Product Summary
The following table summarizes the assertions available in each version of the gateway. Note that your assertion folders may contain encapsulated assertions created by your organization. For a description of each assertion, see the pages under .
gateway91
The following table summarizes the assertions available in each version of the
CA API Gateway
. Note that your assertion folders may contain encapsulated assertions created by your organization. For a description of each assertion, see the pages under Policy Assertions. For more information, see the
CA API Gateway
Data Sheet located at: https://www.ca.com/content/dam/ca/us/files/data-sheet/ca-api-gateway.PDFAPI Gateway Essentials | API Gateway Enterprise | |
|---|---|---|
Access Control | ||
Authenticate Against Identity Provider | X | X |
Authenticate Against Radius Server | X | |
Authenticate Against CA Single Sign-On | X | X |
Authenticate User or Group | X | X |
Authorize via CA Single Sign-On | X | X |
Check Protected Resource Against CA Single Sign-On | X | X |
Exchange Credentials using WS-Trust | X | |
Extract Attributes for Authenticated User | X | X |
Extract Attributes from Certificate | X | X |
Insert JDBC Data in Bulk | X | X |
Perform Cassandra Query | X | X |
Perform JDBC Query | X | X |
Process CORS Request | X | X |
Query LDAP | X | X |
Require Encrypted UsernameToken Profile Credentials | X | |
Require FTP Credentials | X | |
Require HTTP Basic Credentials | X | X |
Require HTTP Cookie | X | X |
Require NTLM Authentication Credentials | X | |
Require Remote Domain Identity | X | |
Require SAML Token Profile | X | |
Require SSH Credentials | X | |
Require SSL or TLS Transport with Client Authentication | X | X |
Require Windows Integrated Authentication Credentials | X | |
Require WS-Secure Conversation | X | |
Require WS-Security Kerberos Token Profile Credentials | X | |
Require WS-Security Password Digest Credentials | X | |
Require WS-Security Signature Credentials | X | |
Require WS-Security UsernameToken Profile Credentials | X | |
Require XPath Credentials | X | X |
Retrieve Credentials from Context Variable | X | X |
Retrieve Kerberos Authentication Credentials | X | |
Retrieve SAML Browser Artifact | X | X |
Use WS-Federation Credential | X | |
Transport Layer Security (TLS) | ||
Require SSL or TLS Transport | X | X |
XMPP Get Client Certificate | X | |
XML Security | ||
(Non-SOAP) Check Results from XML Verification | X | X |
(Non-SOAP) Decrypt XML Element | X | X |
(Non-SOAP) Encrypt XML Element | X | X |
(Non-SOAP) Sign XML Element | X | X |
(Non-SOAP) Validate SAML Token | X | X |
(Non-SOAP) Verify XML Element | X | X |
Add or Remove WS-Security | X | |
Add Security Token | X | |
Add Timestamp | X | X |
Build RST SOAP Request | X | |
Build RSTR SOAP Response | X | |
Build SAML Protocol Request | X | |
Build SAML Protocol Response | X | |
Cancel Security Context | X | |
Configure WS-Security Decoration | X | |
Create SAML Token | X | X |
Create Security Context Token | X | |
Create XACML Request | X | |
Encrypt Element | X | |
Establish Outbound Secure Conversation | X | |
Evaluate SAML Protocol Response | X | |
Evaluate XACML Policy | X | |
Generate OAuth Signature Base String | X | X |
Generate Security Hash | X | X |
Look Up Certificate | X | |
Look Up Outbound Secure Conversation Session | X | |
Process RSTR Response | X | |
Protect Against Message Replay | X | X |
Require Encrypted Element | X | X |
Require Signed Element | X | X |
Require Timestamp | X | X |
Sign Element | X | X |
Use WS-Security 1.1 | X | |
Message Validation/Transformation | ||
Add or Remove XML Element(s) | X | X |
Add WS-Addressing | X | |
Apply JSON Transformation | X | X |
Apply XSL Transformation | X | X |
Compress Messages to/from SecureSpan XVC | X | |
Create JSON Web Key | X | X |
Decode ID Token* | X | X |
Decode JSON Web Token | X | X |
Decode MTOM Message | X | X |
Encode/Decode Data | X | X |
Encode JSON Web Token | X | X |
Encode to MTOM Format | X | X |
Enforce WS-I BSP Compliance | X | |
Enforce WS-I SAML Compliance | X | |
Enforce WS-Security Policy Compliance | X | |
