The SOAP Authorization Policy is nearly identical to the Authorization Policy, with the exception that it accepts a SOAPAction in the HTTP header.
This policy will only accept a single SOAPAction header. It will not extract the operation name from the SOAP body.
Configuration Options
| Option | Type | Description | Possible Values | Default | |
|---|---|---|---|---|---|
| Rule | Array[<rules>] | A list of rules that your policy will apply if each of the properties match. | - | - | |
| Rules Options | |||||
| SOAP Action | String | Defines the SOAPAction the policy should be applicable to. | - | - | |
| Role | String | The role that must be assigned to the user if this pattern matches the request. | - | - | |
| Should the request pass when any or all of the authorization rules pass? | Boolean | Set to true if all rules must match, false if only one rule must match. | all any | all | |
| If the request does not match any of the authorization rules, should it pass or fail? | Boolean | Set to true if you want the policy to pass when no rules are matched. | pass fail | pass | |
Overview
Content Tools