Managing your Routes
Manage routes in the Dashboard
Route filter conditions
PathInfoandfilePathuse PCRE regex, which means you'll need to use double backslash:\\/users\\/.+\\/cardsinstead of\/users\/.+\/cards.
Route Management is a feature of the VGS Dashboard which allows a user to configure Filters and exchange their secure data in flexible ways. VGS Route Management will enable you to:
Create new Routes (inbound/outbound)
See a list of existing routes
Manage routes
Use helpful features like IP allowlisting and Custom Hostnames
Create, edit and delete routes
Create a Route from dashboard
To configure a basic route:
Log into the VGS Dashboard.
Navigate to Routes on the left side menu bar.
In the Routes Manage panel, provide name for your route. This will help you to manage and quickly identify your routes going forward.
In the Routes Manage panel, provide your Upstream Host.
Next, start creating filters: adding condition or the condition group.
The last, choose storage value, alias format, and click Save.
The newly created route will appear on Routes list. Now, as you configured your route, go ahead and send a request and check it out on the Access Logger.
Alternative ways to create a Route
Edit a Route:
Locate the route to modify and click Manage button.
In the Manage panel, enter the changes you’d like to make.
Click Save.
Delete a Route:
Locate the route to modify and click Manage button.
In the Manage panel, navigate to the bottom of the page, and click Delete route.
Setting the filter trigger order
To reorder filters:
Locate the route to modify and click Manage button.
Navigate to Filters section.
Click Reorder buttom and set the filter order using drag-and-drop.
Click Done to save reordering.
Save the Route changes.
Duplicate a filter
Route filters could be duplicated (for example, when multiple fields need to be processed in a similar way). Use Copy button to duplicate a filter and setup the route faster.
IP allowlisting
IP allowlisting allows you to explicitly restrict access to specific IP addresses and/or CIDR notations for APIs. We highly recommend using this feature as an additional security protection. The feature is available for both Inbound and Outbound routes.
Enable IP allowlisting on a route:
Enter an IP or CIDR to match the IP address the request is made from. For example
172.16.254.1,2001:db8:0:1234:0:567:8:1,192.168.1.15/24. Multiple IP addresses could be added separated by commaClick return
Save the route
How to configure multiple Inbound Routes (using CNAME)
In order to be able to configure multiple Inbound Routes and/or use a branded hostname instead of the default VGS one you should set up Custom Hostnames.
Add a Custom Hostname on the dashboard:
Log in to the VGS dashboard.
Go to the Vault Settings > Custom Hostnames
Click Add
Enter the domain alias (CNAME domain). For example
payments.customdomain.comClick Save
The validation and deployment process completes in ~90 seconds. After adding the Custom Hostname, view the provisioning status under the Status column in the CNAMEs section. The provisioning takes up to 30 minutes. VGS defaults to auto-renewal of the TLS certificate.
If the provisioning was successful - you will see "Activate for SDKs" button. Verifying allows you to use this CNAME with VGS Collect/Show/Checkout products.
If the hostname is invalid:
Visit your DNS provider
Add a CNAME record for mydomain pointing to either
<VAULT_ID>.sandbox.verygoodproxy.com or<VAULT_ID>.live.verygoodproxy.com
If you’ve already done this, allow up to 24 hours for the changes to propagate. Once issued, certificates are valid for one (1) year, and renew automatically 30 days before expiration. Renewals require no action from your side.
Add a Custom Hostname to inbound route
To assign a custom hostname an inbound route:
Go to Routes › click Manage
Click on + icon on the Custom Hostnames section
Select custom hostname from the list or add a new CNAME
Save the route
More information about Custom hostnames.
If you have any questions, comments or feedback on this guide contact us on our site chat or at [email protected]
Common routes configurations
Route filters support different operation types and could be flexibly set for different kinds of data.
Query parameter redact/reveal
To redact or reveal a query parameter data use a regex and set uri as a target. Check if the request was processed correctly in the Access Logger
Note: pathinfo filter won't match the query parameters, that's why a RegExp is used.
Headers redact/reveal
To work with headers set headers["headername"] target and ^(.*)$ RegExp.
PDF redact/reveal
Route editor supports work with PDF documents: upload the document and select the area which need to be redacted or revealed. Document coordinates will appear below the document and will be saved in the route config to process the data.
Multiple fields redact/reveal
Multiple fields can be used in the same filter.
Redact a file through VGS HTTP proxy
You can redact any file through VGS HTTP proxy by sending this file in your request. For example to redact an image:
Convert an image into the base64 format.
Create JSON file with the base64 text of the image.
Create a new inbound route in VGS dashboard with default settings. Add the field from your file in JSON path in the filter section to redact this particular field.
Use this curl request in order to send an image to VGS proxy:
curl https://<VAULT_ID>.<ENVIRONMENT>.verygoodproxy.com/post \
-H "Content-type: application/json" \
-d @ABSOLUTE_PATH_TO_JSON_FILETo make sure request was sent successfully, monitor routes activity either with the logger widget (open by clicking
Show Logsbutton) or via the Access Logs page.
You can upload files up to 24MB in size. The Vault API supports files up to 32MB in size.
Payload and Header Transformations
If you need a more advanced capabilities see Larky Overview
Last updated