oidc.jwks.file
No description for this field.
binds.listeners.routes.policies.oidc.clientId
OAuth2 client identifier used for authorization and token exchange.
binds.listeners.routes.policies.oidc.clientSecret
OAuth2 client secret used for token exchange.
binds.listeners.routes.policies.oidc.redirectURI
Absolute callback URI handled by the gateway.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
binds.listeners.routes.policies.oidc.scopes
Additional OAuth2 scopes to request.
openid is always included.Validation
Default[]
binds.listeners.routes.policies.basicAuth
Authenticate incoming requests with Basic Auth credentials from an htpasswd user database.
binds.listeners.routes.policies.basicAuth.htpasswd
User database in htpasswd format. Can be inline or loaded from a file.
binds.listeners.routes.policies.basicAuth.htpasswd.file
No description for this field.
binds.listeners.routes.policies.basicAuth.realm
Realm shown in the
WWW-Authenticate response header when credentials are missing or invalid.Validation
Defaultnull
binds.listeners.routes.policies.basicAuth.mode
Controls whether requests must include valid Basic Auth credentials.
Validation
Conststrict
Defaultoptional
binds.listeners.routes.policies.basicAuth.authorizationLocation
Where to read the Basic Auth credentials from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Basic "}}
binds.listeners.routes.policies.basicAuth.authorizationLocation.header
No description for this field.
binds.listeners.routes.policies.basicAuth.authorizationLocation.header.name
Header name containing the credential.
binds.listeners.routes.policies.basicAuth.authorizationLocation.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .binds.listeners.routes.policies.apiKey
Authenticate incoming requests with API keys.
binds.listeners.routes.policies.apiKey.keys
API keys that are accepted by this policy.
binds.listeners.routes.policies.apiKey.keys.key
API key value to accept.
binds.listeners.routes.policies.apiKey.keys.metadata
Optional metadata attached to requests authenticated with this key.
binds.listeners.routes.policies.apiKey.mode
Controls whether requests must include a valid API key.
Validation
Conststrict
Defaultoptional
binds.listeners.routes.policies.apiKey.location
Where to read the API key from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
binds.listeners.routes.policies.apiKey.location.header
No description for this field.
binds.listeners.routes.policies.apiKey.location.header.name
Header name containing the credential.
binds.listeners.routes.policies.apiKey.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .binds.listeners.routes.policies.extAuthz
Authorize incoming requests by calling an external authorization service.
binds.listeners.routes.policies.extAuthz.conditional
conditional policy entries. An entry without a condition must be the final fallback.
binds.listeners.routes.policies.extAuthz.conditional.service
No description for this field.
binds.listeners.routes.policies.extAuthz.conditional.service.name
No description for this field.
binds.listeners.routes.policies.extAuthz.conditional.service.name.namespace
No description for this field.
binds.listeners.routes.policies.extAuthz.conditional.service.name.hostname
No description for this field.
binds.listeners.routes.policies.extAuthz.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds.listeners.routes.policies.extProc
Send request and response data to an external processing service.
binds.listeners.routes.policies.extProc.conditional
conditional policy entries. An entry without a condition must be the final fallback.
binds.listeners.routes.policies.extProc.conditional.service
No description for this field.
binds.listeners.routes.policies.extProc.conditional.service.name
No description for this field.
binds.listeners.routes.policies.extProc.conditional.service.name.namespace
No description for this field.
binds.listeners.routes.policies.extProc.conditional.service.name.hostname
No description for this field.
binds.listeners.routes.policies.extProc.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds.listeners.routes.policies.transformations
Modify request and response headers, bodies, or metadata.
binds.listeners.routes.policies.transformations.conditional
conditional policy entries. An entry without a condition must be the final fallback.
binds.listeners.routes.policies.transformations.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
binds.listeners.routes.policies.transformations.conditional.request
Transform the request before it is forwarded.
binds.listeners.routes.policies.transformations.conditional.request.add
Headers to append using CEL expressions for values.
Validation
Default{}
binds.listeners.routes.policies.transformations.conditional.request.set
Headers to set using CEL expressions for values.
Validation
Default{}
binds.listeners.routes.policies.transformations.conditional.request.remove
Header names to remove.
Validation
Default[]
binds.listeners.routes.policies.transformations.conditional.request.body
CEL expression that computes a replacement body.
Validation
Defaultnull
binds.listeners.routes.policies.transformations.conditional.request.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
binds.listeners.routes.policies.transformations.conditional.response
Transform the response before it is returned.
binds.listeners.routes.policies.transformations.conditional.response.add
Headers to append using CEL expressions for values.
Validation
Default{}
binds.listeners.routes.policies.transformations.conditional.response.set
Headers to set using CEL expressions for values.
Validation
Default{}
binds.listeners.routes.policies.transformations.conditional.response.remove
Header names to remove.
Validation
Default[]
binds.listeners.routes.policies.transformations.conditional.response.body
CEL expression that computes a replacement body.
Validation
Defaultnull
binds.listeners.routes.policies.transformations.conditional.response.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
binds.listeners.routes.policies.csrf
Handle CSRF protection by validating request origins against configured allowed origins.
Validation
Defaultnull
binds.listeners.routes.policies.csrf.additionalOrigins
Additional trusted origins allowed to send state-changing requests.
Validation
Default[]
Unique itemstrue
binds.listeners.routes.policies.buffer
Buffer request and response bodies.
Validation
Defaultnull
binds.listeners.routes.policies.buffer.request
Buffer incoming request bodies before forwarding.
binds.listeners.routes.policies.buffer.request.maxBytes
Maximum body size to buffer in bytes.
Validation
Formatuint
Minimum0
binds.listeners.routes.policies.buffer.response
Buffer upstream response bodies before sending them to the client.
binds.listeners.routes.policies.buffer.response.maxBytes
Maximum body size to buffer in bytes.
Validation
Formatuint
Minimum0
binds.listeners.routes.policies.timeout
Set request timeout limits.
Validation
Defaultnull
binds.listeners.routes.policies.timeout.requestTimeout
Maximum time allowed for the full downstream request and response.
binds.listeners.routes.policies.timeout.backendRequestTimeout
Maximum time allowed for the upstream backend request.
binds.listeners.routes.policies.retry
Retry matching failed upstream requests.
Validation
Defaultnull
binds.listeners.routes.policies.retry.attempts
Total number of attempts, including the original request.
Validation
Default1
Formatuint8
Minimum1
Maximum255
binds.listeners.routes.policies.retry.backoff
Delay between retry attempts.
binds.listeners.routes.policies.retry.codes
HTTP response status codes that should be retried.
binds.listeners.routes.policies.retry.precondition
CEL expression evaluated against the request before any attempt; when
retries are disabled (only the initial attempt is made), e.g.
Retrying requires buffering the request body in memory for replay, so this lets us skip
that cost when the request is known to be non-retriable (e.g. streaming or websockets).
false,retries are disabled (only the initial attempt is made), e.g.
request.method == "GET".Retrying requires buffering the request body in memory for replay, so this lets us skip
that cost when the request is known to be non-retriable (e.g. streaming or websockets).
binds.listeners.routes.policies.retry.condition
CEL expression evaluated against each response to decide whether to retry. A response
is retried when its status code is in
is retried when its status code is in
codes *or* this expression evaluates to true.binds.listeners.routes.backends
No description for this field.
binds.listeners.routes.backends.service
No description for this field.
binds.listeners.routes.backends.service.name
No description for this field.
binds.listeners.routes.backends.service.name.namespace
No description for this field.
binds.listeners.routes.backends.service.name.hostname
No description for this field.
binds.listeners.routes.backends.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds.listeners.tcpRoutes
No description for this field.
binds.listeners.tcpRoutes.name
No description for this field.
Validation
Defaultnull
binds.listeners.tcpRoutes.namespace
No description for this field.
Validation
Defaultnull
binds.listeners.tcpRoutes.ruleName
No description for this field.
Validation
Defaultnull
binds.listeners.tcpRoutes.hostnames
Can be a wildcard
binds.listeners.tcpRoutes.policies
No description for this field.
binds.listeners.tcpRoutes.policies.backendTLS
No description for this field.
binds.listeners.tcpRoutes.policies.backendTLS.cert
Client certificate file to present to the backend.
binds.listeners.tcpRoutes.policies.backendTLS.key
Private key file for the client certificate.
binds.listeners.tcpRoutes.policies.backendTLS.root
Root certificate bundle used to verify the backend certificate.
binds.listeners.tcpRoutes.policies.backendTLS.hostname
Server name to use for TLS verification and SNI.
binds.listeners.tcpRoutes.policies.backendTLS.insecure
Skip certificate trust verification for the backend connection.
Validation
Defaultfalse
binds.listeners.tcpRoutes.policies.backendTLS.insecureHost
Skip hostname verification for the backend certificate.
Validation
Defaultfalse
binds.listeners.tcpRoutes.policies.backendTLS.alpn
ALPN protocols to offer to the backend.
Validation
Defaultnull
binds.listeners.tcpRoutes.policies.backendTLS.subjectAltNames
Additional subject alternative names accepted for the backend certificate.
Validation
Defaultnull
binds.listeners.tcpRoutes.policies.backendTLS.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
Validation
Defaultnull
binds.listeners.tcpRoutes.backends
No description for this field.
binds.listeners.tcpRoutes.backends.service
No description for this field.
binds.listeners.tcpRoutes.backends.service.name
No description for this field.
binds.listeners.tcpRoutes.backends.service.name.namespace
No description for this field.
binds.listeners.tcpRoutes.backends.service.name.hostname
No description for this field.
binds.listeners.tcpRoutes.backends.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds.listeners.policies
No description for this field.
binds.listeners.policies.oidc
Authenticate browser requests with OIDC authorization code flow.
binds.listeners.policies.oidc.issuer
Issuer used for discovery and ID token validation.
binds.listeners.policies.oidc.discovery
Optional discovery document override. If omitted, discovery uses
${issuer}/.well-known/openid-configuration.binds.listeners.policies.oidc.discovery.file
No description for this field.
binds.listeners.policies.oidc.authorizationEndpoint
Authorization endpoint used to start the browser login flow.
Validation
Defaultnull
binds.listeners.policies.oidc.tokenEndpoint
Token endpoint used to exchange the authorization code.
Validation
Defaultnull
binds.listeners.policies.oidc.tokenEndpointAuth
Token endpoint client authentication method for explicit provider configuration.
Discovery mode derives this from provider metadata. Explicit mode defaults to
clientSecretBasic when omitted.Validation
EnumclientSecretBasic, clientSecretPost
Defaultnull
binds.listeners.policies.oidc.jwks
JWKS source used to validate returned ID tokens.
binds.listeners.policies.oidc.jwks.file
No description for this field.
binds.listeners.policies.oidc.clientId
OAuth2 client identifier used for authorization and token exchange.
binds.listeners.policies.oidc.clientSecret
OAuth2 client secret used for token exchange.
binds.listeners.policies.oidc.redirectURI
Absolute callback URI handled by the gateway.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
binds.listeners.policies.oidc.scopes
Additional OAuth2 scopes to request.
openid is always included.Validation
Default[]
binds.listeners.policies.jwtAuth
Authenticate incoming requests with JWT bearer tokens.
binds.listeners.policies.jwtAuth.mode
Controls whether requests must include a JWT and how validation failures are handled.
Validation
Conststrict
Defaultoptional
binds.listeners.policies.jwtAuth.location
Where to read the JWT from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
binds.listeners.policies.jwtAuth.location.header
No description for this field.
binds.listeners.policies.jwtAuth.location.header.name
Header name containing the credential.
binds.listeners.policies.jwtAuth.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .binds.listeners.policies.jwtAuth.providers
Trusted issuers and their signing keys.
binds.listeners.policies.jwtAuth.providers.issuer
Expected token issuer, matched against the JWT
iss claim.binds.listeners.policies.jwtAuth.providers.audiences
Accepted token audiences, matched against the JWT
aud claim when set.binds.listeners.policies.jwtAuth.providers.jwks
JSON Web Key Set used to verify token signatures. Can be inline, from a file, or fetched remotely.
binds.listeners.policies.jwtAuth.providers.jwks.file
No description for this field.
binds.listeners.policies.jwtAuth.providers.jwtValidationOptions
Claim requirements to enforce after the token signature is verified.
binds.listeners.policies.jwtAuth.providers.jwtValidationOptions.requiredClaims
Claims that must be present in the token before validation.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Validation
Default["exp"]
Unique itemstrue
binds.listeners.policies.authorization
Authorization rules for incoming HTTP requests.
Validation
Defaultnull
binds.listeners.policies.authorization.rules
CEL authorization rules to evaluate for a request.
binds.listeners.policies.authorization.rules.allow
No description for this field.
binds.listeners.policies.extAuthz
Authorize incoming requests by calling an external authorization service.
binds.listeners.policies.extAuthz.conditional
conditional policy entries. An entry without a condition must be the final fallback.
binds.listeners.policies.extAuthz.conditional.service
No description for this field.
binds.listeners.policies.extAuthz.conditional.service.name
No description for this field.
binds.listeners.policies.extAuthz.conditional.service.name.namespace
No description for this field.
binds.listeners.policies.extAuthz.conditional.service.name.hostname
No description for this field.
binds.listeners.policies.extAuthz.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds.listeners.policies.extProc
Send request and response data to an external processing service.
binds.listeners.policies.extProc.conditional
conditional policy entries. An entry without a condition must be the final fallback.
binds.listeners.policies.extProc.conditional.service
No description for this field.
binds.listeners.policies.extProc.conditional.service.name
No description for this field.
binds.listeners.policies.extProc.conditional.service.name.namespace
No description for this field.
binds.listeners.policies.extProc.conditional.service.name.hostname
No description for this field.
binds.listeners.policies.extProc.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
binds.listeners.policies.cors
Handle CORS preflight requests and append configured CORS headers to applicable requests.
Validation
Defaultnull
binds.listeners.policies.cors.allowCredentials
Add
Access-Control-Allow-Credentials: true on allowed CORS responses.Validation
Defaultfalse
binds.listeners.policies.cors.allowHeaders
Values to return in
Access-Control-Allow-Headers for allowed preflight requests.Validation
Default[]
binds.listeners.policies.cors.allowMethods
Values to return in
Access-Control-Allow-Methods for allowed preflight requests.Validation
Default[]
binds.listeners.policies.cors.allowOrigins
Request origins that receive CORS response headers. Use
* to match any origin.Validation
Default[]
binds.listeners.policies.cors.exposeHeaders
Values to return in
Access-Control-Expose-Headers for allowed CORS responses.Validation
Default[]
binds.listeners.policies.cors.maxAge
Value to return in
Access-Control-Max-Age for allowed preflight requests.Validation
Defaultnull
binds.listeners.policies.transformations
Modify request and response headers, bodies, or metadata.
binds.listeners.policies.transformations.conditional
conditional policy entries. An entry without a condition must be the final fallback.
binds.listeners.policies.transformations.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
binds.listeners.policies.transformations.conditional.request
Transform the request before it is forwarded.
binds.listeners.policies.transformations.conditional.request.add
Headers to append using CEL expressions for values.
