filter-response to direct PingAuthorize Server to invoke policy iteratively over each
item of a JSON array contained within an API response.
PERMIT decisions from Gateway, although you cannot apply Filter Response advice directly to a System for Cross-domain Identity Management (SCIM) search. However, the SCIM service performs similar processing automatically when it handles a search result. For every candidate resource in a search result, the SCIM service makes a policy request for the resource with an Action value of retrieve.
When presented with a request to permit or deny a multivalued response body, Filter Response advice allows policies to require that a separate policy request be made to determine whether the client can access each individual resource that a JSON array returns.
The following table identifies the fields of the JSON object that represents the payload for this advice.
On each policy request, if policy returns a
For a response object that contains complex data, including arrays of arrays, this advice type can descend through the JSON content of the response.
Performance might degrade as the total number of policy requests increases.