| description |
|---|
This page provides the technical details of the Keyless policy |
This security policy does not block any requests as it considers them as valid by default.
It sets multiple attributes during policy execution, as follows:
application: Anonymous application value, which is equal to1.user-id: Internet Protocol (IP) address of the client or last proxy that sent the request.
Functional and implementation information for the keyless policy is organized into the following sections:
{% hint style="warning" %} This policy can be applied to v2 APIs and v4 HTTP proxy APIs. It cannot be applied to v4 message APIs or v4 TCP proxy APIs. {% endhint %}
{% tabs %} {% tab title="HTTP proxy API example" %} Sample policy configuration:
{
"name": "Key less",
"description": "",
"enabled": true,
"policy": "key-less",
"configuration": {}
}
{% endtab %} {% endtabs %}
The phases checked below are supported by the keyless policy:
| v2 Phases | Compatible? | v4 Phases | Compatible? |
|---|---|---|---|
| onRequest | true | onRequest | true |
| onResponse | false | onResponse | false |
| onRequestContent | false | onMessageRequest | false |
| onResponseContent | false | onMessageResponse | false |
The following is the compatibility matrix for APIM and the keyless policy:
| Plugin version | Supported APIM versions |
|---|---|
| 1.x | Up to 3.20 |
| 3.x | 4.0+ |
This policy cannot fail as it does not carry out any validation.
{% @github-files/github-code-block url="https://github.com/gravitee-io/gravitee-policy-keyless/blob/master/CHANGELOG.md" %}