November 17, 2023

Minor Enhancements

[ AUT-10516 ] - Three new configuration parameters have been added to Cloudentity authorizers:

• logging.do_not_log_output - if set to true, the authorizer will not log output variables from the policy

• logging.format - allows to change the format of the log message. It allows to set the following values:

  • json - the log message will be a JSON object
  • text - the log message will be a string

  We’re recommending to use json format for easier processing of the logs. This is the default value for all authorizers but Kong. In case of Kong, the default value is text for backward compatibility.

• For istio authorizer, a new property target_service.inject.headers.obfuscated_headers has been added. It allows to specify a list of headers created in the policy output that should be obfuscated in the logs. The value of the header will be replaced with *** in the logs.

[ AUT-10297] - Introduced http.send2 rego policy function with support for connection pooling.

[ SUP-3422 ] - Added cache for prepared REGO evaluation query based on the definition to improve authorizer’s performance.