filter-response to direct PingAuthorize Server to invoke policy iteratively over each
item of a JSON array contained within an API response.
PERMIT decisions from the gateway, although you cannot apply Filter Response
statements directly to a SCIM search. However, the SCIM service performs
similar processing automatically when it handles a search result. For every
candidate resource in a search result, the SCIM service makes a policy
request for the resource with an Action value of
When presented with a request to permit or deny a multivalued response body, Filter Response statements allow policies to require that a separate policy request be made to determine whether the client can access each individual resource that a JSON array returns.
The following list identifies the fields of the JSON object that represents the payload for this statement.
On each policy request, if policy returns a
For a response object that contains complex data, including arrays of arrays, this statement type can descend through the JSON content of the response.
Performance might degrade as the total number of policy requests increases.