Pipes
2025.9 Pipes
2025.9 Pipes
  • Introduction
  • Configuration
  • Valves
    • API
      • HTTP Response Format Valve
    • Azure
      • Get User
      • Get User Role
      • Is User in Group
    • BankID
      • BidOperation
      • BidToItems
    • Cef event
    • Codecs
      • Base64 Encode
      • Base64 Decode
      • Base64 Converter
    • DateTime
      • Instant Generator
      • Instant Transformer
      • MS Date to Instant Transformer
      • Instant to MS Date Transformer
    • Debug
      • Dump Exports
      • Dump Request
      • Dump Session
      • Dump State
      • Wait
    • Delivery
      • Clean Mobile Valve
      • SMS Valve
      • Voice Valve
      • SMTP Valve
    • EntraID
      • Users
        • Create User
        • Update User
        • Delete User
        • Get User
        • List Users
        • Get Groups
        • List Groups
        • List Direct Reports
        • List Owned Objects
        • Reset Password
      • Groups
        • Create Group
        • Update Group
        • Delete Group
        • List Groups
        • Add Group To Users
        • Remove Group From Users
        • Add User To Groups
        • Remove User From Groups
        • Add Group Owner
        • Remove Group Owner
      • Directory
        • Restore Deleted Item
    • Exports
      • Exports Put
      • Exports Remove
    • Flow
      • Flow Fail
      • Flow State Add
      • Assert Value
      • Pipe Exec
      • Pipe Call
    • Freja
    • HTTP
      • GET
      • PUT
      • POST
      • DELETE
    • Item
      • Item Create
      • Item Merge
      • Item Match Merge
      • Item Remove
      • Items Remove
      • Item Property Add
      • Item Property Copy
      • Item Property Replace
      • Item Property Split
      • Item Property Rename
      • Item Property Hash
      • Item Property Token Replace
      • MV Property To Items
      • JSON To Items
      • MV Property Join
    • JDBC Query
    • JSON
      • JsonObjectCreate
    • JWT
      • CreateJwt
      • ParseJwt
    • LDAP
      • LDAP Search
      • LDAP Group Filter
      • LDAP Bind
      • LDAP Add
      • LDAP Delete
      • LDAP Modify
      • LDAP Move
      • DN Parse
    • Microsoft AD
      • Add Member To Groups
      • Remove Member From Groups
      • Add Group To Members
      • Remove Group From Members
      • GUID to string
    • Misc
      • Basic Auth
    • OTP
      • OTP Generation
      • OTP Validation
    • PKI
      • X509 Certificate Extractor
      • X509 Certificate Validator
      • Passcode Generator
    • PDF
      • Html2Pdf
      • PDFMerge
    • Request
      • RequestParameterExist
      • RequestParameterRename
    • ScriptEval
    • MobilSITHS
    • Session
      • Session Put
      • Session Create
      • CopyFromSession
    • Tokens
      • Token Authentication
    • WorkOrders
      • WorkOrderCreate
Powered by GitBook
On this page
  • Common configuration
  • Execution control

Valves

A VALVE is a highly specialised building block. In general, it operates on data exposed by the PIPE where the VALVE “lives”. By chaining multiple VALVES one can achieve customised authentication/authorization making the system follow current business requirements but also cater for future requirements changes.

Common configuration

These configuration properties applies to all valves:

Name
Description
Default
Mandatory

name

Valve name (alias or fully qualified class name).

enabled

Flag to control if valve is enabled (i.e. included in pipe) or not. Use this property to temporary disable a valve.

true

exec_if_expr

true

config

Valve specific configuration object. This object is passed to the valve during initialisation and is the configuration the valve has access to.

{}

{
    "name":"<alias>",
    "enabled": true,
    "exec_if_expr": "request.exec === 'true'",
    "config": {

    }
}

Execution control

You can control valve execution in runtime using the exec-if predicate expression (a boolean expression that returns true or false). If expression evaluated to true, the valve is executed (this is the default behaviour).

The actual filter is an ECMA-script (JavaScript) that MUST evaluate to true, false or to a boolean function returning true or false.

// Disable valve 
"exec_if_expr": "false"

// Only execute if session contains a username property
"exec_if_expr": "session.username != null"

During expression evaluation data is made available in scopes. A scope is a map (i.e key-values or hash) where values are accessed using a name and plain dot notation.

In JavaScript dot notation is NOT supported for list/array indexing.

Use the following syntax to address an element in a list:

state.items[0].id

It is also possible to use property expansion in expressions to expand the value before the script is evaluated:

${state.items.0.id}

// Get value of request parameter "username"
request.username

// Get id of current session
session.id

// Get first value of multivalue "roles" stored in session
session.roles[0]

// Get value "otp" from state set by previous valve
state.otp

The following are scopes available:

Name
Description
Case-insensitive

request

The current pipe request

session

The current session

state

The current state

items

The current items

exports

Authenticator globals. Only available if pipe is called in an authentication context (i.e. by an authenticator).

PreviousConfigurationNextAPI

Predicate expression controlling if valve should be executed or not in the current context. For details, see .

execution control