{ "$schema": "https://json-schema.org/draft/2019-09/schema", "$id": "https://www.krakend.io/schema/v2.13/endpoint_extra_config.json", "title": "Endpoint extra configuration", "type": "object", "properties": { "ai/mcp": { "description": "Enterprise only. Declares the endpoint as an [MCP server entrypoint](https://www.krakend.io/docs/enterprise/ai-gateway/mcp-server/)", "$ref": "ai/mcp_endpoint.json" }, "auth/api-keys": { "title": "API-key validation", "description": "Enterprise only. Validates that users of this endpoint pass a valid API-key containing one of the declared roles.\n\nSee: https://www.krakend.io/docs/enterprise/authentication/api-keys/", "type": "object", "required": [ "roles" ], "properties": { "client_max_rate": { "title": "Max rate", "description": "If you want to limit the endpoint usage to this specific user at a number of requests per second. Exceeding the number of requests per second will give the client a `429 Too Many Requests` HTTP status code.\n\nSee: https://www.krakend.io/docs/enterprise/authentication/api-keys/", "type": "number" }, "identifier": { "title": "Override Identifier", "description": "The header name or the query string name that contains the API key. By default uses any value declared in the `auth/api-keys` component in the service level.\n\nSee: https://www.krakend.io/docs/enterprise/authentication/api-keys/", "type": "string" }, "roles": { "title": "", "description": "The list of roles allowed to access the endpoint. Values must match (case sensitive) definitions in the `keys` section at the service level of `auth/api-keys`. API Keys not having the right role, or unauthenticated requests, will receive a `401 Unauthorized`.\n\nSee: https://www.krakend.io/docs/enterprise/authentication/api-keys/", "type": "array", "items": { "type": "string" } }, "strategy": { "title": "Strategy", "description": "Specifies where to expect the user API key, whether inside a header or as part of the query string. When you change the strategy at the endpoint level, **you should also set the identifier**, otherwise you could have for instance, a query string strategy expecting to have a URL like `/foo?Authorization=YOUR-KEY`.\n\nSee: https://www.krakend.io/docs/enterprise/authentication/api-keys/", "enum": [ "header", "query_string" ] } }, "patternProperties": { "^[@$_#]": true }, "additionalProperties": false }, "auth/basic": { "description": "Enterprise only. Validates the access to the endpoint using [Basic Authentication](https://www.krakend.io/docs/enterprise/authentication/basic-authentication/).", "$ref": "auth/basic.json", "type": "object" }, "auth/signer": { "description": "A component that [cryptographically signs tokens](https://www.krakend.io/docs/authorization/jwt-signing/) generated by your legacy login system (without JWT signing) to be later validated by the `auth/validator` component.", "$ref": "auth/signer.json", "type": "object" }, "auth/validator": { "description": "Protect endpoints from public usage by [validating JWT tokens](https://www.krakend.io/docs/authorization/jwt-validation/) generated by any industry-standard OpenID Connect (OIDC) integration.", "$ref": "auth/validator.json", "type": "object" }, "documentation/openapi": { "description": "Enterprise only. Documents the endpoint so you can [automatically generate OpenAPI documentation](https://www.krakend.io/docs/enterprise/developer/openapi/) through `krakend openapi export` command.", "$ref": "documentation/openapi.json", "type": "object" }, "documentation/postman": { "description": "Enterprise only. Documents the endpoint so you can [generate postman documentation automatically](https://www.krakend.io/docs/enterprise/developer/postman/) through the `krakend postman export` command.", "$ref": "documentation/postman_endpoint.json", "type": "object" }, "governance/quota": { "description": "Enterprise only. [Attach a quota](https://www.krakend.io/docs/enterprise/governance/quota/) to the endpoint, backend, or service. The quota component allows you to limit the number of requests a user can do in a given time window.\n\nSee: https://www.krakend.io/docs/enterprise/governance/quota/", "$ref": "governance/quota.json", "type": "object" }, "modifier/jmespath": { "description": "Enterprise only. The [JMESPath](https://www.krakend.io/docs/enterprise/endpoints/jmespath/) is a query language that allows you to select, slice, filter, map, project, flatten, sort, and all sorts of operations on data.", "$ref": "modifier/jmespath.json", "type": "object" }, "modifier/lua-endpoint": { "description": "[Scripting with Lua](https://www.krakend.io/docs/endpoints/lua/) is an additional choice to extend your business logic, and is compatible with the rest of options such as CEL, Martian, or other Go plugins and middlewares.", "$ref": "modifier/lua.json", "type": "object" }, "modifier/lua-proxy": { "description": "[Scripting with