Expressions

Expressions are configured in the parameter exec_if_expr, which is located one level above config { }. These parameter used to configure logic defining if a valve should be executed or not based on runtime data, such as request parameter values.

Example

{
    "name": "DumpState",
    "exec_if_expr": "request.used_auth == ('unpw') || request.used_auth == ('otp')",
    "config": {}
}

REQUEST

Example - Exec if request param equals with OR.

"exec_if_expr": "request.used_auth == ('unpw') || request.used_auth == ('otp')",

ITEM

Example - Exec if no items exist

"exec_if_expr": "state.items == null || state.items.isEmpty()"

ITEM PROPERTY

Example - Exec if the item property iam_role exist, but the value is empty

"exec_if_expr": "items.len > 0 && items[0].iam_role == ''"

Example - Exec if the item property iam_role exist with the value Admin

"exec_if_expr": "items.len > 0 && items[0].iam_role == 'Admin'"

Example - Exec if the item property pwdLastSet exist

"exec_if_expr": "items[0].pwdLastSet"

Example - Exec if the item property pwdLastSet is missing

"exec_if_expr": "!items[0].pwdLastSet"

More details are found here

Expressions

PreviousProtect Entra ID (Azure AD) with eID MFA NextGoogle

Last updated 3 months ago