Validation
Default{}
binds.listeners.policies.transformations.conditional.request.set
Headers to set using CEL expressions for values.
Validation
Default{}
binds.listeners.policies.transformations.conditional.request.remove
Header names to remove.
Validation
Default[]
binds.listeners.policies.transformations.conditional.request.body
CEL expression that computes a replacement body.
Validation
Defaultnull
binds.listeners.policies.transformations.conditional.request.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
binds.listeners.policies.transformations.conditional.response
Transform the response before it is returned.
binds.listeners.policies.transformations.conditional.response.add
Headers to append using CEL expressions for values.
Validation
Default{}
binds.listeners.policies.transformations.conditional.response.set
Headers to set using CEL expressions for values.
Validation
Default{}
binds.listeners.policies.transformations.conditional.response.remove
Header names to remove.
Validation
Default[]
binds.listeners.policies.transformations.conditional.response.body
CEL expression that computes a replacement body.
Validation
Defaultnull
binds.listeners.policies.transformations.conditional.response.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
binds.listeners.policies.basicAuth
Authenticate incoming requests with Basic Auth credentials from an htpasswd user database.
binds.listeners.policies.basicAuth.htpasswd
User database in htpasswd format. Can be inline or loaded from a file.
binds.listeners.policies.basicAuth.htpasswd.file
No description for this field.
binds.listeners.policies.basicAuth.realm
Realm shown in the
WWW-Authenticate response header when credentials are missing or invalid.Validation
Defaultnull
binds.listeners.policies.basicAuth.mode
Controls whether requests must include valid Basic Auth credentials.
Validation
Conststrict
Defaultoptional
binds.listeners.policies.basicAuth.authorizationLocation
Where to read the Basic Auth credentials from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Basic "}}
binds.listeners.policies.basicAuth.authorizationLocation.header
No description for this field.
binds.listeners.policies.basicAuth.authorizationLocation.header.name
Header name containing the credential.
binds.listeners.policies.basicAuth.authorizationLocation.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .binds.listeners.policies.apiKey
Authenticate incoming requests with API keys.
binds.listeners.policies.apiKey.keys
API keys that are accepted by this policy.
binds.listeners.policies.apiKey.keys.key
API key value to accept.
binds.listeners.policies.apiKey.keys.metadata
Optional metadata attached to requests authenticated with this key.
binds.listeners.policies.apiKey.mode
Controls whether requests must include a valid API key.
Validation
Conststrict
Defaultoptional
binds.listeners.policies.apiKey.location
Where to read the API key from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
binds.listeners.policies.apiKey.location.header
No description for this field.
binds.listeners.policies.apiKey.location.header.name
Header name containing the credential.
binds.listeners.policies.apiKey.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .binds.tunnelProtocol
No description for this field.
Validation
Enumdirect, hboneWaypoint, hboneGateway, proxy, connect
Defaultdirect
llm
No description for this field.
llm.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
llm.tls
No description for this field.
llm.tls.mode
Certificate source mode. Static mode uses cert/key as the leaf certificate; dynamic CA
mode uses cert/key as a CA for on-demand SNI leaf certificate issuance.
mode uses cert/key as a CA for on-demand SNI leaf certificate issuance.
Validation
Enumstatic, dynamicCa
Defaultstatic
llm.tls.cert
No description for this field.
llm.tls.key
No description for this field.
llm.tls.root
No description for this field.
llm.tls.cipherSuites
Optional cipher suite allowlist (order is preserved).
llm.tls.minTLSVersion
Minimum supported TLS version (only TLS 1.2 and 1.3 are supported).
Validation
EnumTLS_V1_0, TLS_V1_1, TLS_V1_2, TLS_V1_3
llm.tls.minTlsVersion
Minimum supported TLS version (only TLS 1.2 and 1.3 are supported).
Validation
EnumTLS_V1_0, TLS_V1_1, TLS_V1_2, TLS_V1_3
llm.tls.maxTLSVersion
Maximum supported TLS version (only TLS 1.2 and 1.3 are supported).
Validation
EnumTLS_V1_0, TLS_V1_1, TLS_V1_2, TLS_V1_3
llm.tls.maxTlsVersion
Maximum supported TLS version (only TLS 1.2 and 1.3 are supported).
Validation
EnumTLS_V1_0, TLS_V1_1, TLS_V1_2, TLS_V1_3
llm.tls.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
llm.providers
providers defines reusable LLM provider defaults that models may reference.
llm.providers.name
name is referenced from llm.models[].provider.reference.
llm.providers.params
params customizes parameters for outgoing requests that use this provider.
llm.providers.params.model
The model to send to the provider.
If unset, the same model will be used from the request.
If unset, the same model will be used from the request.
Validation
Defaultnull
llm.providers.params.apiKey
An API key to attach to the request.
If unset this will be automatically detected from the environment.
If unset this will be automatically detected from the environment.
llm.providers.params.apiKey.file
No description for this field.
llm.providers.params.awsRegion
No description for this field.
llm.providers.params.vertexRegion
No description for this field.
llm.providers.params.vertexProject
No description for this field.
llm.providers.params.azureResourceName
For Azure: the resource name of the deployment
llm.providers.params.azureResourceType
For Azure: the type of Azure endpoint (openAI or foundry)
Validation
ConstopenAI
llm.providers.params.azureApiVersion
For Azure: the API version to use
llm.providers.params.azureProjectName
For Azure: the Foundry project name (required for foundry resource type)
llm.providers.params.baseUrl
Base URL for the upstream provider. Expands to hostOverride, pathPrefix, and tls for https URLs.
Validation
Defaultnull
llm.providers.params.hostOverride
Override the upstream host for this provider.
Validation
Defaultnull
llm.providers.params.pathOverride
Override the upstream path for this provider.
Validation
Defaultnull
llm.providers.params.pathPrefix
Override the default base path prefix for this provider.
Validation
Defaultnull
llm.providers.params.tokenize
Whether to tokenize the request before forwarding it upstream.
Validation
Defaultfalse
llm.providers.provider
provider of the LLM we are connecting to.
Can be a first-class provider string, a provider reference object, or a custom provider object.
Validation
Enumopenai, openAI, gemini, vertex, anthropic, bedrock, azure, copilot, cohere, ollama, baseten, cerebras, deepinfra, deepseek, groq, huggingface, mistral, openrouter, togetherai, xai, fireworks
llm.providers.provider.reference
No description for this field.
llm.providers.defaults
defaults defines provider-level policy defaults. Model-level policy fields override these.
llm.providers.defaults.defaults
No description for this field.
llm.providers.defaults.overrides
No description for this field.
llm.providers.defaults.transformation
No description for this field.
llm.providers.defaults.requestHeaders
No description for this field.
Validation
Defaultnull
llm.providers.defaults.requestHeaders.add
Headers to append without replacing existing values.
llm.providers.defaults.requestHeaders.set
Headers to set, replacing any existing values.
llm.providers.defaults.requestHeaders.remove
Header names to remove.
llm.providers.defaults.responseHeaders
No description for this field.
Validation
Defaultnull
llm.providers.defaults.responseHeaders.add
Headers to append without replacing existing values.
llm.providers.defaults.responseHeaders.set
Headers to set, replacing any existing values.
llm.providers.defaults.responseHeaders.remove
Header names to remove.
llm.providers.defaults.backendTLS
No description for this field.
llm.providers.defaults.backendTLS.cert
Client certificate file to present to the backend.
llm.providers.defaults.backendTLS.key
Private key file for the client certificate.
llm.providers.defaults.backendTLS.root
Root certificate bundle used to verify the backend certificate.
llm.providers.defaults.backendTLS.hostname
Server name to use for TLS verification and SNI.
llm.providers.defaults.backendTLS.insecure
Skip certificate trust verification for the backend connection.
Validation
Defaultfalse
llm.providers.defaults.backendTLS.insecureHost
Skip hostname verification for the backend certificate.
Validation
Defaultfalse
llm.providers.defaults.backendTLS.alpn
ALPN protocols to offer to the backend.
Validation
Defaultnull
llm.providers.defaults.backendTLS.subjectAltNames
Additional subject alternative names accepted for the backend certificate.
Validation
Defaultnull
llm.providers.defaults.backendTLS.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
Validation
Defaultnull
llm.providers.defaults.tls
No description for this field.
llm.providers.defaults.tls.cert
Client certificate file to present to the backend.
llm.providers.defaults.tls.key
Private key file for the client certificate.
llm.providers.defaults.tls.root
Root certificate bundle used to verify the backend certificate.
llm.providers.defaults.tls.hostname
Server name to use for TLS verification and SNI.
llm.providers.defaults.tls.insecure
Skip certificate trust verification for the backend connection.
Validation
Defaultfalse
llm.providers.defaults.tls.insecureHost
Skip hostname verification for the backend certificate.
Validation
Defaultfalse
llm.providers.defaults.tls.alpn
ALPN protocols to offer to the backend.
Validation
Defaultnull
llm.providers.defaults.tls.subjectAltNames
Additional subject alternative names accepted for the backend certificate.
Validation
Defaultnull
llm.providers.defaults.tls.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
Validation
Defaultnull
llm.providers.defaults.auth
Forward the validated incoming JWT to the backend.
Validation
Defaultnull
llm.providers.defaults.auth.passthrough
No description for this field.
llm.providers.defaults.auth.passthrough.location
Where to place the forwarded credential in the backend request.
llm.providers.defaults.auth.passthrough.location.header
No description for this field.
llm.providers.defaults.auth.passthrough.location.header.name
Header name containing the credential.
llm.providers.defaults.auth.passthrough.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .llm.providers.defaults.health
Local/config health policy with CEL as string; converted to Policy by compiling the expression.
Mirrors the proto
Mirrors the proto
Health message structure.llm.providers.defaults.health.unhealthyExpression
CEL expression where
When unset, any 5xx response or connection failure is treated as unhealthy.
true marks the backend response as unhealthy.When unset, any 5xx response or connection failure is treated as unhealthy.
llm.providers.defaults.health.eviction
Settings for temporarily removing unhealthy backends.
llm.providers.defaults.health.eviction.duration
How long to evict an unhealthy backend.
llm.providers.defaults.health.eviction.restoreHealth
Health score to restore when the backend returns from eviction.
Validation
Formatdouble
llm.providers.defaults.health.eviction.consecutiveFailures
Consecutive unhealthy responses required before eviction.
Validation
Formatint32
llm.providers.defaults.health.eviction.healthThreshold
Health score threshold below which an unhealthy response can evict the backend.
Validation
Formatdouble
llm.providers.defaults.backendTunnel
No description for this field.
Validation
Defaultnull
llm.providers.defaults.backendTunnel.proxy
Proxy backend used to tunnel the connection.
llm.providers.defaults.backendTunnel.proxy.service
No description for this field.
llm.providers.defaults.backendTunnel.proxy.service.name
No description for this field.
llm.providers.defaults.backendTunnel.proxy.service.name.namespace
No description for this field.
llm.providers.defaults.backendTunnel.proxy.service.name.hostname
No description for this field.
llm.providers.defaults.backendTunnel.proxy.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
llm.providers.defaults.promptCaching
No description for this field.
llm.providers.defaults.promptCaching.cacheSystem
Add cache markers to system prompts when supported by the provider.
Validation
Defaulttrue
llm.providers.defaults.promptCaching.cacheMessages
Add cache markers to chat messages when supported by the provider.
Validation
Defaulttrue
llm.providers.defaults.promptCaching.cacheTools
Add cache markers to tool definitions when supported by the provider.
Validation
Defaultfalse
llm.providers.defaults.promptCaching.minTokens
Minimum prompt size required before cache markers are added.
Validation
Default1024
Formatuint
Minimum0
llm.providers.defaults.promptCaching.cacheMessageOffset
Message offset used when choosing where to place cache markers.
Validation
Default0
Formatuint
Minimum0
llm.models
models defines the set of models that can be served by this gateway. The model name refers to the
model in the users request that is matched; the model sent to the actual LLM can be overridden
on a per-model basis.
model in the users request that is matched; the model sent to the actual LLM can be overridden
on a per-model basis.
llm.models.name
name is the name of the model we are matching from a users request. If params.model is set, that
will be used in the request to the LLM provider. If not, the incoming model is used.
will be used in the request to the LLM provider. If not, the incoming model is used.
llm.models.visibility
visibility controls whether clients can request this model directly (rather than only via a
virtualModel).Validation
Constpublic
llm.models.params
params customizes parameters for the outgoing request
llm.models.params.model
The model to send to the provider.
If unset, the same model will be used from the request.
If unset, the same model will be used from the request.
Validation
Defaultnull
llm.models.params.apiKey
An API key to attach to the request.
If unset this will be automatically detected from the environment.
If unset this will be automatically detected from the environment.
llm.models.params.apiKey.file
No description for this field.
llm.models.params.awsRegion
No description for this field.
llm.models.params.vertexRegion
No description for this field.
llm.models.params.vertexProject
No description for this field.
llm.models.params.azureResourceName
For Azure: the resource name of the deployment
llm.models.params.azureResourceType
For Azure: the type of Azure endpoint (openAI or foundry)
Validation
ConstopenAI
llm.models.params.azureApiVersion
For Azure: the API version to use
llm.models.params.azureProjectName
For Azure: the Foundry project name (required for foundry resource type)
llm.models.params.baseUrl
Base URL for the upstream provider. Expands to hostOverride, pathPrefix, and tls for https URLs.
Validation
Defaultnull
llm.models.params.hostOverride
Override the upstream host for this provider.
Validation
Defaultnull
llm.models.params.pathOverride
Override the upstream path for this provider.
Validation
Defaultnull
llm.models.params.pathPrefix
Override the default base path prefix for this provider.
Validation
Defaultnull
llm.models.params.tokenize
Whether to tokenize the request before forwarding it upstream.
Validation
Defaultfalse
llm.models.provider
provider of the LLM we are connecting too
Can be a first-class provider string, a provider reference object, or a custom provider object.
Validation
Enumopenai, openAI, gemini, vertex, anthropic, bedrock, azure, copilot, cohere, ollama, baseten, cerebras, deepinfra, deepseek, groq, huggingface, mistral, openrouter, togetherai, xai, fireworks
llm.models.provider.reference
No description for this field.
llm.models.passthrough
passthrough controls how requests are handled.
