Express Gateway Documentation

Policies Reference




The JavaScript sandbox Object that will be used to execute JavaScript code in Conditions, Actions, and the Expression Policy. It can be used to implement non-standard scenarios.

All Node.JS global variables like process, require etc. will not be available for security reasons.

The egContext contains the following properties that can be used:

  • req: ExpressJS Request Object
  • res: ExpressJS Response Object
  • apiEndpoint: Configuration or API Endpoint that is executing. For example, apiEndpoint.scopes will provide all configured scopes for endpoint
  • consumer: Information about about the current consumer (can be an app or an user)
  • requestID: uuid v4 (base62 encoded) identifier of the current request, useful for tracking purposes. If needed, you can propagate this value down as an header using the headers policy.
  • requestStream: If set, this stream will be piped in the proxyed request body instead of the original request body. This can enable interesting scenarios.


        expression: # policy name
          - action:    # array of condition/actions objects
              jscode: 'req.url = "/new/url"; ' #  code to execute against EG Context