Lua](https://www.krakend.io/docs/endpoints/lua/) is an additional choice to extend your business logic, and is compatible with the rest of options such as CEL, Martian, or other Go plugins and middlewares.", "$ref": "modifier/lua.json", "type": "object" }, "modifier/request-body-generator": { "description": "Enterprise only. Freely [transform the request body/payload](https://www.krakend.io/backends/body-generator/) you will send to your services using a templating system.", "$ref": "modifier/body-generator.json", "type": "object" }, "modifier/response-body": { "description": "An alias of `modifier/response-body-generator`", "$ref": "modifier/response-body.json", "type": "object" }, "modifier/response-body-generator": { "description": "Enterprise only. Freely [transform the response body](https://www.krakend.io/docs/enterprise/backends/response-body-generator/) you get from your backends.", "$ref": "modifier/body-generator.json", "type": "object" }, "plugin/middleware": { "description": "Enterprise only. Inject your own [Go middleware plugins](https://www.krakend.io/docs/extending/injecting-plugins/)", "$ref": "plugin/middleware.json", "type": "object" }, "plugin/req-resp-modifier": { "description": "Inject your own [Go request and response modifier plugins](https://www.krakend.io/docs/enterprise/extending/plugin-modifiers/)", "$ref": "plugin/req-resp-modifier.json", "type": "object" }, "proxy": { "title": "Proxy", "description": "Fine tune different options for the proxy phase of the API request/response flow.", "type": "object", "properties": { "combiner": { "title": "Custom combiner", "description": "For custom builds of KrakenD only", "examples": [ "combiner_name" ], "type": "string" }, "decompress_gzip": { "title": "Decompress Gzip", "description": "Enterprise only. Decompresses any Gzipped content before sending it to the backend when the `Content-Encoding` has `gzip` in the first position. You can also set this value globally at the [service level](https://www.krakend.io/docs/enterprise/service-settings/router-options/#max_payload).\n\nSee: https://www.krakend.io/docs/service-settings/router-options/", "default": false, "type": "boolean" }, "flatmap_filter": { "title": "Flatmap (Array manipulation)", "description": "The list of operations to **execute sequentially** (top down). Every operation is defined with an object containing two properties:\n\nSee: https://www.krakend.io/docs/backends/flatmap/", "$ref": "proxy/flatmap.json", "type": "array", "items": { "type": "object" } }, "max_payload": { "title": "Maximum Payload", "description": "Enterprise only. Limits the maximum number of bytes a user can send to the endpoint. `0` means no limit. You can also set this value globally at the [service level](https://www.krakend.io/docs/enterprise/service-settings/router-options/#max_payload).\n\nSee: https://www.krakend.io/docs/service-settings/router-options/", "default": 0, "type": "integer" }, "sequential": { "title": "Sequential proxy", "description": "When set to true, instead of fetching all backend content in parallel, the calls are made in order (sequentially), allowing you to chain backend requests and making calls dependent one of each other. If any of the calls fail, the remaining ones are aborted.\n\nSee: https://www.krakend.io/docs/endpoints/sequential-proxy/", "default": false, "type": "boolean" }, "sequential_propagated_params": { "title": "Sequential propagated parameters", "description": "The list of parameters you want to propagate from a previous response to the next request. Parameters are accessible by Lua scripts, CEL, security policies, the body generator, or plugins. When you add a `resp`-like parameter in this list, the parameter becomes available to the components mentioned in subsequent calls, **uppercasing the first letter**. For instance, if you add `resp0_user`, you can access in the second, third, etc. backends in Lua to `req:params('Resp0_user')`.The format of the parameters must start with `respX_` or `respX`, where `X` is the backend index from which you want to take the parameter. If you don't set the underscore `_`, you set the whole payload as a parameter. For instance, `resp0` sets a parameter `Resp0` to use in Lua or a Body generator and contains **the entire payload of the backend 0** (as a string). In this extreme case, you must use `no-op` in the backend's output (even the endpoint has a `json` output encoding) and you should access the value in Lua or a plugin. Note that access to **nested parameters** uses a single string with the dot notation inside, e.g.: `req_params['Resp0_f1.f2.f3']` (CEL and Security Policies), or `{{ index .req_params \"Resp0_f1.f2.f3\" }}` (body generators).\n\nSee: https://www.krakend.io/docs/endpoints/sequential-proxy/", "examples": [ [ "resp0" ], [ "resp1_my_field", "resp0_user_id" ] ], "type": "array", "items": { "title": "Propagated parameter name", "description": "A `resp`-like string that references the field you want to set a parameter and use it in the next backend call.", "type": "string", "pattern": "^resp[0-9]+(_[^\\s]+)?