By default, requests will be parsed and translated as needed.
With passthrough, they will be unmodified and optionally inspected (with
In this mode, requests must be sent in the native format of the provider.
By default, requests will be parsed and translated as needed.
With passthrough, they will be unmodified and optionally inspected (with
detect).In this mode, requests must be sent in the native format of the provider.
Validation
Constdetect
llm.models.authorization
authorization configures HTTP authorization rules for requests to this model.
llm.models.authorization.rules
CEL authorization rules to evaluate for a request.
llm.models.authorization.rules.allow
No description for this field.
llm.models.defaults
defaults allows setting default values for the request. If these are not present in the request body, they will be set.
To override even when set, use
To override even when set, use
overrides.llm.models.overrides
overrides allows setting values for the request, overriding any existing values
llm.models.transformation
transformation allows setting values from CEL expressions for the request, overriding any existing values.
llm.models.requestHeaders
requestHeaders modifies headers in requests to the LLM provider.
Validation
Defaultnull
llm.models.requestHeaders.add
Headers to append without replacing existing values.
llm.models.requestHeaders.set
Headers to set, replacing any existing values.
llm.models.requestHeaders.remove
Header names to remove.
llm.models.responseHeaders
responseHeaders modifies headers in responses from the LLM provider.
Validation
Defaultnull
llm.models.responseHeaders.add
Headers to append without replacing existing values.
llm.models.responseHeaders.set
Headers to set, replacing any existing values.
llm.models.responseHeaders.remove
Header names to remove.
llm.models.backendTLS
tls configures TLS when connecting to the LLM provider.
llm.models.backendTLS.cert
Client certificate file to present to the backend.
llm.models.backendTLS.key
Private key file for the client certificate.
llm.models.backendTLS.root
Root certificate bundle used to verify the backend certificate.
llm.models.backendTLS.hostname
Server name to use for TLS verification and SNI.
llm.models.backendTLS.insecure
Skip certificate trust verification for the backend connection.
Validation
Defaultfalse
llm.models.backendTLS.insecureHost
Skip hostname verification for the backend certificate.
Validation
Defaultfalse
llm.models.backendTLS.alpn
ALPN protocols to offer to the backend.
Validation
Defaultnull
llm.models.backendTLS.subjectAltNames
Additional subject alternative names accepted for the backend certificate.
Validation
Defaultnull
llm.models.backendTLS.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
Validation
Defaultnull
llm.models.tls
tls configures TLS when connecting to the LLM provider.
llm.models.tls.cert
Client certificate file to present to the backend.
llm.models.tls.key
Private key file for the client certificate.
llm.models.tls.root
Root certificate bundle used to verify the backend certificate.
llm.models.tls.hostname
Server name to use for TLS verification and SNI.
llm.models.tls.insecure
Skip certificate trust verification for the backend connection.
Validation
Defaultfalse
llm.models.tls.insecureHost
Skip hostname verification for the backend certificate.
Validation
Defaultfalse
llm.models.tls.alpn
ALPN protocols to offer to the backend.
Validation
Defaultnull
llm.models.tls.subjectAltNames
Additional subject alternative names accepted for the backend certificate.
Validation
Defaultnull
llm.models.tls.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
Validation
Defaultnull
llm.models.auth
auth configures authentication when connecting to the LLM provider.
Validation
Defaultnull
llm.models.auth.passthrough
No description for this field.
llm.models.auth.passthrough.location
Where to place the forwarded credential in the backend request.
llm.models.auth.passthrough.location.header
No description for this field.
llm.models.auth.passthrough.location.header.name
Header name containing the credential.
llm.models.auth.passthrough.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .llm.models.health
health configures outlier detection for this model backend.
llm.models.health.unhealthyExpression
CEL expression where
When unset, any 5xx response or connection failure is treated as unhealthy.
true marks the backend response as unhealthy.When unset, any 5xx response or connection failure is treated as unhealthy.
llm.models.health.eviction
Settings for temporarily removing unhealthy backends.
llm.models.health.eviction.duration
How long to evict an unhealthy backend.
llm.models.health.eviction.restoreHealth
Health score to restore when the backend returns from eviction.
Validation
Formatdouble
llm.models.health.eviction.consecutiveFailures
Consecutive unhealthy responses required before eviction.
Validation
Formatint32
llm.models.health.eviction.healthThreshold
Health score threshold below which an unhealthy response can evict the backend.
Validation
Formatdouble
llm.models.backendTunnel
backendTunnel configures tunneling when connecting to the LLM provider.
Validation
Defaultnull
llm.models.backendTunnel.proxy
Proxy backend used to tunnel the connection.
llm.models.backendTunnel.proxy.service
No description for this field.
llm.models.backendTunnel.proxy.service.name
No description for this field.
llm.models.backendTunnel.proxy.service.name.namespace
No description for this field.
llm.models.backendTunnel.proxy.service.name.hostname
No description for this field.
llm.models.backendTunnel.proxy.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
llm.models.guardrails
guardrails to apply to the request or response
llm.models.guardrails.streaming
Apply prompt guards to streaming responses and realtime websocket messages.
Validation
ConstDisabled
llm.models.guardrails.request
Guards applied to client requests before they reach the LLM.
llm.models.guardrails.request.regex
No description for this field.
llm.models.guardrails.request.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
llm.models.guardrails.request.regex.rules
Regex or built-in patterns to evaluate.
llm.models.guardrails.request.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
llm.models.guardrails.response
Guards applied to LLM responses before they reach the client.
llm.models.guardrails.response.regex
No description for this field.
llm.models.guardrails.response.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
llm.models.guardrails.response.regex.rules
Regex or built-in patterns to evaluate.
llm.models.guardrails.response.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
llm.models.promptCaching
promptCaching configures cache point insertion for supported LLM providers.
llm.models.promptCaching.cacheSystem
Add cache markers to system prompts when supported by the provider.
Validation
Defaulttrue
llm.models.promptCaching.cacheMessages
Add cache markers to chat messages when supported by the provider.
Validation
Defaulttrue
llm.models.promptCaching.cacheTools
Add cache markers to tool definitions when supported by the provider.
Validation
Defaultfalse
llm.models.promptCaching.minTokens
Minimum prompt size required before cache markers are added.
Validation
Default1024
Formatuint
Minimum0
llm.models.promptCaching.cacheMessageOffset
Message offset used when choosing where to place cache markers.
Validation
Default0
Formatuint
Minimum0
llm.models.matches
matches specifies the conditions under which this model should be used in addition to matching the model name.
llm.models.matches.headers
No description for this field.
llm.models.matches.headers.name
No description for this field.
llm.models.matches.headers.value
No description for this field.
llm.models.matches.headers.value.exact
No description for this field.
llm.virtualModels
virtualModels defines a set of models that can be served from the gateway. The model name refers to the
model in the users request that is matched. However, unlike the
dynamically route to a specific model (configured in
model in the users request that is matched. However, unlike the
models field, virtual models willdynamically route to a specific model (configured in
models) based on the configured logic.llm.virtualModels.name
name is the public model name clients request.
llm.virtualModels.routing
routing selects an existing LLM model backend for each request.
llm.virtualModels.routing.weighted
weighted enables weight-based selection of the target model.
llm.virtualModels.routing.weighted.targets
targets are existing model names or names matched by wildcard model entries.
llm.virtualModels.routing.weighted.targets.model
model is resolved against llm.models using the same wildcard matching as client requests.
llm.virtualModels.routing.weighted.targets.weight
No description for this field.
Validation
Default1
Formatuint
Minimum0
llm.virtualModels.routing.failover
failover enables priority-based selection of the target model.
Within a priority level, the best provider is selected by a composite score factoring in health
and latency.
If all models within a priority level are degraded, requests will move onto the next priority group.
Within a priority level, the best provider is selected by a composite score factoring in health
and latency.
If all models within a priority level are degraded, requests will move onto the next priority group.
llm.virtualModels.routing.failover.targets
targets are grouped by priority. Lower priority values are tried first.
llm.virtualModels.routing.failover.targets.model
model is resolved against llm.models using the same wildcard matching as client requests.
llm.virtualModels.routing.failover.targets.priority
priority groups targets for failover. Lower values are preferred.
Validation
Formatuint
Minimum0
llm.virtualModels.routing.conditional
Conditional enables condition-based selection of the target model. Each condition is evaluated
in order until the best match is found.
in order until the best match is found.
llm.virtualModels.routing.conditional.targets
targets are evaluated in order. The first matching condition selects the model.
llm.virtualModels.routing.conditional.targets.when
when must evaluate to true for this target to be selected. Omit only on the final fallback target.
Validation
Defaultnull
llm.virtualModels.routing.conditional.targets.model
model is resolved against llm.models using the same wildcard matching as client requests.
llm.policies
policies defines policies for handling incoming requests, before a model is selected
llm.policies.oidc
Authenticate browser requests with OIDC authorization code flow.
llm.policies.oidc.issuer
Issuer used for discovery and ID token validation.
llm.policies.oidc.discovery
Optional discovery document override. If omitted, discovery uses
${issuer}/.well-known/openid-configuration.llm.policies.oidc.discovery.file
No description for this field.
llm.policies.oidc.authorizationEndpoint
Authorization endpoint used to start the browser login flow.
Validation
Defaultnull
llm.policies.oidc.tokenEndpoint
Token endpoint used to exchange the authorization code.
Validation
Defaultnull
llm.policies.oidc.tokenEndpointAuth
Token endpoint client authentication method for explicit provider configuration.
Discovery mode derives this from provider metadata. Explicit mode defaults to
clientSecretBasic when omitted.Validation
EnumclientSecretBasic, clientSecretPost
Defaultnull
llm.policies.oidc.jwks
JWKS source used to validate returned ID tokens.
llm.policies.oidc.jwks.file
No description for this field.
llm.policies.oidc.clientId
OAuth2 client identifier used for authorization and token exchange.
llm.policies.oidc.clientSecret
OAuth2 client secret used for token exchange.
llm.policies.oidc.redirectURI
Absolute callback URI handled by the gateway.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
llm.policies.oidc.scopes
Additional OAuth2 scopes to request.
openid is always included.Validation
Default[]
llm.policies.jwtAuth
Authenticate incoming requests with JWT bearer tokens.
llm.policies.jwtAuth.mode
Controls whether requests must include a JWT and how validation failures are handled.
Validation
Conststrict
Defaultoptional
llm.policies.jwtAuth.location
Where to read the JWT from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
llm.policies.jwtAuth.location.header
No description for this field.
llm.policies.jwtAuth.location.header.name
Header name containing the credential.
llm.policies.jwtAuth.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .llm.policies.jwtAuth.providers
Trusted issuers and their signing keys.
llm.policies.jwtAuth.providers.issuer
Expected token issuer, matched against the JWT
iss claim.llm.policies.jwtAuth.providers.audiences
Accepted token audiences, matched against the JWT
aud claim when set.llm.policies.jwtAuth.providers.jwks
JSON Web Key Set used to verify token signatures. Can be inline, from a file, or fetched remotely.
llm.policies.jwtAuth.providers.jwks.file
No description for this field.
llm.policies.jwtAuth.providers.jwtValidationOptions
Claim requirements to enforce after the token signature is verified.
llm.policies.jwtAuth.providers.jwtValidationOptions.requiredClaims
Claims that must be present in the token before validation.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Validation
Default["exp"]
Unique itemstrue
llm.policies.authorization
Authorization rules for incoming HTTP requests.
Validation
Defaultnull
llm.policies.authorization.rules
CEL authorization rules to evaluate for a request.
llm.policies.authorization.rules.allow
No description for this field.
llm.policies.extAuthz
Authorize incoming requests by calling an external authorization service.
llm.policies.extAuthz.conditional
conditional policy entries. An entry without a condition must be the final fallback.
llm.policies.extAuthz.conditional.service
No description for this field.
llm.policies.extAuthz.conditional.service.name
No description for this field.
llm.policies.extAuthz.conditional.service.name.namespace
No description for this field.
llm.policies.extAuthz.conditional.service.name.hostname
No description for this field.
llm.policies.extAuthz.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
llm.policies.extProc
Send request and response data to an external processing service.
llm.policies.extProc.conditional
conditional policy entries. An entry without a condition must be the final fallback.
llm.policies.extProc.conditional.service
No description for this field.
llm.policies.extProc.conditional.service.name
No description for this field.
llm.policies.extProc.conditional.service.name.namespace
No description for this field.
llm.policies.extProc.conditional.service.name.hostname
No description for this field.
llm.policies.extProc.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
llm.policies.cors
Handle CORS preflight requests and append configured CORS headers to applicable requests.
Validation
Defaultnull
llm.policies.cors.allowCredentials
Add
Access-Control-Allow-Credentials: true on allowed CORS responses.Validation
Defaultfalse
llm.policies.cors.allowHeaders
Values to return in
Access-Control-Allow-Headers for allowed preflight requests.Validation
Default[]
llm.policies.cors.allowMethods
Values to return in
Access-Control-Allow-Methods for allowed preflight requests.Validation
Default[]
llm.policies.cors.allowOrigins
Request origins that receive CORS response headers. Use
* to match any origin.Validation
Default[]
llm.policies.cors.exposeHeaders
Values to return in
Access-Control-Expose-Headers for allowed CORS responses.Validation
Default[]
llm.policies.cors.maxAge
Value to return in
Access-Control-Max-Age for allowed preflight requests.Validation
Defaultnull
llm.policies.transformations
Modify request and response headers, bodies, or metadata.
llm.policies.transformations.conditional
conditional policy entries. An entry without a condition must be the final fallback.
llm.policies.transformations.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
llm.policies.transformations.conditional.request
Transform the request before it is forwarded.
llm.policies.transformations.conditional.request.add
Headers to append using CEL expressions for values.
Validation
Default{}
llm.policies.transformations.conditional.request.set
Headers to set using CEL expressions for values.
Validation
Default{}
llm.policies.transformations.conditional.request.remove
Header names to remove.
Validation
Default[]
llm.policies.transformations.conditional.request.body
CEL expression that computes a replacement body.
Validation
Defaultnull
llm.policies.transformations.conditional.request.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
llm.policies.transformations.conditional.response
Transform the response before it is returned.
llm.policies.transformations.conditional.response.add
Headers to append using CEL expressions for values.
Validation
Default{}
llm.policies.transformations.conditional.response.set
Headers to set using CEL expressions for values.
Validation
Default{}
llm.policies.transformations.conditional.response.remove
Header names to remove.
Validation
Default[]
llm.policies.transformations.conditional.response.body
CEL expression that computes a replacement body.
