HTTP Transformation Rules
- Resource endpoint protection
- As part of FAPI conformance, any resource endpoint that is protected by an OIDC API definition should support the following standards:
These requirements can be achieved by implementing the following HTTP transformation rule. The example assumes resource endpoint are files under a directory with the name 'resource'.
- Returns x-fapi-interaction-id
- ContentType: JsonUTF8
HTTP Transformation Rule Reverse Proxy Configuration <?xml version="1.0" encoding="UTF-8"?> <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0" xmlns:external="http://xsltfunctions.isam.ibm.com"> <xsl:strip-space elements="*" /> <xsl:template match="/"> <HTTPResponseChange> <xsl:apply-templates /> </HTTPResponseChange> </xsl:template> <xsl:template match="//HTTPResponse/Headers"> <Header name="Content-type" action="update">application/json; charset=utf-8</Header> </xsl:template> <xsl:template match="//HTTPResponse/HTTPRequest/Headers/Header"> <xsl:choose> <xsl:when test="@name='x-fapi-interaction-id' "> <Header name="x-fapi-interaction-id" action="add"> <xsl:value-of select="current()" /> </Header> </xsl:when> </xsl:choose> </xsl:template> </xsl:stylesheet>
[http-transformations] resourceReq=resourceReq [http-transformations:resourceReq] request-match = response:GET /resource* match-case-insensitive = yes
Parent topic: Achieving Financial-grade API (FAPI) conformance with IBM Security Verify Access