From 8090975f1857c070d2f620be3e35cf8f970dbf59 Mon Sep 17 00:00:00 2001 From: Patricia Loraine Santa Ana Date: Mon, 21 Oct 2024 15:12:49 -0700 Subject: [PATCH 1/3] Transform Rules fields --- .../jwt-validation/transform-rules.mdx | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx b/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx index 4946224e607be9e..0d5221398791e83 100644 --- a/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx +++ b/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx @@ -35,3 +35,28 @@ As an example, to send the header `x-send-jwt-claim-user` request header to the 5. Choose **Set dynamic**. 6. Set the header name. 7. Set the value to `lookup_json_string(http.request.jwt.claims[""][0], "claim_name")`, where `` is your token configuration ID found in JWT Validation and `claim_name` is the JWT claim you want to add to the header. + +## Available fields + +You can create Transform Rules using more claims present in tokens processed by JSON Web Tokens Validation. + +- `http.request.jwt.claims.aud,` +- `http.request.jwt.claims.aud.names,` +- `http.request.jwt.claims.aud.values,` +- `http.request.jwt.claims.iat.sec,` +- `http.request.jwt.claims.iat.sec.names,` +- `http.request.jwt.claims.iat.sec.values,` +- `http.request.jwt.claims.iss,` +- `http.request.jwt.claims.iss.names,` +- `http.request.jwt.claims.iss.values,` +- `http.request.jwt.claims.jti,` +- `http.request.jwt.claims.jti.names,` +- `http.request.jwt.claims.jti.values,` +- `http.request.jwt.claims.nbf.sec,` +- `http.request.jwt.claims.nbf.sec.names,` +- `http.request.jwt.claims.nbf.sec.values,` +- `http.request.jwt.claims.sub,` +- `http.request.jwt.claims.sub.names,` +- `http.request.jwt.claims.sub.values` +- `cf.api_gateway.auth_id_present` +- `cf.api_gateway.request_violates_schema` \ No newline at end of file From 5fd213e4ce6ed417ce59f56e0328cc3b809bf504 Mon Sep 17 00:00:00 2001 From: Patricia Loraine Santa Ana Date: Tue, 22 Oct 2024 08:33:12 -0700 Subject: [PATCH 2/3] add link --- .../docs/api-shield/security/jwt-validation/transform-rules.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx b/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx index 0d5221398791e83..5052ff597971bd0 100644 --- a/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx +++ b/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx @@ -38,7 +38,7 @@ As an example, to send the header `x-send-jwt-claim-user` request header to the ## Available fields -You can create Transform Rules using more claims present in tokens processed by JSON Web Tokens Validation. +You can create Transform Rules using more claims present in tokens processed by [JWT Validation](/api-shield/security/jwt-validation/). - `http.request.jwt.claims.aud,` - `http.request.jwt.claims.aud.names,` From ad37c1d0d2f27e2edc13b20d57b6c7c673d7a20b Mon Sep 17 00:00:00 2001 From: Patricia Loraine Santa Ana Date: Tue, 22 Oct 2024 09:56:13 -0700 Subject: [PATCH 3/3] feedback --- .../api-shield/security/jwt-validation/transform-rules.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx b/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx index 5052ff597971bd0..ba199feaf962e2d 100644 --- a/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx +++ b/src/content/docs/api-shield/security/jwt-validation/transform-rules.mdx @@ -57,6 +57,6 @@ You can create Transform Rules using more claims present in tokens processed by - `http.request.jwt.claims.nbf.sec.values,` - `http.request.jwt.claims.sub,` - `http.request.jwt.claims.sub.names,` -- `http.request.jwt.claims.sub.values` -- `cf.api_gateway.auth_id_present` +- `http.request.jwt.claims.sub.values,` +- `cf.api_gateway.auth_id_present,` - `cf.api_gateway.request_violates_schema` \ No newline at end of file