> For the complete documentation index, see [llms.txt](https://docs.fortifiedid.se/pipes/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.fortifiedid.se/pipes/valves.md).

# Valves

A VALVE is a highly specialised building block. In general, it operates on data exposed by the PIPE where the VALVE “lives”. By chaining multiple VALVES one can achieve customised authentication/authorization making the system follow current business requirements but also cater for future requirements changes.

## Common configuration

These configuration properties applies to all valves:

{% tabs %}
{% tab title="Properties" %}

<table><thead><tr><th>Name</th><th>Description</th><th>Default</th><th data-type="checkbox">Mandatory</th></tr></thead><tbody><tr><td><code>name</code></td><td>Valve name (alias or fully qualified class name).</td><td></td><td>true</td></tr><tr><td><code>enabled</code></td><td>Flag to control if valve is enabled (i.e. included in pipe) or not. Use this property to <em>temporary</em> disable a valve.</td><td><code>true</code></td><td>false</td></tr><tr><td><code>exec_if_expr</code></td><td>Predicate expression controlling if valve should be executed or not in the current context. For details, see <a href="#execution-control">execution control</a>.</td><td><code>true</code></td><td>false</td></tr><tr><td><code>config</code></td><td>Valve specific configuration object. This object is passed to the valve during initialisation and is the configuration the valve has access to.</td><td><code>{}</code></td><td>false</td></tr></tbody></table>
{% endtab %}

{% tab title="Example" %}

```json
{
    "name":"<alias>",
    "enabled": true,
    "exec_if_expr": "request.exec === 'true'",
    "config": {

    }
}
```

{% endtab %}
{% endtabs %}

## Execution control

You can control valve execution in runtime using the *exec-if*  predicate expression (a boolean expression that returns `true` or `false`). If expression evaluated to `true`, the valve is executed (this is the default behaviour).

The actual filter is an ECMA-script (JavaScript) that MUST evaluate to `true`, `false` or to a `boolean function` returning `true` or `false`.

```
// Disable valve 
"exec_if_expr": "false"

// Only execute if session contains a username property
"exec_if_expr": "session.username != null"
```

During expression evaluation data is made available in *scopes*. A scope is a map (i.e key-values or hash) where values are accessed using a name and plain dot notation.

{% hint style="info" %}
In JavaScript dot notation is NOT supported for list/array indexing.

Use the following syntax to address an element in a list:

`state.items[0].id`

It is also possible to use property expansion in expressions to expand the value before the script is evaluated:

`${state.items.0.id}`
{% endhint %}

<pre><code><strong>// Get value of request parameter "username"
</strong><strong>request.username
</strong><strong>
</strong><strong>// Get id of current session
</strong><strong>session.id
</strong><strong>
</strong><strong>// Get first value of multivalue "roles" stored in session
</strong><strong>session.roles[0]
</strong><strong>
</strong><strong>// Get value "otp" from state set by previous valve
</strong><strong>state.otp
</strong></code></pre>

The following are scopes available:

<table><thead><tr><th>Name</th><th>Description</th><th data-type="checkbox">Case-insensitive</th></tr></thead><tbody><tr><td><code>request</code></td><td>The current pipe request</td><td>true</td></tr><tr><td><code>session</code></td><td>The current session</td><td>false</td></tr><tr><td><code>state</code></td><td>The current state</td><td>false</td></tr><tr><td><code>items</code></td><td>The current items</td><td>false</td></tr><tr><td><code>exports</code></td><td>Authenticator globals. Only available if pipe is called in an authentication context (i.e. by an authenticator).</td><td>false</td></tr></tbody></table>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.fortifiedid.se/pipes/valves.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.