You can upload a custom plug-in by releasing it on the Plug-in Marketplace page in the console. Only the current primary account or RAM users with AI Gateway permissions can view and use the uploaded plug-in. Uploaded plug-ins are enabled in the same way as built-in plug-ins.
Procedure
Log on to the AI Gateway console.
In the navigation pane on the left, choose Plug-in. In the top menu bar, select a region.
-
In the upper-right corner of the Plug-in page, click Publish Plug-in.
-
In the Publish Plug-in panel, configure the parameters for the plug-in, click Upload, and wait for the plug-in to be published. Publishing takes about 30 seconds.
Parameter
Description
Select Language
The programming language used to develop the plug-in.
Plug-in ID
The unique identifier of the plug-in.
Plug-in Name
The name of the plug-in.
Plug-in Description
A brief description of the plug-in. This description is displayed on the plug-in card.
Version Description
A description of the current plug-in version.
WASM File
The plug-in binary file compiled on your on-premises machine. The file name extension must be .wasm.
Execution Stage
Plug-ins are executed in the following stage order: Authorization > Authentication Phase > Statistics > Default phase. If your plug-in does not depend on the execution order of other plug-ins, select the default stage.
Execution Priority
The execution priority of the plug-in within the specified stage. A larger value indicates a higher priority. We recommend that you use a multiple of 10.
Adapt to Gateway Version
Select Any Version or Specified Version.
Any Version: The plug-in can be installed on gateways of any version.
Specified Version: The plug-in can be installed only on gateways of the specified version or later.
Plug-in and policy priority
The following plug-ins and policies are listed in descending order of priority.
|
Name |
Type |
Execution Stage |
Priority |
Remarks |
|
IP address blacklist and whitelist |
Policy |
RBAC Filter |
||
|
http-real-ip |
Plug-in |
Authentication Stage |
980 |
Traffic management plug-ins |
|
ModelRouter |
Plug-in |
Authentication Stage |
900 |
AI-API built-in |
|
ModelMapper |
Plug-in |
Authentication Stage |
800 |
AI-API built-in |
|
Canary release for frontend applications |
Plug-in |
Authentication Stage |
450 |
Transmission protocol plug-ins |
|
geo-ip |
Plug-in |
Authentication Stage |
440 |
Transmission protocol plug-ins |
|
DeGraphQL |
Plug-in |
Authentication Stage |
430 |
Transmission protocol plug-ins |
|
Browser cache control |
Plug-in |
Authentication Stage |
420 |
Transmission protocol plug-ins |
|
Request/response transform |
Plug-in |
Authentication Stage |
410 |
Transmission protocol plug-ins |
|
OAuth2 authentication |
Plug-in |
Authentication Stage |
350 |
Authentication and authorization plug-ins |
|
JWT authentication |
Plug-in |
Authentication Stage |
340 |
Authentication and authorization plug-ins |
|
HMAC authentication |
Plug-in |
Authentication Stage |
330 |
Authentication and authorization plug-ins |
|
Basic authentication |
Plug-in |
Authentication Stage |
320 |
Authentication and authorization plug-ins |
|
Key authentication |
Plug-in |
Authentication Stage |
310 |
Authentication and authorization plug-ins |
|
External authentication |
Plug-in |
Authentication Stage |
300 |
Authentication and authorization plug-ins |
|
OPA |
Plug-in |
Authentication Stage |
225 |
Authentication and authorization plug-ins |
|
Request verification |
Plug-in |
Authentication Stage |
220 |
Transmission protocol plug-ins |
|
IP restriction |
Plug-in |
Authentication Stage |
210 |
Security protection plug-ins |
|
JWT Logout |
Plug-in |
Authentication Stage |
50 |
Authentication and authorization plug-ins |
|
General response cache |
Plug-in |
Authentication Stage |
10 |
Transmission protocol plug-ins |
|
Cross-origin resource sharing |
Plug-in |
Authorization Stage |
340 |
Security protection plug-ins |
|
WAF |
Plug-in |
Authorization Stage |
330 |
Security protection plug-ins |
|
Request blocking |
Plug-in |
Authorization Stage |
320 |
Security protection plug-ins |
|
Bot blocking |
Plug-in |
Authorization Stage |
310 |
Security protection plug-ins |
|
ai-data-masking |
Plug-in |
Default Stage |
991 |
AI plug-ins |
|
ai-statistics |
Plug-in |
Default Stage |
990 |
AI plug-ins |
|
ai-security-guard |
Plug-in |
Default Stage |
850 |
AI plug-ins |
|
ai-cache |
Plug-in |
Default Stage |
800 |
AI plug-ins |
|
ai-quota |
Plug-in |
Default Stage |
750 |
AI plug-ins |
|
ai-intent |
Plug-in |
Default Stage |
700 |
AI plug-ins |
|
ai-history |
Plug-in |
Default Stage |
650 |
AI plug-ins |
|
ai-token-ratelimit |
Plug-in |
Default Stage |
600 |
AI plug-ins |
|
ai-prompt-template |
Plug-in |
Default Stage |
500 |
AI plug-ins |
|
ai-prompt-decorator |
Plug-in |
Default Stage |
450 |
AI plug-ins |
|
ai-network-search |
Plug-in |
Default Stage |
440 |
AI plug-ins |
|
ai-transformer |
Plug-in |
Default Stage |
410 |
AI plug-ins |
|
ai-rag |
Plug-in |
Default Stage |
405 |
AI plug-ins |
|
traffic-tag |
Plug-in |
Default Stage |
400 |
Traffic management plug-ins |
|
ai-json |
Plug-in |
Default Stage |
150 |
AI plug-ins |
|
ai-proxy |
Plug-in |
Default Stage |
110 |
AI plug-ins |
|
canary-header |
Plug-in |
Default Stage |
100 |
Traffic management plug-ins |
|
Key-based cluster rate limiting |
Plug-in |
Default Stage |
20 |
Traffic management plug-ins |
|
Key-based rate limiting |
Plug-in |
Default Stage |
10 |
Traffic management plug-ins |
|
Concurrency control/traffic shaping/circuit breaking |
Policy |
Sentinel Filter |
||
|
Timeout/retry/traffic replication/header modification/HTTP rewrite/cross-domain |
Policy |
Router Filter |
FAQ
What might cause a plug-in release to fail?
In most cases, a plug-in fails to be published because the .wasm file has an invalid binary format. For a demo of successfully loading a WASM file in a local environment, see Develop gateway plug-ins by using Go.