--- title: ConditionalFilter description: Verifies that a specified condition is met. If the condition is met, the request is dispatched to a delegate Filter. Otherwise, the delegate Filter is skipped. component: pinggateway version: 2026 page_id: pinggateway:reference:ConditionalFilter canonical_url: https://docs.pingidentity.com/pinggateway/2026/reference/ConditionalFilter.html revdate: 2025-08-26T18:26:39Z section_ids: ConditionalFilter-usage: Usage ConditionalFilter-properties: Properties ConditionalFilter-example: Example ConditionalFilter-moreinfo: More information --- # ConditionalFilter Verifies that a specified condition is met. If the condition is met, the request is dispatched to a delegate Filter. Otherwise, the delegate Filter is skipped. Use `ConditionalFilter` to easily use or skip a Filter depending on whether a condition is met. To easily use or skip a set of Filters, use a `ChainOfFilters` as the delegate Filter and define a set of Filters. For information, refer to [ChainOfFilters](ChainOfFilters.html). ## Usage ```none { "name": string, "type": "ConditionalFilter", "config": { "condition": runtime condition, "delegate": Filter reference } } ``` ## Properties * `"condition"`: *runtime condition<[boolean](preface.html#definition-boolean)>, required* A [condition](Conditions.html). If the condition's expression evaluates to `true`, PingGateway dispatches the request to the delegate filter. Otherwise, PingGateway skips the delegate filter. * `"delegate"`: *Filter [reference](preface.html#definition-reference), required* A [filter](Filters.html) to treat the request when the condition expression evaluates as `true`. ## Example The following example tests whether a request finishes with `.js` or `.jpg`: ```json { "type": "Chain", "config": { "filters": [{ "type": "ConditionalFilter", "config": { "condition": "${not (find(request.uri.path, '.js$') or find(request.uri.path, '.jpg$'))}", "delegate": "mySingleSignOnFilter" } }], "handler": "ReverseProxyHandler" } } ``` If the request is to access a .js file or .jpg file, it skips the delegate SingleSignOnFilter filter declared in the heap, and passes straight to the ReverseProxyHandler. If the request is to access another type of resource, it must pass through the delegate SingleSignOnFilter for authentication with AM before it can pass to the ReverseProxyHandler. ## More information [org.forgerock.openig.filter.ConditionalFilter](../_attachments/apidocs/org/forgerock/openig/filter/ConditionalFilter.html)