Validation
Defaultnull
llm.policies.transformations.conditional.response.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
llm.policies.basicAuth
Authenticate incoming requests with Basic Auth credentials from an htpasswd user database.
llm.policies.basicAuth.htpasswd
User database in htpasswd format. Can be inline or loaded from a file.
llm.policies.basicAuth.htpasswd.file
No description for this field.
llm.policies.basicAuth.realm
Realm shown in the
WWW-Authenticate response header when credentials are missing or invalid.Validation
Defaultnull
llm.policies.basicAuth.mode
Controls whether requests must include valid Basic Auth credentials.
Validation
Conststrict
Defaultoptional
llm.policies.basicAuth.authorizationLocation
Where to read the Basic Auth credentials from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Basic "}}
llm.policies.basicAuth.authorizationLocation.header
No description for this field.
llm.policies.basicAuth.authorizationLocation.header.name
Header name containing the credential.
llm.policies.basicAuth.authorizationLocation.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .llm.policies.apiKey
Authenticate incoming requests with API keys.
llm.policies.apiKey.keys
API keys that are accepted by this policy.
llm.policies.apiKey.keys.key
API key value to accept.
llm.policies.apiKey.keys.metadata
Optional metadata attached to requests authenticated with this key.
llm.policies.apiKey.mode
Controls whether requests must include a valid API key.
Validation
Conststrict
Defaultoptional
llm.policies.apiKey.location
Where to read the API key from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
llm.policies.apiKey.location.header
No description for this field.
llm.policies.apiKey.location.header.name
Header name containing the credential.
llm.policies.apiKey.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .llm.policies.guardrails
Guardrails to apply to every configured model.
llm.policies.guardrails.streaming
Apply prompt guards to streaming responses and realtime websocket messages.
Validation
ConstDisabled
llm.policies.guardrails.request
Guards applied to client requests before they reach the LLM.
llm.policies.guardrails.request.regex
No description for this field.
llm.policies.guardrails.request.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
llm.policies.guardrails.request.regex.rules
Regex or built-in patterns to evaluate.
llm.policies.guardrails.request.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
llm.policies.guardrails.response
Guards applied to LLM responses before they reach the client.
llm.policies.guardrails.response.regex
No description for this field.
llm.policies.guardrails.response.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
llm.policies.guardrails.response.regex.rules
Regex or built-in patterns to evaluate.
llm.policies.guardrails.response.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
llm.policies.localRateLimit
Local rate limits for incoming requests.
Validation
Default[]
llm.policies.localRateLimit.maxTokens
Maximum number of tokens that can accumulate in the local bucket.
Validation
Default0
Formatuint64
Minimum0
llm.policies.localRateLimit.tokensPerFill
Number of tokens added to the local bucket each fill interval.
Validation
Default0
Formatuint64
Minimum0
llm.policies.localRateLimit.fillInterval
How often the local bucket is refilled.
llm.policies.localRateLimit.type
Whether this limit counts requests or LLM tokens.
Validation
Constrequests
Defaultrequests
llm.policies.remoteRateLimit
Remote rate limit checks for incoming requests.
Validation
Defaultnull
llm.policies.remoteRateLimit.service
No description for this field.
llm.policies.remoteRateLimit.service.name
No description for this field.
llm.policies.remoteRateLimit.service.name.namespace
No description for this field.
llm.policies.remoteRateLimit.service.name.hostname
No description for this field.
llm.policies.remoteRateLimit.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
mcp
No description for this field.
mcp.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
mcp.targets
No description for this field.
mcp.targets.sse
No description for this field.
mcp.targets.sse.host
No description for this field.
mcp.targets.sse.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
mcp.targets.sse.path
No description for this field.
mcp.targets.sse.backend
No description for this field.
mcp.statefulMode
No description for this field.
Validation
Enumstateless, stateful
mcp.prefixMode
No description for this field.
Validation
Enumalways, conditional
mcp.failureMode
Behavior when one or more MCP targets fail to initialize or fail during fanout.
Defaults to
Defaults to
failClosed.Validation
ConstfailClosed
mcp.policies
No description for this field.
mcp.policies.requestHeaderModifier
Modify request headers before forwarding.
Validation
Defaultnull
mcp.policies.requestHeaderModifier.add
Headers to append without replacing existing values.
mcp.policies.requestHeaderModifier.set
Headers to set, replacing any existing values.
mcp.policies.requestHeaderModifier.remove
Header names to remove.
mcp.policies.responseHeaderModifier
Modify response headers before returning to the client.
Validation
Defaultnull
mcp.policies.responseHeaderModifier.add
Headers to append without replacing existing values.
mcp.policies.responseHeaderModifier.set
Headers to set, replacing any existing values.
mcp.policies.responseHeaderModifier.remove
Header names to remove.
mcp.policies.requestRedirect
Return a redirect response instead of forwarding the request.
Validation
Defaultnull
mcp.policies.requestRedirect.scheme
Scheme to use in the redirect URL, such as
http or https.mcp.policies.requestRedirect.authority
Host or port rewrite to apply to the redirect URL.
mcp.policies.requestRedirect.authority.full
No description for this field.
mcp.policies.requestRedirect.path
Path rewrite to apply to the redirect URL.
mcp.policies.requestRedirect.path.full
No description for this field.
mcp.policies.requestRedirect.status
HTTP status code to return for the redirect.
Validation
Formatuint16
Minimum1
Maximum65535
mcp.policies.urlRewrite
Rewrite the request path or authority before forwarding.
Validation
Defaultnull
mcp.policies.urlRewrite.authority
Host or port rewrite to apply before forwarding the request.
mcp.policies.urlRewrite.authority.full
No description for this field.
mcp.policies.urlRewrite.path
Path rewrite to apply before forwarding the request.
mcp.policies.urlRewrite.path.full
No description for this field.
mcp.policies.requestMirror
Send a copy of matching requests to another backend.
Validation
Defaultnull
mcp.policies.requestMirror.backend
Backend that receives mirrored request copies.
mcp.policies.requestMirror.backend.service
No description for this field.
mcp.policies.requestMirror.backend.service.name
No description for this field.
mcp.policies.requestMirror.backend.service.name.namespace
No description for this field.
mcp.policies.requestMirror.backend.service.name.hostname
No description for this field.
mcp.policies.requestMirror.backend.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
mcp.policies.requestMirror.percentage
Fraction of matching requests to mirror, from 0.0 to 1.0.
Validation
Formatdouble
mcp.policies.directResponse
Return a configured response instead of forwarding the request.
mcp.policies.directResponse.conditional
conditional policy entries. An entry without a condition must be the final fallback.
mcp.policies.directResponse.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
mcp.policies.directResponse.conditional.body
Static response body, encoded as bytes.
mcp.policies.directResponse.conditional.bodyExpression
CEL expression that computes the response body.
mcp.policies.directResponse.conditional.headers
Response headers computed from CEL expressions.
mcp.policies.directResponse.conditional.status
HTTP status code to return.
Validation
Formatuint16
Minimum1
Maximum65535
mcp.policies.cors
Handle CORS preflight requests and append configured CORS headers to applicable requests.
Validation
Defaultnull
mcp.policies.cors.allowCredentials
Add
Access-Control-Allow-Credentials: true on allowed CORS responses.Validation
Defaultfalse
mcp.policies.cors.allowHeaders
Values to return in
Access-Control-Allow-Headers for allowed preflight requests.Validation
Default[]
mcp.policies.cors.allowMethods
Values to return in
Access-Control-Allow-Methods for allowed preflight requests.Validation
Default[]
mcp.policies.cors.allowOrigins
Request origins that receive CORS response headers. Use
* to match any origin.Validation
Default[]
mcp.policies.cors.exposeHeaders
Values to return in
Access-Control-Expose-Headers for allowed CORS responses.Validation
Default[]
mcp.policies.cors.maxAge
Value to return in
Access-Control-Max-Age for allowed preflight requests.Validation
Defaultnull
mcp.policies.mcpAuthorization
Authorization rules for MCP requests.
Validation
Defaultnull
mcp.policies.mcpAuthorization.rules
CEL authorization rules to evaluate for a request.
mcp.policies.mcpAuthorization.rules.allow
No description for this field.
mcp.policies.mcpGuardrails
External MCP policy processors.
Validation
Defaultnull
mcp.policies.mcpGuardrails.processors
Ordered list of policy processors applied to matched methods; the first
to reject a request short-circuits the chain. Processors may run on the
request or response side, or both; see
to reject a request short-circuits the chain. Processors may run on the
request or response side, or both; see
Processor.methods.Validation
Min items1
mcp.policies.mcpGuardrails.processors.service
No description for this field.
mcp.policies.mcpGuardrails.processors.service.name
No description for this field.
mcp.policies.mcpGuardrails.processors.service.name.namespace
No description for this field.
mcp.policies.mcpGuardrails.processors.service.name.hostname
No description for this field.
mcp.policies.mcpGuardrails.processors.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
mcp.policies.authorization
Authorization rules for incoming HTTP requests.
Validation
Defaultnull
mcp.policies.authorization.rules
CEL authorization rules to evaluate for a request.
mcp.policies.authorization.rules.allow
No description for this field.
mcp.policies.mcpAuthentication
Authenticate MCP clients.
mcp.policies.mcpAuthentication.issuer
Expected token issuer, matched against the JWT
iss claim.mcp.policies.mcpAuthentication.audiences
Accepted token audiences, matched against the JWT
aud claim.mcp.policies.mcpAuthentication.provider
Identity provider type used to derive MCP authorization metadata and default JWKS URLs.
mcp.policies.mcpAuthentication.provider.auth0
No description for this field.
mcp.policies.mcpAuthentication.resourceMetadata
Protected resource metadata returned to MCP clients.
mcp.policies.mcpAuthentication.jwks
JSON Web Key Set used to verify token signatures. Can be inline, from a file, or fetched remotely.
mcp.policies.mcpAuthentication.jwks.file
No description for this field.
mcp.policies.mcpAuthentication.mode
Controls whether MCP requests must include a valid JWT.
Validation
Conststrict
Defaultstrict
mcp.policies.mcpAuthentication.authorizationLocation
Where to read the JWT from in incoming MCP requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
mcp.policies.mcpAuthentication.authorizationLocation.header
No description for this field.
mcp.policies.mcpAuthentication.authorizationLocation.header.name
Header name containing the credential.
mcp.policies.mcpAuthentication.authorizationLocation.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .mcp.policies.mcpAuthentication.jwtValidationOptions
Claim requirements to enforce after the token signature is verified.
mcp.policies.mcpAuthentication.jwtValidationOptions.requiredClaims
Claims that must be present in the token before validation.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Validation
Default["exp"]
Unique itemstrue
mcp.policies.mcpAuthentication.clientId
OAuth client ID advertised to MCP clients when needed.
mcp.policies.a2a
Mark this traffic as A2A to enable A2A processing and telemetry.
Validation
Defaultnull
mcp.policies.ai
Mark this as LLM traffic to enable LLM processing.
Validation
Defaultnull
mcp.policies.ai.promptGuard
Prompt and response guardrails to apply to LLM traffic.
mcp.policies.ai.promptGuard.streaming
Apply prompt guards to streaming responses and realtime websocket messages.
Validation
ConstDisabled
mcp.policies.ai.promptGuard.request
Guards applied to client requests before they reach the LLM.
mcp.policies.ai.promptGuard.request.regex
No description for this field.
mcp.policies.ai.promptGuard.request.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
mcp.policies.ai.promptGuard.request.regex.rules
Regex or built-in patterns to evaluate.
mcp.policies.ai.promptGuard.request.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
mcp.policies.ai.promptGuard.response
Guards applied to LLM responses before they reach the client.
mcp.policies.ai.promptGuard.response.regex
No description for this field.
mcp.policies.ai.promptGuard.response.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
mcp.policies.ai.promptGuard.response.regex.rules
Regex or built-in patterns to evaluate.
mcp.policies.ai.promptGuard.response.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
mcp.policies.ai.defaults
Default request body values added only when the client did not provide them.
mcp.policies.ai.overrides
Request body values that replace client-provided values.
mcp.policies.ai.transformations
Request body values computed from CEL expressions.
mcp.policies.ai.prompts
Messages to add before or after the client prompt.
Validation
Min properties1
mcp.policies.ai.prompts.append
Messages appended to the end of each chat request.
mcp.policies.ai.prompts.append.role
No description for this field.
mcp.policies.ai.prompts.append.content
No description for this field.
mcp.policies.ai.prompts.prepend
Messages prepended to the beginning of each chat request.
mcp.policies.ai.prompts.prepend.role
No description for this field.
mcp.policies.ai.prompts.prepend.content
No description for this field.
mcp.policies.ai.modelAliases
Model name aliases that rewrite requested model names.
mcp.policies.ai.promptCaching
Prompt caching settings for providers that support cache markers.
mcp.policies.ai.promptCaching.cacheSystem
Add cache markers to system prompts when supported by the provider.
Validation
Defaulttrue
mcp.policies.ai.promptCaching.cacheMessages
Add cache markers to chat messages when supported by the provider.
Validation
Defaulttrue
mcp.policies.ai.promptCaching.cacheTools
Add cache markers to tool definitions when supported by the provider.
Validation
Defaultfalse
mcp.policies.ai.promptCaching.minTokens
Minimum prompt size required before cache markers are added.
Validation
Default1024
Formatuint
Minimum0
mcp.policies.ai.promptCaching.cacheMessageOffset
Message offset used when choosing where to place cache markers.
Validation
Default0
Formatuint
Minimum0
mcp.policies.ai.routes
Route type overrides selected by request path suffix.
mcp.policies.backendTLS
TLS settings used when connecting to the backend.
mcp.policies.backendTLS.cert
Client certificate file to present to the backend.
mcp.policies.backendTLS.key
Private key file for the client certificate.
mcp.policies.backendTLS.root
Root certificate bundle used to verify the backend certificate.
mcp.policies.backendTLS.hostname
Server name to use for TLS verification and SNI.
mcp.policies.backendTLS.insecure
Skip certificate trust verification for the backend connection.
Validation
Defaultfalse
mcp.policies.backendTLS.insecureHost
Skip hostname verification for the backend certificate.
Validation
Defaultfalse
mcp.policies.backendTLS.alpn
ALPN protocols to offer to the backend.
Validation
Defaultnull
mcp.policies.backendTLS.subjectAltNames
Additional subject alternative names accepted for the backend certificate.
Validation
Defaultnull
mcp.policies.backendTLS.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
Validation
Defaultnull
mcp.policies.backendTunnel
Tunnel settings used when connecting to the backend.