$" } }, "static": { "title": "Static response", "description": "The static proxy injects static data in the final response when the selected strategy matches.\n\nSee: https://www.krakend.io/docs/endpoints/static-proxy/", "type": "object", "required": [ "data", "strategy" ], "properties": { "data": { "title": "Data", "description": "The static data (as a JSON object) that you will return.\n\nSee: https://www.krakend.io/docs/endpoints/static-proxy/", "type": "object" }, "strategy": { "title": "Strategy", "description": "One of the supported strategies\n\nSee: https://www.krakend.io/docs/endpoints/static-proxy/", "enum": [ "always", "success", "complete", "errored", "incomplete" ] } }, "patternProperties": { "^[@$_#]": true }, "additionalProperties": false } }, "patternProperties": { "^[@$_#]": true }, "additionalProperties": false }, "qos/ratelimit/router": { "title": "Router Rate-limiting", "description": "The router rate limit feature allows you to set a [number of maximum requests per second a KrakenD endpoint will accept](https://www.krakend.io/docs/enterprise/endpoints/rate-limit/).\n\nSee: https://www.krakend.io/docs/endpoints/rate-limit/", "$ref": "qos/ratelimit/router.json", "type": "object" }, "qos/ratelimit/router/redis": { "description": "Enterprise only. Stateful endpoint rate limit persisted on a [Redis database](https://www.krakend.io/docs/enterprise/throttling/endpoint-redis-rate-limit/)", "$ref": "qos/ratelimit/redis.json", "type": "object" }, "qos/ratelimit/tiered": { "description": "Enterprise only. The [rate limit based on tiers](https://www.krakend.io/docs/enterprise/service-settings/tiered-rate-limit/) allows you to have multiple sets of rate limits that apply differently to users depending on their tier or sometimes called subscription plans.", "$ref": "qos/ratelimit/tiered.json", "type": "object" }, "security/bot-detector": { "description": "The [bot detector](https://www.krakend.io/docs/throttling/botdetector/) module checks incoming connections to the gateway to determine if a bot made them, helping you detect and reject bots carrying out scraping, content theft, and form spam.", "$ref": "security/bot-detector.json", "type": "object" }, "security/cors": { "description": "Define [Cross-Origin Resource Sharing (CORS)](https://www.krakend.io/docs/enterprise/service-settings/cors/) configuration to send additional HTTP headers to tell browsers if they can use resources from a different origin.", "$ref": "security/cors.json", "type": "object" }, "security/http": { "description": "[Security HTTP headers](https://www.krakend.io/docs/service-settings/security/), including HSTS, HPKP, MIME-Sniffing prevention, Clickjacking protection, and others.", "$ref": "security/http.json", "type": "object" }, "security/policies": { "description": "Enterprise only. A [policies engine](https://www.krakend.io/docs/enterprise/security-policies/) that allows you to write custom sets of policies that are validated during requests, responses, or token validation.", "$ref": "security/policies.json", "type": "object" }, "telemetry/opentelemetry": { "description": "Enables metrics and traces using [OpenTelemetry](https://www.krakend.io/docs/telemetry/opentelemetry/).", "$ref": "telemetry/opentelemetry-endpoint.json", "type": "object" }, "validation/cel": { "description": "The [Common Expression Language (CEL)](https://www.krakend.io/docs/endpoints/common-expression-language-cel/) middleware enables expression evaluation, when an expression returns false, KrakenD does not return the content as the condition has failed. Otherwise, if all expressions returned true, the content is served.", "$ref": "validation/cel.json", "type": "array" }, "validation/json-schema": { "title": "Validating the body with the JSON Schema", "description": "Apply [automatic validations using a JSON Schema](https://www.krakend.io/docs/endpoints/json-schema/) definition before the content passes to the backends. The json schema component allows you to define validation rules on the body, type definition, or even validate the fields' values.", "type": "object" }, "validation/response-json-schema": { "description": "Enterprise only. Applies a [JSON schema validation to the response](https://www.krakend.io/docs/enterprise/endpoints/response-schema-validator/) before is sent to the end-user or before it’s merged in the endpoint with the rest of the backends.", "$ref": "validation/response-json-schema.json", "type": "object" }, "websocket": { "description": "Enterprise only. Enables [websocket communication](https://www.krakend.io/docs/enterprise/websockets/)", "$ref": "websocket.json", "type": "object" } }, "patternProperties": { "^[@$_#]": true }, "additionalProperties": false }