Use filter-response
to direct PingAuthorize Server to invoke policy iteratively over each
item of a JSON array contained within an API response.
Description | Details |
---|---|
Applicable to |
PERMIT decisions from the gateway, although you cannot apply Filter Response
statements directly to a SCIM search. However, the SCIM service performs
similar processing automatically when it handles a search result. For every
candidate resource in a search result, the SCIM service makes a policy
request for the resource with an Action value of
|
Additional information |
When presented with a request to permit or deny a multivalued response body, Filter Response statements allow policies to require that a separate policy request be made to determine whether the client can access each individual resource that a JSON array returns. The following list identifies the fields of the JSON object that represents the payload for this statement.
On each policy request, if policy returns a For a response object that contains complex data, including arrays of arrays, this statement type can descend through the JSON content of the response. Note:
Performance might degrade as the total number of policy requests increases. |