Validation
Defaultnull
mcp.policies.backendTunnel.proxy
Proxy backend used to tunnel the connection.
mcp.policies.backendTunnel.proxy.service
No description for this field.
mcp.policies.backendTunnel.proxy.service.name
No description for this field.
mcp.policies.backendTunnel.proxy.service.name.namespace
No description for this field.
mcp.policies.backendTunnel.proxy.service.name.hostname
No description for this field.
mcp.policies.backendTunnel.proxy.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
mcp.policies.backendAuth
Authentication credentials sent to the backend.
Validation
Defaultnull
mcp.policies.backendAuth.passthrough
No description for this field.
mcp.policies.backendAuth.passthrough.location
Where to place the forwarded credential in the backend request.
mcp.policies.backendAuth.passthrough.location.header
No description for this field.
mcp.policies.backendAuth.passthrough.location.header.name
Header name containing the credential.
mcp.policies.backendAuth.passthrough.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .mcp.policies.localRateLimit
Local rate limits for incoming requests.
mcp.policies.localRateLimit.conditional
conditional policy entries. An entry without a condition must be the final fallback.
mcp.policies.localRateLimit.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
mcp.policies.localRateLimit.conditional.maxTokens
Maximum number of tokens that can accumulate in the local bucket.
Validation
Default0
Formatuint64
Minimum0
mcp.policies.localRateLimit.conditional.tokensPerFill
Number of tokens added to the local bucket each fill interval.
Validation
Default0
Formatuint64
Minimum0
mcp.policies.localRateLimit.conditional.fillInterval
How often the local bucket is refilled.
mcp.policies.localRateLimit.conditional.type
Whether this limit counts requests or LLM tokens.
Validation
Constrequests
Defaultrequests
mcp.policies.remoteRateLimit
Remote rate limit checks for incoming requests.
mcp.policies.remoteRateLimit.conditional
conditional policy entries. An entry without a condition must be the final fallback.
mcp.policies.remoteRateLimit.conditional.service
No description for this field.
mcp.policies.remoteRateLimit.conditional.service.name
No description for this field.
mcp.policies.remoteRateLimit.conditional.service.name.namespace
No description for this field.
mcp.policies.remoteRateLimit.conditional.service.name.hostname
No description for this field.
mcp.policies.remoteRateLimit.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
mcp.policies.jwtAuth
Authenticate incoming requests with JWT bearer tokens.
mcp.policies.jwtAuth.mode
Controls whether requests must include a JWT and how validation failures are handled.
Validation
Conststrict
Defaultoptional
mcp.policies.jwtAuth.location
Where to read the JWT from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
mcp.policies.jwtAuth.location.header
No description for this field.
mcp.policies.jwtAuth.location.header.name
Header name containing the credential.
mcp.policies.jwtAuth.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .mcp.policies.jwtAuth.providers
Trusted issuers and their signing keys.
mcp.policies.jwtAuth.providers.issuer
Expected token issuer, matched against the JWT
iss claim.mcp.policies.jwtAuth.providers.audiences
Accepted token audiences, matched against the JWT
aud claim when set.mcp.policies.jwtAuth.providers.jwks
JSON Web Key Set used to verify token signatures. Can be inline, from a file, or fetched remotely.
mcp.policies.jwtAuth.providers.jwks.file
No description for this field.
mcp.policies.jwtAuth.providers.jwtValidationOptions
Claim requirements to enforce after the token signature is verified.
mcp.policies.jwtAuth.providers.jwtValidationOptions.requiredClaims
Claims that must be present in the token before validation.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Validation
Default["exp"]
Unique itemstrue
mcp.policies.oidc
Authenticate browser requests with OIDC authorization code flow.
mcp.policies.oidc.issuer
Issuer used for discovery and ID token validation.
mcp.policies.oidc.discovery
Optional discovery document override. If omitted, discovery uses
${issuer}/.well-known/openid-configuration.mcp.policies.oidc.discovery.file
No description for this field.
mcp.policies.oidc.authorizationEndpoint
Authorization endpoint used to start the browser login flow.
Validation
Defaultnull
mcp.policies.oidc.tokenEndpoint
Token endpoint used to exchange the authorization code.
Validation
Defaultnull
mcp.policies.oidc.tokenEndpointAuth
Token endpoint client authentication method for explicit provider configuration.
Discovery mode derives this from provider metadata. Explicit mode defaults to
clientSecretBasic when omitted.Validation
EnumclientSecretBasic, clientSecretPost
Defaultnull
mcp.policies.oidc.jwks
JWKS source used to validate returned ID tokens.
mcp.policies.oidc.jwks.file
No description for this field.
mcp.policies.oidc.clientId
OAuth2 client identifier used for authorization and token exchange.
mcp.policies.oidc.clientSecret
OAuth2 client secret used for token exchange.
mcp.policies.oidc.redirectURI
Absolute callback URI handled by the gateway.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
mcp.policies.oidc.scopes
Additional OAuth2 scopes to request.
openid is always included.Validation
Default[]
mcp.policies.basicAuth
Authenticate incoming requests with Basic Auth credentials from an htpasswd user database.
mcp.policies.basicAuth.htpasswd
User database in htpasswd format. Can be inline or loaded from a file.
mcp.policies.basicAuth.htpasswd.file
No description for this field.
mcp.policies.basicAuth.realm
Realm shown in the
WWW-Authenticate response header when credentials are missing or invalid.Validation
Defaultnull
mcp.policies.basicAuth.mode
Controls whether requests must include valid Basic Auth credentials.
Validation
Conststrict
Defaultoptional
mcp.policies.basicAuth.authorizationLocation
Where to read the Basic Auth credentials from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Basic "}}
mcp.policies.basicAuth.authorizationLocation.header
No description for this field.
mcp.policies.basicAuth.authorizationLocation.header.name
Header name containing the credential.
mcp.policies.basicAuth.authorizationLocation.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .mcp.policies.apiKey
Authenticate incoming requests with API keys.
mcp.policies.apiKey.keys
API keys that are accepted by this policy.
mcp.policies.apiKey.keys.key
API key value to accept.
mcp.policies.apiKey.keys.metadata
Optional metadata attached to requests authenticated with this key.
mcp.policies.apiKey.mode
Controls whether requests must include a valid API key.
Validation
Conststrict
Defaultoptional
mcp.policies.apiKey.location
Where to read the API key from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
mcp.policies.apiKey.location.header
No description for this field.
mcp.policies.apiKey.location.header.name
Header name containing the credential.
mcp.policies.apiKey.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .mcp.policies.extAuthz
Authorize incoming requests by calling an external authorization service.
mcp.policies.extAuthz.conditional
conditional policy entries. An entry without a condition must be the final fallback.
mcp.policies.extAuthz.conditional.service
No description for this field.
mcp.policies.extAuthz.conditional.service.name
No description for this field.
mcp.policies.extAuthz.conditional.service.name.namespace
No description for this field.
mcp.policies.extAuthz.conditional.service.name.hostname
No description for this field.
mcp.policies.extAuthz.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
mcp.policies.extProc
Send request and response data to an external processing service.
mcp.policies.extProc.conditional
conditional policy entries. An entry without a condition must be the final fallback.
mcp.policies.extProc.conditional.service
No description for this field.
mcp.policies.extProc.conditional.service.name
No description for this field.
mcp.policies.extProc.conditional.service.name.namespace
No description for this field.
mcp.policies.extProc.conditional.service.name.hostname
No description for this field.
mcp.policies.extProc.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
mcp.policies.transformations
Modify request and response headers, bodies, or metadata.
mcp.policies.transformations.conditional
conditional policy entries. An entry without a condition must be the final fallback.
mcp.policies.transformations.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
mcp.policies.transformations.conditional.request
Transform the request before it is forwarded.
mcp.policies.transformations.conditional.request.add
Headers to append using CEL expressions for values.
Validation
Default{}
mcp.policies.transformations.conditional.request.set
Headers to set using CEL expressions for values.
Validation
Default{}
mcp.policies.transformations.conditional.request.remove
Header names to remove.
Validation
Default[]
mcp.policies.transformations.conditional.request.body
CEL expression that computes a replacement body.
Validation
Defaultnull
mcp.policies.transformations.conditional.request.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
mcp.policies.transformations.conditional.response
Transform the response before it is returned.
mcp.policies.transformations.conditional.response.add
Headers to append using CEL expressions for values.
Validation
Default{}
mcp.policies.transformations.conditional.response.set
Headers to set using CEL expressions for values.
Validation
Default{}
mcp.policies.transformations.conditional.response.remove
Header names to remove.
Validation
Default[]
mcp.policies.transformations.conditional.response.body
CEL expression that computes a replacement body.
Validation
Defaultnull
mcp.policies.transformations.conditional.response.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
mcp.policies.csrf
Handle CSRF protection by validating request origins against configured allowed origins.
Validation
Defaultnull
mcp.policies.csrf.additionalOrigins
Additional trusted origins allowed to send state-changing requests.
Validation
Default[]
Unique itemstrue
mcp.policies.buffer
Buffer request and response bodies.
Validation
Defaultnull
mcp.policies.buffer.request
Buffer incoming request bodies before forwarding.
mcp.policies.buffer.request.maxBytes
Maximum body size to buffer in bytes.
Validation
Formatuint
Minimum0
mcp.policies.buffer.response
Buffer upstream response bodies before sending them to the client.
mcp.policies.buffer.response.maxBytes
Maximum body size to buffer in bytes.
Validation
Formatuint
Minimum0
mcp.policies.timeout
Set request timeout limits.
Validation
Defaultnull
mcp.policies.timeout.requestTimeout
Maximum time allowed for the full downstream request and response.
mcp.policies.timeout.backendRequestTimeout
Maximum time allowed for the upstream backend request.
mcp.policies.retry
Retry matching failed upstream requests.
Validation
Defaultnull
mcp.policies.retry.attempts
Total number of attempts, including the original request.
Validation
Default1
Formatuint8
Minimum1
Maximum255
mcp.policies.retry.backoff
Delay between retry attempts.
mcp.policies.retry.codes
HTTP response status codes that should be retried.
mcp.policies.retry.precondition
CEL expression evaluated against the request before any attempt; when
retries are disabled (only the initial attempt is made), e.g.
Retrying requires buffering the request body in memory for replay, so this lets us skip
that cost when the request is known to be non-retriable (e.g. streaming or websockets).
false,retries are disabled (only the initial attempt is made), e.g.
request.method == "GET".Retrying requires buffering the request body in memory for replay, so this lets us skip
that cost when the request is known to be non-retriable (e.g. streaming or websockets).
mcp.policies.retry.condition
CEL expression evaluated against each response to decide whether to retry. A response
is retried when its status code is in
is retried when its status code is in
codes *or* this expression evaluates to true.policies
policies defines additional policies that can be attached to various other configurations.
This is an advanced feature; users should typically use the inline
This is an advanced feature; users should typically use the inline
policies field under route/gateway.policies.name
Policy name used when attaching this policy to a target.
policies.name.name
No description for this field.
policies.name.namespace
No description for this field.
policies.target
Gateway, listener, route, or backend that this policy attaches to.
policies.target.gateway
No description for this field.
policies.target.gateway.gatewayName
No description for this field.
policies.target.gateway.gatewayNamespace
No description for this field.
policies.target.gateway.listenerName
No description for this field.
policies.target.gateway.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
policies.phase
When the policy runs. Gateway policies run before route selection, while route policies run after route selection.
Use route policies by default unless the policy needs to affect route selection.
Use route policies by default unless the policy needs to affect route selection.
Validation
Enumroute, gateway
Defaultroute
policies.policy
Policy settings to apply to the selected target.
policies.policy.requestHeaderModifier
Modify request headers before forwarding.
Validation
Defaultnull
policies.policy.requestHeaderModifier.add
Headers to append without replacing existing values.
policies.policy.requestHeaderModifier.set
Headers to set, replacing any existing values.
policies.policy.requestHeaderModifier.remove
Header names to remove.
policies.policy.responseHeaderModifier
Modify response headers before returning to the client.
Validation
Defaultnull
policies.policy.responseHeaderModifier.add
Headers to append without replacing existing values.
policies.policy.responseHeaderModifier.set
Headers to set, replacing any existing values.
policies.policy.responseHeaderModifier.remove
Header names to remove.
policies.policy.requestRedirect
Return a redirect response instead of forwarding the request.
Validation
Defaultnull
policies.policy.requestRedirect.scheme
Scheme to use in the redirect URL, such as
http or https.policies.policy.requestRedirect.authority
Host or port rewrite to apply to the redirect URL.
policies.policy.requestRedirect.authority.full
No description for this field.
policies.policy.requestRedirect.path
Path rewrite to apply to the redirect URL.
policies.policy.requestRedirect.path.full
No description for this field.
policies.policy.requestRedirect.status
HTTP status code to return for the redirect.
Validation
Formatuint16
Minimum1
Maximum65535
policies.policy.urlRewrite
Rewrite the request path or authority before forwarding.
Validation
Defaultnull
policies.policy.urlRewrite.authority
Host or port rewrite to apply before forwarding the request.
policies.policy.urlRewrite.authority.full
No description for this field.
policies.policy.urlRewrite.path
Path rewrite to apply before forwarding the request.
policies.policy.urlRewrite.path.full
No description for this field.
policies.policy.requestMirror
Send a copy of matching requests to another backend.
Validation
Defaultnull
policies.policy.requestMirror.backend
Backend that receives mirrored request copies.
policies.policy.requestMirror.backend.service
No description for this field.
policies.policy.requestMirror.backend.service.name
No description for this field.
policies.policy.requestMirror.backend.service.name.namespace
No description for this field.
policies.policy.requestMirror.backend.service.name.hostname
No description for this field.
policies.policy.requestMirror.backend.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
policies.policy.requestMirror.percentage
Fraction of matching requests to mirror, from 0.0 to 1.0.
Validation
Formatdouble
policies.policy.directResponse
Return a configured response instead of forwarding the request.
policies.policy.directResponse.conditional
conditional policy entries. An entry without a condition must be the final fallback.
policies.policy.directResponse.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
policies.policy.directResponse.conditional.body
Static response body, encoded as bytes.
policies.policy.directResponse.conditional.bodyExpression
CEL expression that computes the response body.
policies.policy.directResponse.conditional.headers
Response headers computed from CEL expressions.
policies.policy.directResponse.conditional.status
HTTP status code to return.
Validation
Formatuint16
Minimum1
Maximum65535
policies.policy.cors
Handle CORS preflight requests and append configured CORS headers to applicable requests.
