JsonApiCondition
The JsonApiCondition works by sending an HTTPS GET request to a specified JSON API endpoint, extracting relevant data from the response using a JSONPath query, and then comparing the extracted value against an expected result.
Potential use cases include geographic restrictions based on IP address or weather-based access control.
It is composed of the following properties:
endpoint: the HTTPS URI for the JSON API endpoint that will be queried, e.g.https://api.example.com/user/statusparameters(Optional): a key-value mapping of parameter names and values to pass as part of the HTTPS GET request. These parameters will be appended to the URL as query string parameters.query(Optional): aJSONPathquery used to extract specific data from the JSON response.authorizationToken(Optional): A bearer token that will be included in the HTTPSAuthorizationheader. It enables the use of endpoints that require OAuth/JWT authorization.returnValueTest: the test to validate the value extracted by the JSONPath query.
Error Handling
If the HTTPS response does not return a status code of
200, the condition will fail automatically, and access will be denied.If the
JSONPathquery is provided but cannot properly extract the desired value, the condition will fail, resulting in access being denied.If an invalid
authorizationTokenis provided, the call to the API will fail, causing the condition to fail and access to be denied.
Example
The condition would be satisfied if the API endpoint returned something analogous to the following:
Development References
Last updated