Skip to content
CTRL K
    Docs Standalone Kubernetes Tutorials Standalone Kubernetes Models Blog Enterprise Community Get Started GitHub

    CEL reference

    The CEL expression context provides the following objects, which you can use in CEL expressions throughout agentgateway configuration.

    apiKey

    apiKey contains the claims from a verified API Key. This is only present if the API Key policy is enabled.

    FieldTypeDefaultDescription
    keystring

    backend

    backend contains information about the backend being used.

    FieldTypeDefaultDescription
    namestringThe name of the backend being used. For example, my-service or service/my-namespace/my-service:8080.
    protocolstringhttpThe protocol of backend.
    typestringunknownThe type of backend.

    basicAuth

    basicAuth contains the claims from a verified basic authentication Key. This is only present if the Basic authentication policy is enabled.

    FieldTypeDefaultDescription
    usernamestring

    env

    env contains selected process environment attributes exposed to CEL. This does NOT expose raw environment variables, but rather a subset of well-known variables.

    FieldTypeDefaultDescription
    gatewaystringThe Gateway we are running as (when running on Kubernetes)
    namespacestringThe namespace of the pod (when running on Kubernetes)
    podNamestringThe name of the pod (when running on Kubernetes)

    extauthz

    extauthz contains dynamic metadata from ext_authz filters

    extproc

    extproc contains dynamic metadata from ext_proc filters

    jwt

    jwt contains the claims from a verified JWT token. This is only present if the JWT policy is enabled.

    llm

    llm contains attributes about an LLM request or response. This is only present when using an ai backend.

    FieldTypeDefaultDescription
    cacheCreationInputTokensintegerTokens written to cache (costs) Not present with OpenAI
    cachedInputTokensintegerThe number of tokens in the input/prompt read from cache (savings)
    completionarrayThe completion from the LLM. Warning: accessing this has some performance impacts for large responses.
    countTokensintegerThe number of tokens in the request, when using the token counting endpoint These are not counted as ‘input tokens’ since they do not consume input tokens.
    inputAudioTokensintegerThe number of audio tokens in the input/prompt.
    inputImageTokensintegerThe number of image tokens in the input/prompt.
    inputTextTokensintegerThe number of text tokens in the input/prompt. Note: this field is only set in multi-modal calls where the total token count is split out by text/image/audio; for standard all-text calls, this is unset.
    inputTokensintegerThe number of tokens in the input/prompt.
    outputAudioTokensintegerThe number of audio tokens in the output/completion. Note: this field is only set in multi-modal calls where the total token count is split out by text/image/audio; for standard all-text calls, this is unset.
    outputImageTokensintegerThe number of image tokens in the output/completion.
    outputTextTokensintegerThe number of text tokens in the output/completion.
    outputTokensintegerThe number of tokens in the output/completion.
    paramsobjectThe parameters for the LLM request.
    promptarrayThe prompt sent to the LLM. Warning: accessing this has some performance impacts for large prompts.
    providerstringThe provider of the LLM.
    reasoningTokensintegerThe number of reasoning tokens in the output/completion.
    requestModelstringThe model requested for the LLM request. This may differ from the actual model used.
    responseModelstringThe model that actually served the LLM response.
    serviceTierstringThe service tier the provider served the request under.
    streamingbooleanWhether the LLM response is streamed.
    totalTokensintegerThe total number of tokens for the request.

    llmRequest

    llmRequest contains the raw LLM request before processing. This is only present during LLM policies; policies occurring after the LLM policy, such as logs, will not have this field present even for LLM requests.

    mcp

    mcp contains attributes about the MCP request. Request-time CEL only includes identity fields such as tool, prompt, or resource. Post-request CEL may also include fields like methodName, sessionId, and tool payloads.

    FieldTypeDefaultDescription
    methodNamestring
    promptobject
    resourceobject
    sessionIdstring
    toolobject

    metadata

    metadata contains values set by transformation metadata expressions.

    request

    request contains attributes about the incoming HTTP request

    FieldTypeDefaultDescription
    bodystringThe body of the request. Warning: accessing the body will cause the body to be buffered.
    endTimestringThe time the request completed
    headersobjectThe headers of the request.
    hoststringThe hostname of the request. For example, example.com.
    methodstringGETThe HTTP method of the request. For example, GET
    pathstringThe path of the request URI. For example, /path.
    pathAndQuerystring/The path and query of the request URI. For example, /path?foo=bar.
    schemestringThe scheme of the request. For example, https.
    startTimestringThe time the request started
    uristring/The complete URI of the request. For example, http://example.com/path.
    versionstringHTTP/1.1The version of the request. For example, HTTP/1.1.

    response

    response contains attributes about the HTTP response

    FieldTypeDefaultDescription
    bodystringThe body of the response. Warning: accessing the body will cause the body to be buffered.
    codeintegerThe HTTP status code of the response.
    headersobjectThe headers of the response.

    source

    source contains attributes about the source of the request.

    FieldTypeDefaultDescription
    addressstring0.0.0.0The IP address of the downstream connection.
    identityobjectThe (Istio SPIFFE) identity of the downstream connection, if available.
    issuerstringThe issuer from the downstream certificate, if available.
    portintegerThe port of the downstream connection.
    rawAddressstring0.0.0.0The original TCP peer IP address of the downstream connection. This can differ from the address when using tunneling protocols like PROXY.
    rawPortintegerThe original TCP peer port of the downstream connection. This can differ from the port when using tunneling protocols like PROXY.
    subjectstringThe subject from the downstream certificate, if available.
    subjectAltNamesarrayThe subject alt names from the downstream certificate, if available.
    subjectCnstringThe CN of the subject from the downstream certificate, if available.
    unverifiedWorkloadobjectThe workload context of the downstream connection, resolved from the workload discovery store by source IP. Available when the source pod is known to the controller’s workload discovery store. Fields are nested under unverified to signal that they are derived from the source IP (not cryptographically authenticated). Policy authors should prefer source.identity.* for trust-sensitive checks.
    Variables and functions
    Was this page helpful?
    Agentgateway assistant

    Ask me anything about agentgateway configuration, features, or usage.

    Note: AI-generated content might contain errors; please verify and test all returned information.

    Tip: one topic per conversation gives the best results. Use the + button in the chat header to start a new conversation.

    Switching topics? Starting a new conversation improves accuracy.
    ↑↓ navigate select esc dismiss

    What could be improved?

    Your feedback helps us improve assistant answers and identify docs gaps we should fix.

    Need more help? Join us on Discord: https://discord.gg/y9efgEmppm

    Want to use your own agent? Add the Solo MCP server to query our docs directly. Get started here: https://search.solo.io/.