Validation
Defaultnull
policies.policy.cors.allowCredentials
Add
Access-Control-Allow-Credentials: true on allowed CORS responses.Validation
Defaultfalse
policies.policy.cors.allowHeaders
Values to return in
Access-Control-Allow-Headers for allowed preflight requests.Validation
Default[]
policies.policy.cors.allowMethods
Values to return in
Access-Control-Allow-Methods for allowed preflight requests.Validation
Default[]
policies.policy.cors.allowOrigins
Request origins that receive CORS response headers. Use
* to match any origin.Validation
Default[]
policies.policy.cors.exposeHeaders
Values to return in
Access-Control-Expose-Headers for allowed CORS responses.Validation
Default[]
policies.policy.cors.maxAge
Value to return in
Access-Control-Max-Age for allowed preflight requests.Validation
Defaultnull
policies.policy.mcpAuthorization
Authorization rules for MCP requests.
Validation
Defaultnull
policies.policy.mcpAuthorization.rules
CEL authorization rules to evaluate for a request.
policies.policy.mcpAuthorization.rules.allow
No description for this field.
policies.policy.mcpGuardrails
External MCP policy processors.
Validation
Defaultnull
policies.policy.mcpGuardrails.processors
Ordered list of policy processors applied to matched methods; the first
to reject a request short-circuits the chain. Processors may run on the
request or response side, or both; see
to reject a request short-circuits the chain. Processors may run on the
request or response side, or both; see
Processor.methods.Validation
Min items1
policies.policy.mcpGuardrails.processors.service
No description for this field.
policies.policy.mcpGuardrails.processors.service.name
No description for this field.
policies.policy.mcpGuardrails.processors.service.name.namespace
No description for this field.
policies.policy.mcpGuardrails.processors.service.name.hostname
No description for this field.
policies.policy.mcpGuardrails.processors.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
policies.policy.authorization
Authorization rules for incoming HTTP requests.
Validation
Defaultnull
policies.policy.authorization.rules
CEL authorization rules to evaluate for a request.
policies.policy.authorization.rules.allow
No description for this field.
policies.policy.mcpAuthentication
Authenticate MCP clients.
policies.policy.mcpAuthentication.issuer
Expected token issuer, matched against the JWT
iss claim.policies.policy.mcpAuthentication.audiences
Accepted token audiences, matched against the JWT
aud claim.policies.policy.mcpAuthentication.provider
Identity provider type used to derive MCP authorization metadata and default JWKS URLs.
policies.policy.mcpAuthentication.provider.auth0
No description for this field.
policies.policy.mcpAuthentication.resourceMetadata
Protected resource metadata returned to MCP clients.
policies.policy.mcpAuthentication.jwks
JSON Web Key Set used to verify token signatures. Can be inline, from a file, or fetched remotely.
policies.policy.mcpAuthentication.jwks.file
No description for this field.
policies.policy.mcpAuthentication.mode
Controls whether MCP requests must include a valid JWT.
Validation
Conststrict
Defaultstrict
policies.policy.mcpAuthentication.authorizationLocation
Where to read the JWT from in incoming MCP requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
policies.policy.mcpAuthentication.authorizationLocation.header
No description for this field.
policies.policy.mcpAuthentication.authorizationLocation.header.name
Header name containing the credential.
policies.policy.mcpAuthentication.authorizationLocation.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .policies.policy.mcpAuthentication.jwtValidationOptions
Claim requirements to enforce after the token signature is verified.
policies.policy.mcpAuthentication.jwtValidationOptions.requiredClaims
Claims that must be present in the token before validation.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Validation
Default["exp"]
Unique itemstrue
policies.policy.mcpAuthentication.clientId
OAuth client ID advertised to MCP clients when needed.
policies.policy.a2a
Mark this traffic as A2A to enable A2A processing and telemetry.
Validation
Defaultnull
policies.policy.ai
Mark this as LLM traffic to enable LLM processing.
Validation
Defaultnull
policies.policy.ai.promptGuard
Prompt and response guardrails to apply to LLM traffic.
policies.policy.ai.promptGuard.streaming
Apply prompt guards to streaming responses and realtime websocket messages.
Validation
ConstDisabled
policies.policy.ai.promptGuard.request
Guards applied to client requests before they reach the LLM.
policies.policy.ai.promptGuard.request.regex
No description for this field.
policies.policy.ai.promptGuard.request.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
policies.policy.ai.promptGuard.request.regex.rules
Regex or built-in patterns to evaluate.
policies.policy.ai.promptGuard.request.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
policies.policy.ai.promptGuard.response
Guards applied to LLM responses before they reach the client.
policies.policy.ai.promptGuard.response.regex
No description for this field.
policies.policy.ai.promptGuard.response.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
policies.policy.ai.promptGuard.response.regex.rules
Regex or built-in patterns to evaluate.
policies.policy.ai.promptGuard.response.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
policies.policy.ai.defaults
Default request body values added only when the client did not provide them.
policies.policy.ai.overrides
Request body values that replace client-provided values.
policies.policy.ai.transformations
Request body values computed from CEL expressions.
policies.policy.ai.prompts
Messages to add before or after the client prompt.
Validation
Min properties1
policies.policy.ai.prompts.append
Messages appended to the end of each chat request.
policies.policy.ai.prompts.append.role
No description for this field.
policies.policy.ai.prompts.append.content
No description for this field.
policies.policy.ai.prompts.prepend
Messages prepended to the beginning of each chat request.
policies.policy.ai.prompts.prepend.role
No description for this field.
policies.policy.ai.prompts.prepend.content
No description for this field.
policies.policy.ai.modelAliases
Model name aliases that rewrite requested model names.
policies.policy.ai.promptCaching
Prompt caching settings for providers that support cache markers.
policies.policy.ai.promptCaching.cacheSystem
Add cache markers to system prompts when supported by the provider.
Validation
Defaulttrue
policies.policy.ai.promptCaching.cacheMessages
Add cache markers to chat messages when supported by the provider.
Validation
Defaulttrue
policies.policy.ai.promptCaching.cacheTools
Add cache markers to tool definitions when supported by the provider.
Validation
Defaultfalse
policies.policy.ai.promptCaching.minTokens
Minimum prompt size required before cache markers are added.
Validation
Default1024
Formatuint
Minimum0
policies.policy.ai.promptCaching.cacheMessageOffset
Message offset used when choosing where to place cache markers.
Validation
Default0
Formatuint
Minimum0
policies.policy.ai.routes
Route type overrides selected by request path suffix.
policies.policy.backendTLS
TLS settings used when connecting to the backend.
policies.policy.backendTLS.cert
Client certificate file to present to the backend.
policies.policy.backendTLS.key
Private key file for the client certificate.
policies.policy.backendTLS.root
Root certificate bundle used to verify the backend certificate.
policies.policy.backendTLS.hostname
Server name to use for TLS verification and SNI.
policies.policy.backendTLS.insecure
Skip certificate trust verification for the backend connection.
Validation
Defaultfalse
policies.policy.backendTLS.insecureHost
Skip hostname verification for the backend certificate.
Validation
Defaultfalse
policies.policy.backendTLS.alpn
ALPN protocols to offer to the backend.
Validation
Defaultnull
policies.policy.backendTLS.subjectAltNames
Additional subject alternative names accepted for the backend certificate.
Validation
Defaultnull
policies.policy.backendTLS.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
Validation
Defaultnull
policies.policy.backendTunnel
Tunnel settings used when connecting to the backend.
Validation
Defaultnull
policies.policy.backendTunnel.proxy
Proxy backend used to tunnel the connection.
policies.policy.backendTunnel.proxy.service
No description for this field.
policies.policy.backendTunnel.proxy.service.name
No description for this field.
policies.policy.backendTunnel.proxy.service.name.namespace
No description for this field.
policies.policy.backendTunnel.proxy.service.name.hostname
No description for this field.
policies.policy.backendTunnel.proxy.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
policies.policy.backendAuth
Authentication credentials sent to the backend.
Validation
Defaultnull
policies.policy.backendAuth.passthrough
No description for this field.
policies.policy.backendAuth.passthrough.location
Where to place the forwarded credential in the backend request.
policies.policy.backendAuth.passthrough.location.header
No description for this field.
policies.policy.backendAuth.passthrough.location.header.name
Header name containing the credential.
policies.policy.backendAuth.passthrough.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .policies.policy.localRateLimit
Local rate limits for incoming requests.
policies.policy.localRateLimit.conditional
conditional policy entries. An entry without a condition must be the final fallback.
policies.policy.localRateLimit.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
policies.policy.localRateLimit.conditional.maxTokens
Maximum number of tokens that can accumulate in the local bucket.
Validation
Default0
Formatuint64
Minimum0
policies.policy.localRateLimit.conditional.tokensPerFill
Number of tokens added to the local bucket each fill interval.
Validation
Default0
Formatuint64
Minimum0
policies.policy.localRateLimit.conditional.fillInterval
How often the local bucket is refilled.
policies.policy.localRateLimit.conditional.type
Whether this limit counts requests or LLM tokens.
Validation
Constrequests
Defaultrequests
policies.policy.remoteRateLimit
Remote rate limit checks for incoming requests.
policies.policy.remoteRateLimit.conditional
conditional policy entries. An entry without a condition must be the final fallback.
policies.policy.remoteRateLimit.conditional.service
No description for this field.
policies.policy.remoteRateLimit.conditional.service.name
No description for this field.
policies.policy.remoteRateLimit.conditional.service.name.namespace
No description for this field.
policies.policy.remoteRateLimit.conditional.service.name.hostname
No description for this field.
policies.policy.remoteRateLimit.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
policies.policy.jwtAuth
Authenticate incoming requests with JWT bearer tokens.
policies.policy.jwtAuth.mode
Controls whether requests must include a JWT and how validation failures are handled.
Validation
Conststrict
Defaultoptional
policies.policy.jwtAuth.location
Where to read the JWT from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
policies.policy.jwtAuth.location.header
No description for this field.
policies.policy.jwtAuth.location.header.name
Header name containing the credential.
policies.policy.jwtAuth.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .policies.policy.jwtAuth.providers
Trusted issuers and their signing keys.
policies.policy.jwtAuth.providers.issuer
Expected token issuer, matched against the JWT
iss claim.policies.policy.jwtAuth.providers.audiences
Accepted token audiences, matched against the JWT
aud claim when set.policies.policy.jwtAuth.providers.jwks
JSON Web Key Set used to verify token signatures. Can be inline, from a file, or fetched remotely.
policies.policy.jwtAuth.providers.jwks.file
No description for this field.
policies.policy.jwtAuth.providers.jwtValidationOptions
Claim requirements to enforce after the token signature is verified.
policies.policy.jwtAuth.providers.jwtValidationOptions.requiredClaims
Claims that must be present in the token before validation.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Validation
Default["exp"]
Unique itemstrue
policies.policy.oidc
Authenticate browser requests with OIDC authorization code flow.
policies.policy.oidc.issuer
Issuer used for discovery and ID token validation.
policies.policy.oidc.discovery
Optional discovery document override. If omitted, discovery uses
${issuer}/.well-known/openid-configuration.policies.policy.oidc.discovery.file
No description for this field.
policies.policy.oidc.authorizationEndpoint
Authorization endpoint used to start the browser login flow.
Validation
Defaultnull
policies.policy.oidc.tokenEndpoint
Token endpoint used to exchange the authorization code.
Validation
Defaultnull
policies.policy.oidc.tokenEndpointAuth
Token endpoint client authentication method for explicit provider configuration.
Discovery mode derives this from provider metadata. Explicit mode defaults to
clientSecretBasic when omitted.Validation
EnumclientSecretBasic, clientSecretPost
Defaultnull
policies.policy.oidc.jwks
JWKS source used to validate returned ID tokens.
policies.policy.oidc.jwks.file
No description for this field.
policies.policy.oidc.clientId
OAuth2 client identifier used for authorization and token exchange.
policies.policy.oidc.clientSecret
OAuth2 client secret used for token exchange.
policies.policy.oidc.redirectURI
Absolute callback URI handled by the gateway.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
policies.policy.oidc.scopes
Additional OAuth2 scopes to request.
openid is always included.Validation
Default[]
policies.policy.basicAuth
Authenticate incoming requests with Basic Auth credentials from an htpasswd user database.
policies.policy.basicAuth.htpasswd
User database in htpasswd format. Can be inline or loaded from a file.
policies.policy.basicAuth.htpasswd.file
No description for this field.
policies.policy.basicAuth.realm
Realm shown in the
WWW-Authenticate response header when credentials are missing or invalid.Validation
Defaultnull
policies.policy.basicAuth.mode
Controls whether requests must include valid Basic Auth credentials.
Validation
Conststrict
Defaultoptional
policies.policy.basicAuth.authorizationLocation
Where to read the Basic Auth credentials from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Basic "}}
policies.policy.basicAuth.authorizationLocation.header
No description for this field.
policies.policy.basicAuth.authorizationLocation.header.name
Header name containing the credential.
policies.policy.basicAuth.authorizationLocation.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .policies.policy.apiKey
Authenticate incoming requests with API keys.
policies.policy.apiKey.keys
API keys that are accepted by this policy.
policies.policy.apiKey.keys.key
API key value to accept.
policies.policy.apiKey.keys.metadata
Optional metadata attached to requests authenticated with this key.
policies.policy.apiKey.mode
Controls whether requests must include a valid API key.
Validation
Conststrict
Defaultoptional
policies.policy.apiKey.location
Where to read the API key from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
policies.policy.apiKey.location.header
No description for this field.
policies.policy.apiKey.location.header.name
Header name containing the credential.
policies.policy.apiKey.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .policies.policy.extAuthz
Authorize incoming requests by calling an external authorization service.
policies.policy.extAuthz.conditional
conditional policy entries. An entry without a condition must be the final fallback.
policies.policy.extAuthz.conditional.service
No description for this field.
policies.policy.extAuthz.conditional.service.name
No description for this field.
policies.policy.extAuthz.conditional.service.name.namespace
No description for this field.
policies.policy.extAuthz.conditional.service.name.hostname
No description for this field.
policies.policy.extAuthz.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
policies.policy.extProc
Send request and response data to an external processing service.
policies.policy.extProc.conditional
conditional policy entries. An entry without a condition must be the final fallback.
policies.policy.extProc.conditional.service
No description for this field.
policies.policy.extProc.conditional.service.name
No description for this field.
policies.policy.extProc.conditional.service.name.namespace
No description for this field.
policies.policy.extProc.conditional.service.name.hostname
No description for this field.
policies.policy.extProc.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
policies.policy.transformations
Modify request and response headers, bodies, or metadata.
policies.policy.transformations.conditional
conditional policy entries. An entry without a condition must be the final fallback.
policies.policy.transformations.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
policies.policy.transformations.conditional.request
Transform the request before it is forwarded.
policies.policy.transformations.conditional.request.add
Headers to append using CEL expressions for values.
Validation
Default{}
policies.policy.transformations.conditional.request.set
Headers to set using CEL expressions for values.
Validation
Default{}
policies.policy.transformations.conditional.request.remove
Header names to remove.
