Contents
The Evaluate Selector filter enables you to evaluate the contents of a specified selector expression, and return a boolean result. A selector is a special syntax that enables API Gateway configuration settings to be evaluated and expanded at runtime.
This filter enables you to evaluate a specified selector expression and make a decision in a policy based on whether the expression value fails or passes. For example, you could use the following expression to check if the user belongs to a particular group that allows the user to access a particular resource:
${user[0].memberOf.contains("CN=Group Policy Creator Owners,CN=Users,DC=acmeqa,DC=com")}
This expression checks if the memberOf
attribute retrieved for the first
user
contains the specified value (in this case, membership of a particular
group). If the expression matches, the filter will pass.
Alternatively, you could use the following selector expression to check if the user email address is valid:
${user[0].mail.contains("admin@qa.acme.com")}
This expression checks if the mail
attribute retrieved for the first user
contains the specified value (in this case, a particular email address). If the
expression matches, the filter will pass.
For more details on selectors, see Selecting configuration values at runtime.