Skip to main content

Method Matcher

The Method matcher lets you create rules based on the HTTP method of incoming requests. Learn how to match GET, POST, PUT, DELETE, and other HTTP methods to control how different types of requests are handled.

Drago Crnjac avatar
Written by Drago Crnjac
Updated over a month ago

What is the Method Matcher?

The Method matcher allows you to create rules that match requests based on the HTTP method used. HTTP methods indicate the desired action to be performed on a resource, such as retrieving data (GET), submitting data (POST), or updating data (PUT/PATCH).

How Method Matcher Works

The Method matcher evaluates the HTTP method of the incoming request. Common HTTP methods include:

  • GET - Retrieve data from the server

  • POST - Submit data to the server

  • PUT - Update an existing resource

  • DELETE - Remove a resource

  • PATCH - Partially update a resource

  • OPTIONS - Get information about communication options

  • HEAD - Same as GET but without the response body

Available Operators

The Method matcher supports these comparison operators:

Operator

Description

Example

is

Exact method match

POST matches only POST requests

is_not

Method does not match exactly

POST matches any non-POST request

has_any_value

Any method (matches all requests)

Matches any HTTP method

is_unknown

No method (rarely used)

Matches requests without a method (rare/impossible in HTTP)

API Reference

When working with Rules through the API, Method matchers are represented in JSON format. This is the same structure used in the API endpoints for creating and updating rules.

{
  "type": "method",
  "value": "POST",
  "operator": "is"
}

In API requests, this matcher would be included in the matchers array of a rule object:

{
  "name": "API POST Handler",
  "active": true,
  "matchers": [
    {
      "type": "method",
      "value": "POST",
      "operator": "is"
    }
  ],
  "handlers": [
    // handlers would go here
  ]
}

For complete API documentation on rules, including how to create and update rules programmatically, refer to our API Documentation.

Configuration Examples

Example 1: Matching POST Requests

This matcher will match only POST requests:

In the UI:

In the API:

{
  "type": "method",
  "value": "POST",
  "operator": "is"
}

Example 2: Excluding DELETE Requests

This matcher will match any request that is not a DELETE:

In the UI:

In the API:

{
  "type": "method",
  "value": "DELETE",
  "operator": "is_not"
}

Common Use Cases

Here are some popular ways to use the Method matcher:

API Endpoint Protection

Restrict access to certain API operations:

  1. Create a rule with a Method matcher using is operator for sensitive methods (e.g., DELETE, PUT)

  2. Add handlers to verify authentication or return an error for unauthorized access

Form Submission Processing

Handle form submissions differently:

  1. Create a rule with a Method matcher using is operator for POST

  2. Add handlers to process the form data or redirect after submission

Read-Only Access

Implement read-only mode for certain users or sections:

  1. Create a rule with a Method matcher using is_not operator for GET

  2. Add a Static Response handler to return a "Read-only mode" message

Combining with Other Matchers

The Method matcher is especially powerful when combined with other matchers:

  • Method + Path: Match specific operations on specific resources (e.g., DELETE requests to /api/users/*)

  • Method + Header: Match operations with specific authentication or content types

  • Method + Query: Match operations with specific query parameters

Remember that when multiple matchers are used in a rule, ALL must match to apply the rule (AND logic).

Best Practices

  • Use the Method matcher to differentiate between read operations (GET) and write operations (POST, PUT, DELETE)

  • For API endpoints, always consider the HTTP method in your rules

  • Remember that browser form submissions typically use POST or GET

  • API clients may use a variety of methods including PUT, PATCH, and DELETE

  • Most web page navigation uses GET requests

  • The has_any_value operator is useful when you want a rule to apply regardless of method

Troubleshooting

If your Method matcher isn't working as expected:

  1. Check for exact spelling and case matching (e.g., "GET" not "get")

  2. Verify that you've chosen the correct operator

  3. Confirm the actual method used in requests with browser developer tools or server logs

  4. Be aware that some HTTP clients or frameworks might use different methods than expected

The Method matcher provides a simple but powerful way to target specific types of requests based on their intended operation. By leveraging HTTP methods in your rules, you can implement sophisticated request handling patterns for your domains.

Until next time, keep building!

Need more help? Reach out via the Intercom chat widget and we'll be right with you!

Did this answer your question?