Validation
Default[]
policies.policy.transformations.conditional.request.body
CEL expression that computes a replacement body.
Validation
Defaultnull
policies.policy.transformations.conditional.request.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
policies.policy.transformations.conditional.response
Transform the response before it is returned.
policies.policy.transformations.conditional.response.add
Headers to append using CEL expressions for values.
Validation
Default{}
policies.policy.transformations.conditional.response.set
Headers to set using CEL expressions for values.
Validation
Default{}
policies.policy.transformations.conditional.response.remove
Header names to remove.
Validation
Default[]
policies.policy.transformations.conditional.response.body
CEL expression that computes a replacement body.
Validation
Defaultnull
policies.policy.transformations.conditional.response.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
policies.policy.csrf
Handle CSRF protection by validating request origins against configured allowed origins.
Validation
Defaultnull
policies.policy.csrf.additionalOrigins
Additional trusted origins allowed to send state-changing requests.
Validation
Default[]
Unique itemstrue
policies.policy.buffer
Buffer request and response bodies.
Validation
Defaultnull
policies.policy.buffer.request
Buffer incoming request bodies before forwarding.
policies.policy.buffer.request.maxBytes
Maximum body size to buffer in bytes.
Validation
Formatuint
Minimum0
policies.policy.buffer.response
Buffer upstream response bodies before sending them to the client.
policies.policy.buffer.response.maxBytes
Maximum body size to buffer in bytes.
Validation
Formatuint
Minimum0
policies.policy.timeout
Set request timeout limits.
Validation
Defaultnull
policies.policy.timeout.requestTimeout
Maximum time allowed for the full downstream request and response.
policies.policy.timeout.backendRequestTimeout
Maximum time allowed for the upstream backend request.
policies.policy.retry
Retry matching failed upstream requests.
Validation
Defaultnull
policies.policy.retry.attempts
Total number of attempts, including the original request.
Validation
Default1
Formatuint8
Minimum1
Maximum255
policies.policy.retry.backoff
Delay between retry attempts.
policies.policy.retry.codes
HTTP response status codes that should be retried.
policies.policy.retry.precondition
CEL expression evaluated against the request before any attempt; when
retries are disabled (only the initial attempt is made), e.g.
Retrying requires buffering the request body in memory for replay, so this lets us skip
that cost when the request is known to be non-retriable (e.g. streaming or websockets).
false,retries are disabled (only the initial attempt is made), e.g.
request.method == "GET".Retrying requires buffering the request body in memory for replay, so this lets us skip
that cost when the request is known to be non-retriable (e.g. streaming or websockets).
policies.policy.retry.condition
CEL expression evaluated against each response to decide whether to retry. A response
is retried when its status code is in
is retried when its status code is in
codes *or* this expression evaluates to true.workloads
No description for this field.
Validation
Default[]
services
No description for this field.
Validation
Default[]
backends
No description for this field.
backends.host
No description for this field.
routeGroups
No description for this field.
routeGroups.name
No description for this field.
routeGroups.routes
No description for this field.
routeGroups.routes.name
No description for this field.
Validation
Defaultnull
routeGroups.routes.namespace
No description for this field.
Validation
Defaultnull
routeGroups.routes.ruleName
No description for this field.
Validation
Defaultnull
routeGroups.routes.hostnames
Can be a wildcard
routeGroups.routes.matches
No description for this field.
Validation
Default[{"path": {"pathPrefix": "/"}}]
routeGroups.routes.matches.headers
No description for this field.
routeGroups.routes.matches.headers.name
No description for this field.
routeGroups.routes.matches.headers.value
No description for this field.
routeGroups.routes.matches.headers.value.exact
No description for this field.
routeGroups.routes.matches.path
No description for this field.
Validation
Default{"pathPrefix": "/"}
routeGroups.routes.matches.path.exact
No description for this field.
routeGroups.routes.matches.method
No description for this field.
routeGroups.routes.matches.query
No description for this field.
routeGroups.routes.matches.query.name
No description for this field.
routeGroups.routes.matches.query.value
No description for this field.
routeGroups.routes.matches.query.value.exact
No description for this field.
routeGroups.routes.policies
No description for this field.
routeGroups.routes.policies.requestHeaderModifier
Modify request headers before forwarding.
Validation
Defaultnull
routeGroups.routes.policies.requestHeaderModifier.add
Headers to append without replacing existing values.
routeGroups.routes.policies.requestHeaderModifier.set
Headers to set, replacing any existing values.
routeGroups.routes.policies.requestHeaderModifier.remove
Header names to remove.
routeGroups.routes.policies.responseHeaderModifier
Modify response headers before returning to the client.
Validation
Defaultnull
routeGroups.routes.policies.responseHeaderModifier.add
Headers to append without replacing existing values.
routeGroups.routes.policies.responseHeaderModifier.set
Headers to set, replacing any existing values.
routeGroups.routes.policies.responseHeaderModifier.remove
Header names to remove.
routeGroups.routes.policies.requestRedirect
Return a redirect response instead of forwarding the request.
Validation
Defaultnull
routeGroups.routes.policies.requestRedirect.scheme
Scheme to use in the redirect URL, such as
http or https.routeGroups.routes.policies.requestRedirect.authority
Host or port rewrite to apply to the redirect URL.
routeGroups.routes.policies.requestRedirect.authority.full
No description for this field.
routeGroups.routes.policies.requestRedirect.path
Path rewrite to apply to the redirect URL.
routeGroups.routes.policies.requestRedirect.path.full
No description for this field.
routeGroups.routes.policies.requestRedirect.status
HTTP status code to return for the redirect.
Validation
Formatuint16
Minimum1
Maximum65535
routeGroups.routes.policies.urlRewrite
Rewrite the request path or authority before forwarding.
Validation
Defaultnull
routeGroups.routes.policies.urlRewrite.authority
Host or port rewrite to apply before forwarding the request.
routeGroups.routes.policies.urlRewrite.authority.full
No description for this field.
routeGroups.routes.policies.urlRewrite.path
Path rewrite to apply before forwarding the request.
routeGroups.routes.policies.urlRewrite.path.full
No description for this field.
routeGroups.routes.policies.requestMirror
Send a copy of matching requests to another backend.
Validation
Defaultnull
routeGroups.routes.policies.requestMirror.backend
Backend that receives mirrored request copies.
routeGroups.routes.policies.requestMirror.backend.service
No description for this field.
routeGroups.routes.policies.requestMirror.backend.service.name
No description for this field.
routeGroups.routes.policies.requestMirror.backend.service.name.namespace
No description for this field.
routeGroups.routes.policies.requestMirror.backend.service.name.hostname
No description for this field.
routeGroups.routes.policies.requestMirror.backend.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
routeGroups.routes.policies.requestMirror.percentage
Fraction of matching requests to mirror, from 0.0 to 1.0.
Validation
Formatdouble
routeGroups.routes.policies.directResponse
Return a configured response instead of forwarding the request.
routeGroups.routes.policies.directResponse.conditional
conditional policy entries. An entry without a condition must be the final fallback.
routeGroups.routes.policies.directResponse.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
routeGroups.routes.policies.directResponse.conditional.body
Static response body, encoded as bytes.
routeGroups.routes.policies.directResponse.conditional.bodyExpression
CEL expression that computes the response body.
routeGroups.routes.policies.directResponse.conditional.headers
Response headers computed from CEL expressions.
routeGroups.routes.policies.directResponse.conditional.status
HTTP status code to return.
Validation
Formatuint16
Minimum1
Maximum65535
routeGroups.routes.policies.cors
Handle CORS preflight requests and append configured CORS headers to applicable requests.
Validation
Defaultnull
routeGroups.routes.policies.cors.allowCredentials
Add
Access-Control-Allow-Credentials: true on allowed CORS responses.Validation
Defaultfalse
routeGroups.routes.policies.cors.allowHeaders
Values to return in
Access-Control-Allow-Headers for allowed preflight requests.Validation
Default[]
routeGroups.routes.policies.cors.allowMethods
Values to return in
Access-Control-Allow-Methods for allowed preflight requests.Validation
Default[]
routeGroups.routes.policies.cors.allowOrigins
Request origins that receive CORS response headers. Use
* to match any origin.Validation
Default[]
routeGroups.routes.policies.cors.exposeHeaders
Values to return in
Access-Control-Expose-Headers for allowed CORS responses.Validation
Default[]
routeGroups.routes.policies.cors.maxAge
Value to return in
Access-Control-Max-Age for allowed preflight requests.Validation
Defaultnull
routeGroups.routes.policies.mcpAuthorization
Authorization rules for MCP requests.
Validation
Defaultnull
routeGroups.routes.policies.mcpAuthorization.rules
CEL authorization rules to evaluate for a request.
routeGroups.routes.policies.mcpAuthorization.rules.allow
No description for this field.
routeGroups.routes.policies.mcpGuardrails
External MCP policy processors.
Validation
Defaultnull
routeGroups.routes.policies.mcpGuardrails.processors
Ordered list of policy processors applied to matched methods; the first
to reject a request short-circuits the chain. Processors may run on the
request or response side, or both; see
to reject a request short-circuits the chain. Processors may run on the
request or response side, or both; see
Processor.methods.Validation
Min items1
routeGroups.routes.policies.mcpGuardrails.processors.service
No description for this field.
routeGroups.routes.policies.mcpGuardrails.processors.service.name
No description for this field.
routeGroups.routes.policies.mcpGuardrails.processors.service.name.namespace
No description for this field.
routeGroups.routes.policies.mcpGuardrails.processors.service.name.hostname
No description for this field.
routeGroups.routes.policies.mcpGuardrails.processors.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
routeGroups.routes.policies.authorization
Authorization rules for incoming HTTP requests.
Validation
Defaultnull
routeGroups.routes.policies.authorization.rules
CEL authorization rules to evaluate for a request.
routeGroups.routes.policies.authorization.rules.allow
No description for this field.
routeGroups.routes.policies.mcpAuthentication
Authenticate MCP clients.
routeGroups.routes.policies.mcpAuthentication.issuer
Expected token issuer, matched against the JWT
iss claim.routeGroups.routes.policies.mcpAuthentication.audiences
Accepted token audiences, matched against the JWT
aud claim.routeGroups.routes.policies.mcpAuthentication.provider
Identity provider type used to derive MCP authorization metadata and default JWKS URLs.
routeGroups.routes.policies.mcpAuthentication.provider.auth0
No description for this field.
routeGroups.routes.policies.mcpAuthentication.resourceMetadata
Protected resource metadata returned to MCP clients.
routeGroups.routes.policies.mcpAuthentication.jwks
JSON Web Key Set used to verify token signatures. Can be inline, from a file, or fetched remotely.
routeGroups.routes.policies.mcpAuthentication.jwks.file
No description for this field.
routeGroups.routes.policies.mcpAuthentication.mode
Controls whether MCP requests must include a valid JWT.
Validation
Conststrict
Defaultstrict
routeGroups.routes.policies.mcpAuthentication.authorizationLocation
Where to read the JWT from in incoming MCP requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
routeGroups.routes.policies.mcpAuthentication.authorizationLocation.header
No description for this field.
routeGroups.routes.policies.mcpAuthentication.authorizationLocation.header.name
Header name containing the credential.
routeGroups.routes.policies.mcpAuthentication.authorizationLocation.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .routeGroups.routes.policies.mcpAuthentication.jwtValidationOptions
Claim requirements to enforce after the token signature is verified.
routeGroups.routes.policies.mcpAuthentication.jwtValidationOptions.requiredClaims
Claims that must be present in the token before validation.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Validation
Default["exp"]
Unique itemstrue
routeGroups.routes.policies.mcpAuthentication.clientId
OAuth client ID advertised to MCP clients when needed.
routeGroups.routes.policies.a2a
Mark this traffic as A2A to enable A2A processing and telemetry.
Validation
Defaultnull
routeGroups.routes.policies.ai
Mark this as LLM traffic to enable LLM processing.
Validation
Defaultnull
routeGroups.routes.policies.ai.promptGuard
Prompt and response guardrails to apply to LLM traffic.
routeGroups.routes.policies.ai.promptGuard.streaming
Apply prompt guards to streaming responses and realtime websocket messages.
Validation
ConstDisabled
routeGroups.routes.policies.ai.promptGuard.request
Guards applied to client requests before they reach the LLM.
routeGroups.routes.policies.ai.promptGuard.request.regex
No description for this field.
routeGroups.routes.policies.ai.promptGuard.request.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
routeGroups.routes.policies.ai.promptGuard.request.regex.rules
Regex or built-in patterns to evaluate.
routeGroups.routes.policies.ai.promptGuard.request.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
routeGroups.routes.policies.ai.promptGuard.response
Guards applied to LLM responses before they reach the client.
routeGroups.routes.policies.ai.promptGuard.response.regex
No description for this field.
routeGroups.routes.policies.ai.promptGuard.response.regex.action
Action to take when a regex rule matches.
Validation
Constmask
Defaultmask
routeGroups.routes.policies.ai.promptGuard.response.regex.rules
Regex or built-in patterns to evaluate.
routeGroups.routes.policies.ai.promptGuard.response.regex.rules.builtin
Built-in pattern name.
Validation
Constssn
routeGroups.routes.policies.ai.defaults
Default request body values added only when the client did not provide them.
routeGroups.routes.policies.ai.overrides
Request body values that replace client-provided values.
routeGroups.routes.policies.ai.transformations
Request body values computed from CEL expressions.
routeGroups.routes.policies.ai.prompts
Messages to add before or after the client prompt.
Validation
Min properties1
routeGroups.routes.policies.ai.prompts.append
Messages appended to the end of each chat request.
routeGroups.routes.policies.ai.prompts.append.role
No description for this field.
routeGroups.routes.policies.ai.prompts.append.content
No description for this field.
routeGroups.routes.policies.ai.prompts.prepend
Messages prepended to the beginning of each chat request.
routeGroups.routes.policies.ai.prompts.prepend.role
No description for this field.
routeGroups.routes.policies.ai.prompts.prepend.content
No description for this field.
routeGroups.routes.policies.ai.modelAliases
Model name aliases that rewrite requested model names.
routeGroups.routes.policies.ai.promptCaching
Prompt caching settings for providers that support cache markers.
routeGroups.routes.policies.ai.promptCaching.cacheSystem
Add cache markers to system prompts when supported by the provider.
Validation
Defaulttrue
routeGroups.routes.policies.ai.promptCaching.cacheMessages
Add cache markers to chat messages when supported by the provider.
Validation
Defaulttrue
routeGroups.routes.policies.ai.promptCaching.cacheTools
Add cache markers to tool definitions when supported by the provider.
Validation
Defaultfalse
routeGroups.routes.policies.ai.promptCaching.minTokens
Minimum prompt size required before cache markers are added.
