ExtractIdentity

Extract the identity

Table 1. Supported parameters
Parameter Required Data type Details
credentialType No object Supported identity extraction type
namespace No string Context namespace to exchange data with other security actions. Default value "user"
Table 2. Options for credentialType
Parameter Required Data type Details
httpBasic Yes object Extract identity as a colon delimited string
oauth2 Yes object Extract identity as an OAuth token
jwt Yes object Extract identity as a JWT token
apiKey Yes object Extract identity as an API Key from the specified locations
hostname No enum (of string) Extract identity as a hostname using the X-Forwarded-For header
ipAddress No enum (of string) Extract identity as an IP address using the X-Forwarded-For header
certificate Yes object Extract a certificate from the specified location
httpHeaders Yes object Extract identity from one or more HTTP headers
payloadElement Yes object Extract identity from the payload according to the expression
Table 3. Options for httpBasic , oauth2 and jwt
Parameter Required Data type Details
httpHeader Yes object Represents an HTTP header object that contains metadata for the request or response
contextVar Yes object Specifies a variable from the execution context to retrieve authentication credentials
query Yes object Represents credentials passed as query parameters in the request URL
payload Yes object Indicates credentials included in the body of the HTTP request
cookie Yes object Refers to credentials stored and sent as an HTTP cookie
Table 4. Nested properties inside httpHeader, contextVar and cookie
Parameter Required Data type Details
name Yes string Specifies the name of the HTTP header as a string value
Table 5. Nested properties inside query and payload
Parameter Required Data type Details
password Yes string Represents the secret key or credential used to authenticate the user
username Yes string Specifies the user identifier required for authentication
Table 6. Nested properties inside apiKey
Parameter Required Data type Details
clientId Yes object Specifies the unique identifier assigned to a client application for authentication
clientSecret No object Represents the confidential key associated with the client application, used to verify its identity
Table 7. Options for certificate
Parameter Required Data type Details
tlsCert No enum (of string) Specifies the TLS certificate used to establish a secure connection between the client and server
httpHeader Yes object Represents an HTTP header object that contains metadata for the request or response
Table 8. Options for payloadElement
Parameter Required Data type Details
jsonPath Yes string Specifies the JSONPath expression used to locate and extract credentials from a JSON payload
regex Yes string Specifies a regular expression pattern used to match and extract credentials from the payload