Availability by Gateway
Policy Availability
| Policy | Flex Gateway | Mule Gateway | Service Mesh | Summary |
|---|---|---|---|---|
Basic Authentication: LDAP |
Allows access based on the basic authorization mechanism, with user-password defined on LDAP |
|||
Basic Authentication: Simple |
Allows access based on the basic authorization mechanism, with a single user-password |
|||
Client ID Enforcement |
Allows access only to authorized client applications |
|||
Cross-Origin Resource Sharing (CORS) |
Enables access to resources residing in external domains |
|||
Detokenization |
Returns a tokenized value to its original value |
|||
External Authorization |
Authenticates requests by using an external gRPC or HTTP authorization service |
|||
External Processing |
Sends the incoming HTTP requests or outgoing HTTP responses to an external gRPC service for additional processing |
|||
Header Injection |
Adds headers to a request or a response |
|||
Header Removal |
Removes headers from a request or a response |
|||
Health Check |
Monitors API upstream health at specific intervals |
|||
HTTP Caching |
Caches HTTP responses from an API implementation |
|||
IP Allowlist |
Allows a list or range of specified IP addresses to request access |
|||
IP Blocklist |
Blocks a single IP address or a range of IP addresses from accessing an API endpoint |
|||
JSON Threat Protection |
Protects against malicious JSON in API requests |
|||
JWT Validation |
Validates a JWT |
|||
Message Logging |
Logs custom messages using information from incoming requests, responses from the backend, or information from other policies applied to the same API endpoint |
|||
OAuth 2.0 Access Token Enforcement Using Mule OAuth Provider |
Allows access only to authorized client applications |
|||
OAuth 2.0 Token Introspection |
Allows access only to authorized client applications |
|||
OpenAM OAuth 2.0 Token Enforcement |
Allows access only to authorized client applications |
|||
OpenID Connect OAuth 2.0 Access Token Enforcement |
Allows access only to authorized client applications |
|||
PingFederate OAuth 2.0 Token Enforcement |
Allows access only to authorized client applications |
|||
Rate Limiting |
Monitors access to an API by defining the maximum number of requests processed within a period of time |
|||
Rate Limiting: SLA-based |
Monitors access to an API by defining the maximum number of requests processed within a timespan, based on SLAs |
|||
Schema Validation |
Validates incoming traffic against a supplied OAS3 schema |
|||
Spike Control |
Regulates API traffic |
|||
Traffic Management for Multiple Upstream Services |
Manages API instance traffic to multiple upstream services from a single consumer endpoint |
|||
Traffic Management for Multiple Upstream Services (Weighted) |
Manages API instance traffic to multiple upstream services from a single consumer endpoint, using weighted percentages |
|||
Transport Layer Security (TLS) - Inbound |
Enables authentication between a client and the API proxy |
|||
Transport Layer Security (TLS) - Outbound |
Enables two-way authentication between the API proxy and an upstream service |
|||
Tokenization |
Transforms sensitive data into a nonsensitive equivalent, named token |
|||
XML Threat Protection |
Protects against malicious XML in API requests |