| enabled |
whether this part of the policy will be enforced |
Boolean |
true |
true, false |
| compensatingControl |
whether there’s another mechanism to handle this (elsewhere) in the stack |
Boolean |
false |
true, false |
| rateLimiting |
settings to prevent api abuse |
|
|
|
| maxRequests |
how many requests the api will accept before rejection |
Number(int) |
500 |
Any integer >= 0 (0 = no max) |
| withinTimeframe |
within what timeframe (in minutes) maxRequests can occur |
Number(int) |
60 |
Any integer >= 0 (0 = unlimited time) |
| jwt |
JSON Web Token Settings |
|
|
|
| issuer |
tells who issued the token |
String |
null |
String or null |
| audience |
identifies the recipients that the JWT is intended for |
String Array |
null |
String Array or null |
| exp |
identifies the expiration time (seconds) on or after which the JWT MUST NOT be accepted for processing |
Number(int) |
600 |
Any integer >= 0 (0 = never expires) |
| nbf |
identifies the time before which the JWT MUST NOT be accepted for processing. |
Date |
null |
Date or null |