Skip to main content

Documentation Index

Fetch the complete documentation index at: https://rokad-89d31590.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

How Dhal works

Dhal follows a small, deterministic request pipeline. 
Incoming request
  → Adapter
  → Normalized DhalRequest
  → Rule engine
  → Policy layer
  → Decision
  → Telemetry and signals

Adapter

Adapters convert framework-native objects into Dhal’s normalized request shape. Supported adapters:
  • @rokadhq/dhal/express
  • @rokadhq/dhal/fastify
  • @rokadhq/dhal/node-http

Normalized request

Dhal normalizes:
  • method;
  • URL and path;
  • headers;
  • IP address;
  • route where available;
  • body or raw body when available;
  • identity keys such as user ID, tenant ID, and API key ID.

Rule engine

The rule engine evaluates deterministic controls:
  • IP allow/block lists;
  • CIDR matching;
  • IP reputation;
  • rate limits;
  • request size;
  • SQLi/XSS/path traversal/SSRF/RCE/SSTI signatures;
  • header anomalies;
  • JSON API positive-security model;
  • bot scoring;
  • credential-stuffing signals;
  • honeypot canaries.

Policy layer

The policy layer decides how matches behave:
  • severity;
  • suppressions;
  • sampling;
  • audit explanations;
  • route-level mode overrides;
  • monitor/block/strict posture.

Decision

A decision is one of:
DecisionMeaning
allowContinue to the app handler
blockStop the request and return configured block response
would-blockMonitor-mode block candidate

Telemetry

Dhal can emit:
  • structured logs;
  • security events;
  • OpenTelemetry signals;
  • signed webhook alerts;
  • support reports;
  • rule catalog output.