New Transparent capture is in preview. Record every app's traffic with no proxy configuration, on Windows, macOS and Linux. Learn more

hasAuthorizationFilter Filter

Match every request that carries an Authorization header, regardless of scheme, so you can scope rules to authenticated traffic.

Authentication headers come in many forms, but for many cleanup, redaction, and routing tasks you only need to know whether a request carries credentials at all. The hasAuthorizationFilter is the broad brush for that case: it picks up any Authorization header so you can pair it with redaction, tagging, or upstream routing actions.

When to use this filter

Use hasAuthorizationFilter whenever a rule should run on authenticated traffic, regardless of which scheme is in use. Basic, Bearer, Digest, AWS Sigv4, and other custom schemes are all caught by this filter because it checks only for the presence of the Authorization header.

Common situations:

  • Stripping credentials from a shared capture before forwarding it to a teammate.
  • Tagging every authenticated request for high level traffic analysis.
  • Routing authenticated calls through a different upstream or applying stricter policies.

Real world examples

Redact the Authorization header in a captured session

Drop credentials from any authenticated exchange so the trace can be shared safely without leaking secrets.

rules:
- filter:
    typeKind: HasAuthorizationFilter
  actions:
  - typeKind: DeleteRequestHeaderAction
    headerName: authorization

Apply a tag to every authenticated request

Quickly separate authenticated calls from anonymous ones inside the Fluxzy session view.

rules:
- filter:
    typeKind: HasAuthorizationFilter
  actions:
  - typeKind: ApplyTagAction
    tag:
      value: authenticated

Route authenticated traffic through a debug proxy

Send every credentialed call through a secondary upstream so you can correlate them in a separate log pipeline.

rules:
- filter:
    typeKind: HasAuthorizationFilter
  actions:
  - typeKind: UpStreamProxyAction
    host: debug-proxy.internal
    port: 8888

Reference

hasAuthorizationFilter

Description

Select exchanges having authorization header.

Evaluation scope

Evaluation scope defines the timing where this filter will be applied.

requestHeaderReceivedFromClient This scope occurs the moment fluxzy parsed the request header receiveid from client

YAML configuration name

hasAuthorizationFilter

Settings

This filter has no specific characteristic

The following table describes the customizable properties available for this filter:

Property Type Description DefaultValue
inverted boolean Negate the filter result false

Example of usage

The following examples apply a comment to the filtered exchange

Select exchanges having authorization header.

rules:
- filter:
    typeKind: HasAuthorizationFilter
  actions:
  - typeKind: ApplyCommentAction
    comment: filter was applied

.NET reference

View definition of HasAuthorizationFilter for .NET integration.

See also

The following filters are related to this filter:

Frequently asked questions

Is this the same as hasAuthorizationBearerFilter?

No. hasAuthorizationBearerFilter only matches the Bearer scheme. hasAuthorizationFilter matches any value in the Authorization header, including Basic and custom schemes.

Will it match empty Authorization headers?

If the header is present but empty, the filter still triggers because the header itself exists. Most clients simply omit the header instead of sending an empty value.

Can I scope it to a single host or path?

Yes. Combine it with hostFilter, pathFilter, or any other request scoped filter inside a FilterCollection block.

Learn more about Fluxzy rules

Rule file syntax reference Importing YAML rules into Fluxzy Desktop Using rule files with Fluxzy CLI
Browse all directives