loading

Application Security API v1

Manage the Web Application Firewall (WAF) configuration for your Akamai security products.

Learn more:


Overview

The Application Security API allows you to access and modify your Security Configurations for Kona Site Defender and Client Reputation. You can create, update, activate, and export versions of a security configuration. You can get selectable hostnames and add them to the selected list to protect your website or API content. You also can add, modify, or delete custom rules and assign policy actions.

A Web Application Firewall (WAF) is an application security measure deployed between a web client and a web server that performs a deep inspection of every request and response for all common forms of web traffic. Identifying and isolating or blocking abnormal malicious traffic, a WAF effectively prevents threats from reaching the server.

All Custom Rule APIs and resources are in Beta.

Who should use this API

This API is for security operations teams and developers who implement Akamai security products for their organization. You need to have a working knowledge of your application and how the configurable objects interact. If you’re not familiar with these topics, see Resources for more information.

Get started

Before using the Application Security API for the first time:

  • Review Get Started with APIs for details on how to set up client tokens to access any Akamai API. These tokens appear as custom hostnames that look like this: https://akzz-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX.luna.akamaiapis.net.

  • To enable this API, choose the API service named Application Security, and set the access level to READ-WRITE.

API concepts

To understand this API’s various URL resources and the data it exchanges, get familiar with these concepts:

  • Configuration: A security configuration specifies hostnames, security policies, custom rules, and match targets. You activate a security configuration to Akamai’s edge servers, where it works with your delivery configuration to evaluate requests, and determines how to handle them.

    Security configurations are versioned. This is a handy way to update a configuration, even if it’s active on staging or production. Clone a version and edit it. When it’s ready, activate and test the new version. As you refine and test your updates, you have an audit trail of changes and can rollback to prior versions. You can also export the details of a configuration version.

  • Hostnames: Selecting a hostname lets you specify the web content you want to protect in your configuration. You can get a list of selectable hostnames and add new entries to the selected hostnames object in your configuration.

    You can associate a security configuration with many hostnames, but a single hostname is covered by only one active security configuration at a time.

  • Security Policy: Security policies control how to respond to different requests and define the response action that occurs. If necessary, you can create more than one security policy. For example, you may need to apply one set of protections to website pages and a different set to APIs.

  • Custom Rule: Custom rules can handle scenarios not covered by the included standard rules and quickly patch new website vulnerabilities. You can trigger an alert or denial based on various components of the request, such as method, path, file extension, headers, cookies,query string, and POST body variables. Custom rules are configuration-level resources, which means they’re available to all policies in a security configuration, but they don’t version in lock-step. When you change a custom rule, it affects all inactive versions of your security configuration, but not activated ones. To roll back, you must choose a previously activated version.

  • Match Target: Defines which security policy applies to which API, hostname, or path. You can use a match target to focus a policy on a specific set of requests, such as those for .asp, .jsp, or .php file types. When your security configuration assesses a request, it checks to see if the request meets match target criteria. If it does, protections apply. If not, content delivery starts.

API workflows

Learn this API’s common workflows. These include adding a hostname to a configuration version, adding a custom rule to a configuration version, exporting a configuration version, and activating configuration versions with invalid hostnames.

These steps show you how to modify a configuration, provide additional hostnames, and activate the new configuration version.

  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Run Get configuration version details to get a Configuration object.

  4. You cannot edit the configuration version if it’s ACTIVE on staging or production servers. To create a new version, craft a ConfigurationClone object and make a POST request to /appsec/v1/configs/{configId}/versions.

  5. Run List selectable hostnames to get a list of Set objects containing hostname information.

  6. List selected hostnames to get a SelectedHostnames object.

  7. Modify the SelectedHostnames object.

  8. Make a PUT request to /appsec/v1/configs/{configId}/versions/{versionNumber}/selected-hostnames.

  9. Run List security policies and select a policyId.

  10. Run Create a match target to create a new MatchTarget object. Note the targetId in the response.

  11. Run Get a match target

  12. Modify the MatchTarget object.

  13. Make a PUT request to /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/{targetId}.

  14. Run List match targets.

  15. Craft a MatchTargetOrder object using the targetIds.

  16. Make a PUT request to /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/sequence.

  17. Create an Activation object.

  18. Make a POST request to /appsec/v1/activations to activate the configuration version.

  19. Run Get activation status to check the activation status. The response is an Activation object.

These steps show you how to modify a configuration, add a new custom rule, and activate the new configuration version.

  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Run Get configuration version details to get a Configuration object.

  4. You cannot edit the configuration version if it’s ACTIVE on staging or production servers. To create a new version, craft a ConfigurationClone object and make a POST request to /appsec/v1/configs/{configId}/versions.

  5. Run Create a custom rule to create a new CustomRule object. Note the ruleId in the response.

  6. Run Get a custom rule.

  7. Modify the CustomRule object.

  8. Make a PUT request to /appsec/v1/configs/{configId}/custom-rules/{ruleId}.

  9. Run List security policies and select a policyId.

  10. Make a PUT request with a single-member object containing the specified action to /appsec/v1/configs/{configId}/versions/1/security-policies/{policyId}/custom-rules/{ruleId}.