Evaluate JSON Path Expression | X | X |
Evaluate Regular Expression | X | X |
Evaluate Request XPath | X | X |
Evaluate Response XPath | X | X |
Evaluate WSDL Operation | X | |
Generate ID Token* | X | X |
Process SAML Attribute Query Request | X | |
Process SAML Authentication Request | X | X |
Replace Tag Content | X | X |
Require WS-Addressing | X | |
Set SAML Response Status Code | X | X |
Translate HTTP Form to MIME | X | |
Translate MIME to HTTP Form | X | |
Validate Against Swagger Document | X | X |
Validate Certificate | X | X |
Validate HTML Form Data | X | X |
Validate JSON Schema | X | X |
Validate MTOM Message | X | X |
Validate or Change Content Type | X | X |
Validate SOAP Attachments | X | X |
Validate XML Schema | X | X |
Message Routing | ||
Close XMPP Session | X | |
Configure Message Streaming | X | X |
Copy Request Message to Response | X | X |
Manage Cookie | X | X |
Manage Transport Properties/Headers | X | X |
Open XMPP Server Session | X | |
Return Template Response to Requestor | X | X |
Route via FTP(S) | X | |
Route via HTTP(S) | X | X |
Route via JMS | X | |
Route via MQ Native | X | |
Route via Raw TCP | X | |
Route via SSH2 | X | |
Send To Remote XMPP Host | X | |
Start TLS On XMPP Session | X | |
XMPP Associate Sessions | X | |
XMPP Get Session Attribute | X | |
XMPP Get Session ID | X | |
XMPP Set Session Attribute | X | |
Service Availability | ||
Apply Rate Limit | X | X |
Apply Throughput Quota | X | X |
Limit Availability to Time/Days | X | X |
Look Up in Cache | X | X |
Query Rate Limit | X | X |
Query Throughput Quota | X | X |
Resolve Service | X | X |
Restrict Access to IP Address Range | X | X |
Sign Certificate | X | |
Store to Cache | X | X |
Logging, Auditing and Alerts | ||
Accumulate Data in Memory | X | X |
Add Audit Details | X | X |
Audit Messages in Policy | X | X |
Capture Identity of Requestor | X | X |
Customize Error Response | X | X |
Customize SOAP Fault Response | X | X |
Send Email Alert | X | X |
Send SNMP Trap | X | X |
Policy Logic | ||
Add Comment to Policy | X | X |
All Assertions Must Evaluate to True | X | X |
At Least One Assertion Must Evaluate to True | X | X |
Compare Expression | X | X |
Continue Processing | X | X |
Create Routing Strategy | X | X |
Execute Routing Strategy | X | X |
Export Variables from Fragment | X | X |
Generate UUID | X | X |
Handle Errors | X | X |
Include Policy Fragment | X | X |
Join Variable | X | X |
Look Up Context Variable | X | X |
Look Up Item by Value | X | X |
Look Up Item by Index Position | X | X |
Manipulate Multivalued Variable | X | X |
Map Value | X | X |
Process Routing Strategy Result | X | X |
Raise Error | X | X |
Run All Assertions Concurrently | X | X |
Run Assertions for Each Item | X | X |
Set Context Variable | X | X |
Split Variable | X | X |
Stop Processing | X | X |
Threat Protection | ||
Limit Message Size | X | X |
Protect Against Code Injection | X | X |
Protect Against Cross-Site Request Forgery | X | X |
Protect Against XML Document Structure Threats | X | X |
Protect Against JSON Document Structure Threats | X | X |
Protect Against Message Replay | X | X |
Protect Against SQL Attacks | X | X |
Scan Using ICAP-Enabled Antivirus | X | X |
Validate JSON Schema | X | X |
Validate OData Request | X | X |
Validate or Change Content Type | X | X |
Validate XML Schema | X | X |
Internal Assertions | ||
Collect WSDM Metrics | X | X |
Convert Audit Record to XML | X | X |
Handle UDDI Subscription Notification | X | X |
Manage Gateway | X | X |
REST Manage Gateway | X | X |
Retrieve Service WSDL | X | X |
Subscribe to WSDM Resource | X | X |
Custom Assertions | ||
Access Resource Protected by JSAM | X | X |
Access Resource Protected by Oracle Access Manager | X | X |
Authenticate using Tivoli Access Manager | X | X |
Authenticate with CA Single Sign-On R12 Protected Resource | X | X |
Execute Salesforce Operation | X | X |
Scan Using Symantec Antivirus | X | X |
*The Decode ID Token and Generate ID Token assertions are used by the OAuth Toolkit. For more information about these assertions, see "Using the OpenID Connect Assertions" in docops.ca.com/otk.