OptionaldecodeA function to verify and decode JWTs passed as auxiliary data, returning the JWT payload.
OptionaldefaultDefault policy version to apply to requests that do not specify one.
OptionaldefaultDefault scope to apply to requests that do not specify one.
OptionalglobalsGlobal variables to pass environment-specific information to policy conditions.
OptionalheadersHeaders to add to every request to the policy decision point.
Headers can be included in the policy decision point's audit logs by setting the includeMetadataKeys or excludeMetadataKeys fields in the
audit configuration block.
The User-Agent header is set using Options.userAgent.
OptionallenientEnable lenient scope search?
By default, when a request specifies a scope of a.b.c then a policy must exist with that exact scope.
If lenient scope search is enabled, then the policy decision point will fall back to trying scopes a.b, a, and ""
if a policy with scope a.b.c does not exist.
OptionalonA callback to invoke when a decision is made by the embedded policy decision point server.
OptionalonAction to take when input fails schema validation.
Possible values are
"throw", to throw a ValidationFailed error;
a ValidationFailedCallback function; or
undefined, to return the validation errors in the response.
Source of the policy bundle.
OptionalschemaSchema enforcement level for the embedded policy decision point server.
OptionaluserCustom user agent to prepend to the built-in value.
Source of the embedded policy decision point server's WebAssembly module (imported from @cerbos/embedded-server/server.wasm).
The most appropriate source to use will depend on the target runtime of your application.
Options for creating a new Embedded client.