  11. Create an Activation object.

  12. Make a POST request to /appsec/v1/activations to activate the configuration version.

  13. Run Get activation status to check the activation status. The response is an Activation object.

These steps show you how to get and export an existing configuration version.

  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Make a GET request to /appsec/v1/export/configs/{configId}/versions/{versionNumber}.

These steps show you how to activate security configurations that contain invalid hostnames. A hostname may be invalid for different reasons. For example, it may not be linked to an Akamai property, or it may be managed under a contract and group not associated with the security configuration. You can activate several security configurations with invalid hostnames at the same time.

  1. Run the List selectable hostnames operation.

  2. Copy and store the hostname values from the errorSet array.

  3. Run the Activate a configuration version operation and enter the invalid hostnames along with the IDs of security configuration that include them in the acknowledgedInvalidHostsByConfig array.

Note that you can still use the acknowledgedInvalidHosts array when activating a single security configuration.

Resources

This section provides details on each API operation.

API summary

Download the RAML descriptors for this API.

Operation Method Endpoint
Security Configurations  
List configurations GET /appsec/v1/configs
Security Configuration Versions  
List configuration versions GET /appsec/v1/configs/{configId}/versions{?page,pageSize,detail}
Clone a configuration version POST /appsec/v1/configs/{configId}/versions
Security Configuration Version  
Get configuration version details GET /appsec/v1/configs/{configId}/versions/{versionNumber}
Security Configuration Version Export  
Export a configuration version GET /appsec/v1/export/configs/{configId}/versions/{versionNumber}
Hostnames  
List selectable hostnames GET /appsec/v1/configs/{configId}/versions/{versionNumber}/selectable-hostnames
List selected hostnames GET /appsec/v1/configs/{configId}/versions/{versionNumber}/selected-hostnames
Modify selected hostnames PUT /appsec/v1/configs/{configId}/versions/{versionNumber}/selected-hostnames
Security Policies  
List security policies GET /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies{?notMatched,detail}
Clone a security policy POST /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies
Match Targets  
List match targets GET /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets{?policyId,includeChildObjectName}
Create a match target POST /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets
Modify match target order PUT /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/sequence
Get a match target GET /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/{targetId}{?includeChildObjectName}
Modify a match target PUT /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/{targetId}
Remove a match target DELETE /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/{targetId}
Custom Rules Builder  
List custom rules GET /appsec/v1/configs/{configId}/custom-rules
Create a custom rule POST /appsec/v1/configs/{configId}/custom-rules
Get a custom rule GET /appsec/v1/configs/{configId}/custom-rules/{ruleId}
Modify a custom rule PUT /appsec/v1/configs/{configId}/custom-rules/{ruleId}
Remove a custom rule DELETE /appsec/v1/configs/{configId}/custom-rules/{ruleId}
Custom Rules Actions  
List custom rule actions GET /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/custom-rules
Modify a custom rule action PUT /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/custom-rules/{ruleId}
Security Config Activation  
Activate a configuration version POST /appsec/v1/activations
Get an activation request status GET /appsec/v1/activations/status/{statusId}
Get activation status GET /appsec/v1/activations/{activationId}

List configurations

Lists available security configurations.

GET /appsec/v1/configs

Status 200 application/json

Object type: Configuration

Download schema: configListing.json

Response body:

{
    "configurations": [
        {
            "id": 22330,
            "latestVersion": 5,
            "name": "CaroTestTransition2Versioning",
            "description": "(user notes)"
        },
        {
            "id": 7180,
            "latestVersion": 9,
            "name": "Corporate Sites WAF",
            "productionVersion": 1,
            "stagingVersion": 2,
            "productionHostnames": [
                "example.com",
                "www.example.net",
                "m.example.com"
            ]
        }
    ]
}

List configuration versions

Lists available versions for the specified security configuration, with results optionally paginated.

GET /appsec/v1/configs/{configId}/versions{?page,pageSize,detail}

Sample: /appsec/v1/configs/8277/versions?page=1&pageSize=10&detail=false

Parameter Type Sample Description
URL path parameters
configId Integer 8277 A unique identifier for each configuration.
Optional query parameters
detail Boolean false When true, the results contain detailed information on versions. When false, the results contain summary information on versions.
page Integer 1 The index of the result page. If the value is -1, then pagination is ignored. The default value is 1.
pageSize Integer 10 The number of items on each result page. The default value is 25.