Validation
Default1024
Formatuint
Minimum0
routeGroups.routes.policies.ai.promptCaching.cacheMessageOffset
Message offset used when choosing where to place cache markers.
Validation
Default0
Formatuint
Minimum0
routeGroups.routes.policies.ai.routes
Route type overrides selected by request path suffix.
routeGroups.routes.policies.backendTLS
TLS settings used when connecting to the backend.
routeGroups.routes.policies.backendTLS.cert
Client certificate file to present to the backend.
routeGroups.routes.policies.backendTLS.key
Private key file for the client certificate.
routeGroups.routes.policies.backendTLS.root
Root certificate bundle used to verify the backend certificate.
routeGroups.routes.policies.backendTLS.hostname
Server name to use for TLS verification and SNI.
routeGroups.routes.policies.backendTLS.insecure
Skip certificate trust verification for the backend connection.
Validation
Defaultfalse
routeGroups.routes.policies.backendTLS.insecureHost
Skip hostname verification for the backend certificate.
Validation
Defaultfalse
routeGroups.routes.policies.backendTLS.alpn
ALPN protocols to offer to the backend.
Validation
Defaultnull
routeGroups.routes.policies.backendTLS.subjectAltNames
Additional subject alternative names accepted for the backend certificate.
Validation
Defaultnull
routeGroups.routes.policies.backendTLS.keyExchangeGroups
Key exchange groups allowed for negotiating TLS.
Validation
Defaultnull
routeGroups.routes.policies.backendTunnel
Tunnel settings used when connecting to the backend.
Validation
Defaultnull
routeGroups.routes.policies.backendTunnel.proxy
Proxy backend used to tunnel the connection.
routeGroups.routes.policies.backendTunnel.proxy.service
No description for this field.
routeGroups.routes.policies.backendTunnel.proxy.service.name
No description for this field.
routeGroups.routes.policies.backendTunnel.proxy.service.name.namespace
No description for this field.
routeGroups.routes.policies.backendTunnel.proxy.service.name.hostname
No description for this field.
routeGroups.routes.policies.backendTunnel.proxy.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
routeGroups.routes.policies.backendAuth
Authentication credentials sent to the backend.
Validation
Defaultnull
routeGroups.routes.policies.backendAuth.passthrough
No description for this field.
routeGroups.routes.policies.backendAuth.passthrough.location
Where to place the forwarded credential in the backend request.
routeGroups.routes.policies.backendAuth.passthrough.location.header
No description for this field.
routeGroups.routes.policies.backendAuth.passthrough.location.header.name
Header name containing the credential.
routeGroups.routes.policies.backendAuth.passthrough.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .routeGroups.routes.policies.localRateLimit
Local rate limits for incoming requests.
routeGroups.routes.policies.localRateLimit.conditional
conditional policy entries. An entry without a condition must be the final fallback.
routeGroups.routes.policies.localRateLimit.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
routeGroups.routes.policies.localRateLimit.conditional.maxTokens
Maximum number of tokens that can accumulate in the local bucket.
Validation
Default0
Formatuint64
Minimum0
routeGroups.routes.policies.localRateLimit.conditional.tokensPerFill
Number of tokens added to the local bucket each fill interval.
Validation
Default0
Formatuint64
Minimum0
routeGroups.routes.policies.localRateLimit.conditional.fillInterval
How often the local bucket is refilled.
routeGroups.routes.policies.localRateLimit.conditional.type
Whether this limit counts requests or LLM tokens.
Validation
Constrequests
Defaultrequests
routeGroups.routes.policies.remoteRateLimit
Remote rate limit checks for incoming requests.
routeGroups.routes.policies.remoteRateLimit.conditional
conditional policy entries. An entry without a condition must be the final fallback.
routeGroups.routes.policies.remoteRateLimit.conditional.service
No description for this field.
routeGroups.routes.policies.remoteRateLimit.conditional.service.name
No description for this field.
routeGroups.routes.policies.remoteRateLimit.conditional.service.name.namespace
No description for this field.
routeGroups.routes.policies.remoteRateLimit.conditional.service.name.hostname
No description for this field.
routeGroups.routes.policies.remoteRateLimit.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
routeGroups.routes.policies.jwtAuth
Authenticate incoming requests with JWT bearer tokens.
routeGroups.routes.policies.jwtAuth.mode
Controls whether requests must include a JWT and how validation failures are handled.
Validation
Conststrict
Defaultoptional
routeGroups.routes.policies.jwtAuth.location
Where to read the JWT from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
routeGroups.routes.policies.jwtAuth.location.header
No description for this field.
routeGroups.routes.policies.jwtAuth.location.header.name
Header name containing the credential.
routeGroups.routes.policies.jwtAuth.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .routeGroups.routes.policies.jwtAuth.providers
Trusted issuers and their signing keys.
routeGroups.routes.policies.jwtAuth.providers.issuer
Expected token issuer, matched against the JWT
iss claim.routeGroups.routes.policies.jwtAuth.providers.audiences
Accepted token audiences, matched against the JWT
aud claim when set.routeGroups.routes.policies.jwtAuth.providers.jwks
JSON Web Key Set used to verify token signatures. Can be inline, from a file, or fetched remotely.
routeGroups.routes.policies.jwtAuth.providers.jwks.file
No description for this field.
routeGroups.routes.policies.jwtAuth.providers.jwtValidationOptions
Claim requirements to enforce after the token signature is verified.
routeGroups.routes.policies.jwtAuth.providers.jwtValidationOptions.requiredClaims
Claims that must be present in the token before validation.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Only "exp", "nbf", "aud", "iss", "sub" are enforced; others
(including "iat" and "jti") are ignored.
Defaults to ["exp"]. Use an empty list to require no claims.
Validation
Default["exp"]
Unique itemstrue
routeGroups.routes.policies.oidc
Authenticate browser requests with OIDC authorization code flow.
routeGroups.routes.policies.oidc.issuer
Issuer used for discovery and ID token validation.
routeGroups.routes.policies.oidc.discovery
Optional discovery document override. If omitted, discovery uses
${issuer}/.well-known/openid-configuration.routeGroups.routes.policies.oidc.discovery.file
No description for this field.
routeGroups.routes.policies.oidc.authorizationEndpoint
Authorization endpoint used to start the browser login flow.
Validation
Defaultnull
routeGroups.routes.policies.oidc.tokenEndpoint
Token endpoint used to exchange the authorization code.
Validation
Defaultnull
routeGroups.routes.policies.oidc.tokenEndpointAuth
Token endpoint client authentication method for explicit provider configuration.
Discovery mode derives this from provider metadata. Explicit mode defaults to
clientSecretBasic when omitted.Validation
EnumclientSecretBasic, clientSecretPost
Defaultnull
routeGroups.routes.policies.oidc.jwks
JWKS source used to validate returned ID tokens.
routeGroups.routes.policies.oidc.jwks.file
No description for this field.
routeGroups.routes.policies.oidc.clientId
OAuth2 client identifier used for authorization and token exchange.
routeGroups.routes.policies.oidc.clientSecret
OAuth2 client secret used for token exchange.
routeGroups.routes.policies.oidc.redirectURI
Absolute callback URI handled by the gateway.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
This policy always redirects unauthenticated non-callback requests back through this login
flow.
routeGroups.routes.policies.oidc.scopes
Additional OAuth2 scopes to request.
openid is always included.Validation
Default[]
routeGroups.routes.policies.basicAuth
Authenticate incoming requests with Basic Auth credentials from an htpasswd user database.
routeGroups.routes.policies.basicAuth.htpasswd
User database in htpasswd format. Can be inline or loaded from a file.
routeGroups.routes.policies.basicAuth.htpasswd.file
No description for this field.
routeGroups.routes.policies.basicAuth.realm
Realm shown in the
WWW-Authenticate response header when credentials are missing or invalid.Validation
Defaultnull
routeGroups.routes.policies.basicAuth.mode
Controls whether requests must include valid Basic Auth credentials.
Validation
Conststrict
Defaultoptional
routeGroups.routes.policies.basicAuth.authorizationLocation
Where to read the Basic Auth credentials from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Basic "}}
routeGroups.routes.policies.basicAuth.authorizationLocation.header
No description for this field.
routeGroups.routes.policies.basicAuth.authorizationLocation.header.name
Header name containing the credential.
routeGroups.routes.policies.basicAuth.authorizationLocation.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .routeGroups.routes.policies.apiKey
Authenticate incoming requests with API keys.
routeGroups.routes.policies.apiKey.keys
API keys that are accepted by this policy.
routeGroups.routes.policies.apiKey.keys.key
API key value to accept.
routeGroups.routes.policies.apiKey.keys.metadata
Optional metadata attached to requests authenticated with this key.
routeGroups.routes.policies.apiKey.mode
Controls whether requests must include a valid API key.
Validation
Conststrict
Defaultoptional
routeGroups.routes.policies.apiKey.location
Where to read the API key from in incoming requests.
Validation
Default{"header": {"name": "authorization", "prefix": "Bearer "}}
routeGroups.routes.policies.apiKey.location.header
No description for this field.
routeGroups.routes.policies.apiKey.location.header.name
Header name containing the credential.
routeGroups.routes.policies.apiKey.location.header.prefix
Prefix to remove from the header value before validation, such as
Bearer or Basic .routeGroups.routes.policies.extAuthz
Authorize incoming requests by calling an external authorization service.
routeGroups.routes.policies.extAuthz.conditional
conditional policy entries. An entry without a condition must be the final fallback.
routeGroups.routes.policies.extAuthz.conditional.service
No description for this field.
routeGroups.routes.policies.extAuthz.conditional.service.name
No description for this field.
routeGroups.routes.policies.extAuthz.conditional.service.name.namespace
No description for this field.
routeGroups.routes.policies.extAuthz.conditional.service.name.hostname
No description for this field.
routeGroups.routes.policies.extAuthz.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
routeGroups.routes.policies.extProc
Send request and response data to an external processing service.
routeGroups.routes.policies.extProc.conditional
conditional policy entries. An entry without a condition must be the final fallback.
routeGroups.routes.policies.extProc.conditional.service
No description for this field.
routeGroups.routes.policies.extProc.conditional.service.name
No description for this field.
routeGroups.routes.policies.extProc.conditional.service.name.namespace
No description for this field.
routeGroups.routes.policies.extProc.conditional.service.name.hostname
No description for this field.
routeGroups.routes.policies.extProc.conditional.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
routeGroups.routes.policies.transformations
Modify request and response headers, bodies, or metadata.
routeGroups.routes.policies.transformations.conditional
conditional policy entries. An entry without a condition must be the final fallback.
routeGroups.routes.policies.transformations.conditional.condition
condition must evaluate to true for this policy to execute. If unset, the policy is the fallback.
Validation
Defaultnull
routeGroups.routes.policies.transformations.conditional.request
Transform the request before it is forwarded.
routeGroups.routes.policies.transformations.conditional.request.add
Headers to append using CEL expressions for values.
Validation
Default{}
routeGroups.routes.policies.transformations.conditional.request.set
Headers to set using CEL expressions for values.
Validation
Default{}
routeGroups.routes.policies.transformations.conditional.request.remove
Header names to remove.
Validation
Default[]
routeGroups.routes.policies.transformations.conditional.request.body
CEL expression that computes a replacement body.
Validation
Defaultnull
routeGroups.routes.policies.transformations.conditional.request.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
routeGroups.routes.policies.transformations.conditional.response
Transform the response before it is returned.
routeGroups.routes.policies.transformations.conditional.response.add
Headers to append using CEL expressions for values.
Validation
Default{}
routeGroups.routes.policies.transformations.conditional.response.set
Headers to set using CEL expressions for values.
Validation
Default{}
routeGroups.routes.policies.transformations.conditional.response.remove
Header names to remove.
Validation
Default[]
routeGroups.routes.policies.transformations.conditional.response.body
CEL expression that computes a replacement body.
Validation
Defaultnull
routeGroups.routes.policies.transformations.conditional.response.metadata
Metadata values to add using CEL expressions.
Validation
Default{}
routeGroups.routes.policies.csrf
Handle CSRF protection by validating request origins against configured allowed origins.
Validation
Defaultnull
routeGroups.routes.policies.csrf.additionalOrigins
Additional trusted origins allowed to send state-changing requests.
Validation
Default[]
Unique itemstrue
routeGroups.routes.policies.buffer
Buffer request and response bodies.
Validation
Defaultnull
routeGroups.routes.policies.buffer.request
Buffer incoming request bodies before forwarding.
routeGroups.routes.policies.buffer.request.maxBytes
Maximum body size to buffer in bytes.
Validation
Formatuint
Minimum0
routeGroups.routes.policies.buffer.response
Buffer upstream response bodies before sending them to the client.
routeGroups.routes.policies.buffer.response.maxBytes
Maximum body size to buffer in bytes.
Validation
Formatuint
Minimum0
routeGroups.routes.policies.timeout
Set request timeout limits.
Validation
Defaultnull
routeGroups.routes.policies.timeout.requestTimeout
Maximum time allowed for the full downstream request and response.
routeGroups.routes.policies.timeout.backendRequestTimeout
Maximum time allowed for the upstream backend request.
routeGroups.routes.policies.retry
Retry matching failed upstream requests.
Validation
Defaultnull
routeGroups.routes.policies.retry.attempts
Total number of attempts, including the original request.
Validation
Default1
Formatuint8
Minimum1
Maximum255
routeGroups.routes.policies.retry.backoff
Delay between retry attempts.
routeGroups.routes.policies.retry.codes
HTTP response status codes that should be retried.
routeGroups.routes.policies.retry.precondition
CEL expression evaluated against the request before any attempt; when
retries are disabled (only the initial attempt is made), e.g.
Retrying requires buffering the request body in memory for replay, so this lets us skip
that cost when the request is known to be non-retriable (e.g. streaming or websockets).
false,retries are disabled (only the initial attempt is made), e.g.
request.method == "GET".Retrying requires buffering the request body in memory for replay, so this lets us skip
that cost when the request is known to be non-retriable (e.g. streaming or websockets).
routeGroups.routes.policies.retry.condition
CEL expression evaluated against each response to decide whether to retry. A response
is retried when its status code is in
is retried when its status code is in
codes *or* this expression evaluates to true.routeGroups.routes.backends
No description for this field.
routeGroups.routes.backends.service
No description for this field.
routeGroups.routes.backends.service.name
No description for this field.
routeGroups.routes.backends.service.name.namespace
No description for this field.
routeGroups.routes.backends.service.name.hostname
No description for this field.
routeGroups.routes.backends.service.port
No description for this field.
Validation
Formatuint16
Minimum0
Maximum65535
Was this page helpful?
