Policies
Policies Policy A configuration that manipulates, secures, or observes traffic as it flows through agentgateway. Policies can be attached at the listener, route, or backend level. are a powerful feature of agentgateway that allow you to manipulate traffic as it flows through your gateway. Policies can be used to manipulate traffic, configurable observability, enforce rich security rules, and more.
Attachment points
You can attach policies at the listener Listener An entry point for incoming traffic into agentgateway. Listeners are configured on ports and support HTTP, HTTPS, TCP, and TLS protocols. , route Route A rule that matches incoming requests and forwards them to backends. Routes can match on path, hostname, headers, query parameters, and HTTP methods. , or backend Backend A destination service that receives traffic from agentgateway. Backends can be static hosts, MCP servers, LLM providers, or other services. level to provide fine-grained control over traffic.
Policies that are attached at multiple levels are applied at all levels.
| Section | Available Policies | Phase |
|---|---|---|
| Listener | JWT JWT (JSON Web Token) A compact, URL-safe token format used for securely transmitting information between parties. JWTs are commonly used for authentication and authorization in agentgateway. , External Authorization, External Processing ExtProc (External Processing) An advanced filter that allows arbitrary modifications to HTTP requests and responses using an external gRPC processing server. ExtProc is API-compatible with Envoy's External Processing service. , Transformation Transformation The process of modifying HTTP requests or responses as they pass through agentgateway. Transformations can change headers, body content, and other request/response attributes. , Basic Authentication Authentication (AuthN) The process of verifying the identity of a user or service. Agentgateway supports various authentication methods including JWT, API keys, and basic authentication. , API Key API Key A secret token used to authenticate API requests. Agentgateway can validate API keys and attach metadata to authenticated requests. authentication | Runs before route selection |
| Route | All Policies | Runs after route selection, before backend selection |
| Backend | Backend TLS, Backend Authentication, Backend HTTP, Backend TCP, AI/LLM, MCP Authorization, MCP Authentication, Header modification | Runs after backend selection |
Example policy configuration
Review the following example configuration that uses one of each policy type.
# yaml-language-server: $schema=https://agentgateway.dev/schema/config
binds:
- port: 3000
listeners:
# Listener level policy
# Enforces that incoming requests have a valid
API key
API Key
A secret token used to authenticate API requests. Agentgateway can validate API keys and attach metadata to authenticated requests.
- policies:
apiKey:
mode: strict
keys:
- key: sk-testkey-1
metadata:
user: test
role: admin
routes:
# Route level policy
# Adds a header (based on a
CEL
CEL (Common Expression Language)
A simple expression language used throughout agentgateway to enable flexible configuration. CEL expressions can access request context, JWT claims, and other variables to make dynamic decisions.
expression) with the authenticated user (based on the API key)
- policies:
transformations:
request:
set:
x-authenticated-user: apiKey.user
backends:
- host: localhost:8080
# Backend level policy
# Adds an Authorization header to outgoing requests
policies:
backendAuth:
key: my-authorization-headerMore policy configuration guides
For more information about available policies, review the following guides:
