Match Conditions
Match conditions determine when rules should be executed. They provide a flexible system for targeting specific requests based on various attributes like headers, paths, IP addresses, and more.
Overview
Control how conditions are evaluated with three logical operators:
Match Operators
Choose how multiple conditions should be combined in your matching logic
Condition Types
37 conditions
Paths
Match against request URLs using various strategies from exact matches to wildcard patterns.
Positive condition
Negated condition
Basic Path Matching
Match exact paths for specific endpoints.
- paths
- !paths
JSON
{
"paths": [
"/api/*",
"/v2/users/*"
]
}JSON
{
"!paths": [
"/api/*",
"/v2/users/*"
]
}Path Prefix Matching
Match all paths that start with specific prefixes.
- paths_startswith
- !paths_startswith
JSON
{
"paths_startswith": [
"/api/",
"/admin/"
]
}JSON
{
"!paths_startswith": [
"/api/",
"/admin/"
]
}Exact Path Matching
Match only the exact full path.
- paths_full
- !paths_full
JSON
{
"paths_full": [
"/health",
"/status"
]
}JSON
{
"!paths_full": [
"/health",
"/status"
]
}Wildcard Path Matching
Use wildcards for pattern-based path matching.
- paths_wildcard
- !paths_wildcard
JSON
{
"paths_wildcard": [
"/api/*/users",
"/files/*.jpg"
]
}JSON
{
"!paths_wildcard": [
"/api/*/users",
"/files/*.jpg"
]
}Headers
Match against HTTP request and response headers with multiple matching strategies for flexible header-based routing.
Positive condition
Negated condition
Basic Header Matching
Match specific header values exactly.
- reqheader
- !reqheader
JSON
{
"reqheader": {
"User-Agent": [
"mobile-app",
"desktop-app"
],
"Accept-Language": [
"en-US",
"en-GB"
]
}
}JSON
{
"!reqheader": {
"User-Agent": [
"mobile-app",
"desktop-app"
],
"Accept-Language": [
"en-US",
"en-GB"
]
}
}Header Value Matching
Alternative syntax for header value matching.
- reqheader_values
- !reqheader_values
JSON
{
"reqheader_values": {
"Authorization": [
"Bearer abc123"
],
"X-API-Key": [
"key1",
"key2"
]
}
}JSON
{
"!reqheader_values": {
"Authorization": [
"Bearer abc123"
],
"X-API-Key": [
"key1",
"key2"
]
}
}Header Prefix Matching
Match headers that start with specific values.
- reqheader_startswith_values
- !reqheader_startswith_values
JSON
{
"reqheader_startswith_values": {
"User-Agent": [
"Mozilla/",
"Chrome/"
],
"X-Forwarded-For": [
"192.168."
]
}
}JSON
{
"!reqheader_startswith_values": {
"User-Agent": [
"Mozilla/",
"Chrome/"
],
"X-Forwarded-For": [
"192.168."
]
}
}Header Wildcard Matching
Use wildcards for flexible header pattern matching.
- reqheader_wildcard_values
- !reqheader_wildcard_values
JSON
{
"reqheader_wildcard_values": {
"User-Agent": [
"*mobile*",
"*tablet*"
],
"Accept": [
"image/*"
]
}
}JSON
{
"!reqheader_wildcard_values": {
"User-Agent": [
"*mobile*",
"*tablet*"
],
"Accept": [
"image/*"
]
}
}Exact Header Matching
Match headers with exact full values.
- reqheader_full_values
- !reqheader_full_values
JSON
{
"reqheader_full_values": {
"Content-Type": [
"application/json"
],
"X-Requested-With": [
"XMLHttpRequest"
]
}
}JSON
{
"!reqheader_full_values": {
"Content-Type": [
"application/json"
],
"X-Requested-With": [
"XMLHttpRequest"
]
}
}Basic Response Header Matching
Match specific response header values exactly.
- respheader
- !respheader
JSON
{
"respheader": {
"Content-Encoding": [
"gzip"
],
"Server": [
"AkamaiNetstorage"
]
}
}JSON
{
"!respheader": {
"Content-Encoding": [
"gzip"
],
"Server": [
"AkamaiNetstorage"
]
}
}Response Header Value Matching
Alternative syntax for response header value matching.
- respheader_values
- !respheader_values
JSON
{
"respheader_values": {
"Server": [
"AkamaiNetstorage"
],
"Content-Type": [
"text/html"
]
}
}JSON
{
"!respheader_values": {
"Server": [
"AkamaiNetstorage"
],
"Content-Type": [
"text/html"
]
}
}Response Header Prefix Matching
Match response headers that start with specific values.
- respheader_startswith_values
- !respheader_startswith_values
JSON
{
"respheader_startswith_values": {
"content-type": [
"text/"
]
}
}JSON
{
"!respheader_startswith_values": {
"content-type": [
"text/"
]
}
}Response Header Wildcard Matching
Use wildcards for flexible response header pattern matching.
- respheader_wildcard_values
- !respheader_wildcard_values
JSON
{
"respheader_wildcard_values": {
"Server": [
"*aws*"
]
}
}JSON
{
"!respheader_wildcard_values": {
"Server": [
"*aws*"
]
}
}Exact Response Header Matching
Match response headers with exact full values.
- respheader_full_values
- !respheader_full_values
JSON
{
"respheader_full_values": {
"Content-Type": [
"application/json"
],
"X-Requested-With": [
"XMLHttpRequest"
]
}
}JSON
{
"!respheader_full_values": {
"Content-Type": [
"application/json"
],
"X-Requested-With": [
"XMLHttpRequest"
]
}
}Query Parameters
Match against URL query parameters for dynamic request routing and processing.
Positive condition
Negated condition
Query Parameter Existence
Check if specific query parameters are present.
- query_exists
- !query_exists
JSON
{
"query_exists": [
"debug",
"preview"
]
}JSON
{
"!query_exists": [
"debug",
"preview"
]
}Query Parameter Values
Match specific values of query parameters.
- query_values
- !query_values
JSON
{
"query_values": {
"version": [
"v1",
"v2"
],
"format": [
"json",
"xml"
]
}
}JSON
{
"!query_values": {
"version": [
"v1",
"v2"
],
"format": [
"json",
"xml"
]
}
}Query Wildcard Matching
Use wildcards for flexible query parameter matching.
- query_wildcard_values
- !query_wildcard_values
JSON
{
"query_wildcard_values": {
"search": [
"*product*"
],
"category": [
"electronics*"
]
}
}JSON
{
"!query_wildcard_values": {
"search": [
"*product*"
],
"category": [
"electronics*"
]
}
}Exact Query Parameter Matching
Match requests with exact query parameter values.
- query_full_values
- !query_full_values
JSON
{
"query_full_values": {
"version": [
"v1.0"
],
"format": [
"json",
"xml"
]
}
}JSON
{
"!query_full_values": {
"version": [
"v1.0"
],
"format": [
"json",
"xml"
]
}
}Query Parameter Prefix Matching
Match requests where query value starts with a value.
- query_startswith_values
- !query_startswith_values
JSON
{
"query_startswith_values": {
"category": [
"tech",
"news"
],
"tag": [
"featured"
]
}
}JSON
{
"!query_startswith_values": {
"category": [
"tech",
"news"
],
"tag": [
"featured"
]
}
}Query Parameter Map Matching
Match query parameters using key-value maps for complex query string patterns.
- query
- !query
JSON
{
"query": {
"action": [
"view",
"edit"
],
"format": [
"json"
]
}
}JSON
{
"!query": {
"action": [
"view",
"edit"
],
"format": [
"json"
]
}
}Geographic Matching
Match requests based on client geographic location using country, region, continent, and city codes.
Positive condition
Negated condition
Geographic Country Matching
Match requests based on client country codes using ISO 3166-1 alpha-2 format (e.g., US, GB, JP). Property Reference | Download Country Codes
Also known as:
geo_country- geo
- !geo
JSON
{
"geo": [
"US",
"CA",
"GB"
]
}JSON
{
"!geo": [
"US",
"CA",
"GB"
]
}Geographic Region-Based Matching
Match requests from specific regions using ISO 3166-2 two-letter codes (e.g., MA, CA, TX). Property Reference | Download Region Codes
Also known as:
geo_regionโ ๏ธ Note: geo_region can be used as a match condition, but NOT an interpolation variable. Use {{region}} for interpolations.
- region
- !region
JSON
{
"region": [
"BY",
"IL",
"NY"
]
}JSON
{
"!region": [
"BY",
"IL",
"NY"
]
}Geographic Continent-Based Matching
Match requests from specific continents using two-letter codes (e.g., NA, EU, AS). Property Reference | Download Continent Codes
Also known as:
geo_continentโ ๏ธ Note: geo_continent can be used as a match condition, but NOT an interpolation variable. Use {{continent}} for interpolations.
- continent
- !continent
JSON
{
"continent": [
"NA",
"EU"
]
}JSON
{
"!continent": [
"NA",
"EU"
]
}Geographic City-Based Matching
Match requests from specific cities. City names are uppercase (e.g., LONDON, NEW YORK). Property Reference | Download City Codes
Also known as:
geo_cityโ ๏ธ Note: geo_city can be used as a match condition, but NOT an interpolation variable. Use {{city}} for interpolations.
- city
- !city
JSON
{
"city": [
"MUNICH",
"CHICAGO"
]
}JSON
{
"!city": [
"MUNICH",
"CHICAGO"
]
}IP & ASN Matching
Match requests based on client IP addresses (IPv4/IPv6) and Autonomous System Numbers.
Positive condition
Negated condition
ASN Matching
Matches requests based on the Autonomous System Number (ASN) of the client's IP address.
- asn
- !asn
JSON
{
"asn": [
16509,
8075,
13335
]
}JSON
{
"!asn": [
16509,
8075,
13335
]
}ASN Exact Matching
Match requests based on exact Autonomous System Number equality.
- asn_equals
- !asn_equals
JSON
{
"asn_equals": [
"16509",
"15169",
"32934"
]
}JSON
{
"!asn_equals": [
"16509",
"15169",
"32934"
]
}IPv4 Matching
Match specific IPv4 addresses or CIDR blocks.
- ipv4
- !ipv4
JSON
{
"ipv4": [
"192.0.2.100",
"198.51.100.0/24",
"203.0.113.0/24"
]
}JSON
{
"!ipv4": [
"192.0.2.100",
"198.51.100.0/24",
"203.0.113.0/24"
]
}IPv6 Matching
Match IPv6 addresses with full address or CIDR notation.
- ipv6
- !ipv6
JSON
{
"ipv6": [
"2001:db8::1",
"2001:db8::/32"
]
}JSON
{
"!ipv6": [
"2001:db8::1",
"2001:db8::/32"
]
}Cookie Matching
Match requests based on cookie names using exact, prefix, or wildcard patterns.
Positive condition
Negated condition
Cookie Name Matching
Match specific cookie names exactly.
- cookie_name
- !cookie_name
JSON
{
"cookie_name": [
"session_id",
"user_pref"
]
}JSON
{
"!cookie_name": [
"session_id",
"user_pref"
]
}Cookie Name Prefix
Match cookies whose names start with specific prefixes.
- cookie_name_startswith
- !cookie_name_startswith
JSON
{
"cookie_name_startswith": [
"sess_",
"temp_"
]
}JSON
{
"!cookie_name_startswith": [
"sess_",
"temp_"
]
}Cookie Name Wildcards
Use wildcards for flexible cookie name matching.
- cookie_name_wildcard
- !cookie_name_wildcard
JSON
{
"cookie_name_wildcard": [
"*_session",
"user_*"
]
}JSON
{
"!cookie_name_wildcard": [
"*_session",
"user_*"
]
}Request Properties
Match requests based on HTTP method, protocol scheme, and file extension.
Positive condition
Negated condition
HTTP Method Matching
Target specific HTTP methods.
- method
- !method
JSON
{
"method": [
"GET",
"POST",
"PUT"
]
}JSON
{
"!method": [
"GET",
"POST",
"PUT"
]
}Protocol/Scheme Matching
Match requests based on protocol (HTTP/HTTPS).
Also known as:
scheme- protocol
- !protocol
JSON
{
"protocol": [
"https"
]
}JSON
{
"!protocol": [
"https"
]
}URL Scheme Matching
Match requests based on URL scheme (http, https, or other protocols).
Also known as:
protocol- scheme
- !scheme
JSON
{
"scheme": [
"https"
]
}JSON
{
"!scheme": [
"https"
]
}File Extension Matching
Match requests based on file extensions.
- extension
- !extension
JSON
{
"extension": [
"jpg",
"png",
"gif",
"webp"
]
}JSON
{
"!extension": [
"jpg",
"png",
"gif",
"webp"
]
}Response Properties
Match based on response properties such as origin timeout status. Available in response match conditions only (onClientResponse, onOriginResponse).
Positive condition
Negated condition
Origin Timeout Matching
Match responses based on whether the origin connection has timed out. Available in response match conditions only (onClientResponse, onOriginResponse).
- origin_timeout
- !origin_timeout
JSON
{
"origin_timeout": true
}JSON
{
"!origin_timeout": true
}Response Status Code Matching
Match responses based on HTTP status codes. Supports exact codes (500), ranges (502-504), and classes (5xx). Available in response match conditions only (onClientResponse, onOriginResponse).
- status
- !status
JSON
{
"status": [
500,
"502-504",
"5xx"
]
}JSON
{
"!status": [
500,
"502-504",
"5xx"
]
}Performance and Validation
โกEfficient Matching
- โUse specific conditions first
- โPrefer prefix over wildcards
โ ๏ธPerformance Tips
- โ Avoid complex wildcards
- โ Limit array sizes
- โ Use matchAll for quick exits
โ Best Practices
- โStart with simple conditions
- โTest thoroughly in staging
- โDocument complex logic