JsonRpcCondition
Last updated
Last updated
The JsonRpcCondition is designed for access control decisions that rely on data from an external HTTPS JSON RPC endpoint following the .
The condition operates by sending an HTTPS POST request to a specified JSON RPC endpoint using a query to extract relevant data from the response and comparing the extracted value to an expected result.
It is composed of the following properties:
endpoint: the HTTPS URI for the JSON RPC endpoint that will be queried, e.g.https://api.example.com
method: the JSON RPC method to be invoked
params(Optional): Parameters for the specified method, provided as either a dictionary or an array.
query(Optional): a JSONPath query used to extract specific data from the JSON response. The query is relative to the result entry included in the JSON response.
(Optional): A bearer token that will be included in the HTTPS Authorization header. It enables the use of endpoints that require OAuth/JWT authorization.
: the test to validate the value extracted by the JSONPath query.
Error Handling
If the HTTPS response does not return a status code of 200, the condition will fail automatically, and access will be denied.
If the JSONPath query is provided but cannot properly extract the desired value, the condition will fail, resulting in access being denied.
If an invalid authorizationToken is provided, the call to the API will fail, causing the condition to fail and access to be denied.
Any JSON RPC 2.0 endpoint including:
Requests to non-EVM blockchain JSON RPC endpoints e.g. Bitcoin, Solana. (A separate non-EVM blockchain condition may be added if there is sufficient use in this area)
Oracle endpoints e.g. market data, prices
The JSON data for the HTTP POST request to the RPC endpoint will look like the following:
The condition would be satisfied if the JSON RPC endpoint returned something analogous to the following:
Client-side:
Server-side: