HttpRouterService.addAuthPolicy()

Home > @backstage/backend-plugin-api > HttpRouterService > addAuthPolicy

Adds an auth policy to the router. This is used to allow unauthenticated or cookie based access to parts of a plugin's API.

Signature:

addAuthPolicy(policy: HttpRouterServiceAuthPolicy): void;

Parameters

Parameter	Type	Description
policy	HttpRouterServiceAuthPolicy

**Returns:**

void

Remarks

The paths given follow the same pattern as the routers given to the use method, that is, they are relative to the plugin's base URL, and can contain placeholders.

Example

http.addAuthPolicy({
  path: '/static/:id',
  allow: 'user-cookie',
});

This allows limited access tokens via cookies on the /api/<plugin-id>/static/* paths, but not unauthenticated access.

Parameters​

Remarks​

Example​

Parameters

Remarks

Example