Status 200 application/json

Object type: VersionList

Download schema: wafConfigVersionListDto.json

Response body:

{
    "totalSize": 3,
    "pageSize": 3,
    "page": 1,
    "configId": 8277,
    "configName": "TestConfig",
    "stagingExpediteRequestId": 5861,
    "productionExpediteRequestId": 6951,
    "productionActiveVersion": 9,
    "stagingActiveVersion": 8,
    "lastCreatedVersion": 9,
    "versionList": [
        {
            "version": 9,
            "versionNotes": "Membership Benefits",
            "createDate": "2013-10-07T17:58:52Z",
            "createdBy": "user1",
            "basedOn": 8,
            "production": {
                "status": "Active",
                "time": "2014-07-08T07:40:00Z"
            },
            "staging": {
                "status": "Inactive"
            }
        },
        {
            "version": 8,
            "versionNotes": "Membership Benefits",
            "createDate": "2013-10-07T17:41:52Z",
            "createdBy": "user2",
            "basedOn": 7,
            "production": {
                "status": "Inactive"
            },
            "staging": {
                "status": "Active",
                "time": "2014-07-08T07:40:00Z"
            }
        },
        {
            "version": 7,
            "versionNotes": "Membership Benefits",
            "createDate": "2013-08-07T17:41:52Z",
            "createdBy": "user3",
            "production": {
                "status": "Inactive"
            },
            "staging": {
                "status": "Inactive"
            }
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Optionally, set the pageSize and page query parameters to control the size of each page, and navigate to specific pages of results.

  3. Optionally, enable the detail query parameter for detailed information on the items returned.

  4. Make a GET request to /appsec/v1/configs/{configId}/versions{?page,pageSize,detail}.

Clone a configuration version

Creates a new version of the specified security configuration.

POST /appsec/v1/configs/{configId}/versions

Sample: /appsec/v1/configs/8277/versions

Content-Type: application/json

Object type: ConfigurationClone

Download schema: configCloneCreate.json

Request body:

{
    "createFromVersion": 1,
    "ruleUpdate": false
}
Parameter Type Sample Description
URL path parameters
configId Integer 8277 A unique identifier for each configuration.

Status 200 application/json

Object type: Version

Download schema: wafConfigVersionDto.json

Response body:

{
    "configId": 8277,
    "configName": "TestConfig",
    "version": 2,
    "versionNotes": "Membership Benefits",
    "createDate": "2013-10-07T17:58:52Z",
    "createdBy": "user1",
    "basedOn": 1,
    "production": {
        "status": "Active",
        "time": "2014-07-08T07:40:00Z"
    },
    "staging": {
        "status": "Inactive"
    }
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Create a ConfigurationClone object.

  4. Make a POST request to /appsec/v1/configs/{configId}/versions.

The response reflects the new Configuration object.

Get configuration version details

Returns basic details about a configuration version. To get a more extensive object with detailed information about a version’s security policies, rate policies, rules, and other additional settings, run the Export a configuration version operation.

GET /appsec/v1/configs/{configId}/versions/{versionNumber}

Sample: /appsec/v1/configs/8277/versions/2

Parameter Type Sample Description
URL path parameters
configId Integer 8277 A unique identifier for each configuration.
versionNumber Integer 2 A unique identifier for each version of a configuration.

Status 200 application/json

Object type: Version

Download schema: wafConfigVersionDto.json

Response body:

{
    "configId": 8277,
    "configName": "TestConfig",
    "version": 2,
    "versionNotes": "Membership Benefits",
    "createDate": "2013-10-07T17:58:52Z",
    "createdBy": "user1",
    "basedOn": 1,
    "production": {
        "status": "Active",
        "time": "2014-07-08T07:40:00Z"
    },
    "staging": {
        "status": "Inactive"
    }
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Make a GET request to /appsec/v1/configs/{configId}/versions/{versionNumber}.

The response is a Configuration object.

Export a configuration version

Returns comprehensive details about a security configuration version. This operation returns more data than Get configuration version details, including rate and security policies, rules, hostnames, and numerous additional settings.

GET /appsec/v1/export/configs/{configId}/versions/{versionNumber}

Sample: /appsec/v1/export/configs/8277/versions/2

Parameter Type Sample Description
URL path parameters
configId Integer 8277 A unique identifier for each configuration.
versionNumber Integer 2 A unique identifier for each version of a configuration.

Status 200 application/json

Object type: Export

Download schema: export.json

Response body:

{
    "configId": 8277,
    "configName": "New Security Config",
    "version": 2,
    "basedOn": 1,
    "createDate": "2017-09-08T22:24:41Z",
    "createdBy": "disharma",
    "selectableHosts": [
        "www.example1.com",
        "www.example2.com"
    ],
    "selectedHosts": [
        "www.example3.com",
        "www.example4.com"
    ],
    "staging": {
        "status": "Inactive"
    },
    "production": {
        "status": "Inactive"
    },
    "matchTargets": {
        "websiteTargets": [
            {
                "type": "website",
                "defaultFile": "NO_MATCH",
                "id": 1362593,
                "isNegativeFileExtensionMatch": false,
                "isNegativePathMatch": false,
                "sequence": 1,
                "fileExtensions": [
                    "jpg"
                ],
                "filePaths": [
                    "/path"
                ],
                "effectiveSecurityControls": {
                    "applyApplicationLayerControls": true,
                    "applyApiConstraints": true,
                    "applyNetworkLayerControls": false,
                    "applyRateControls": true,
                    "applyReputationControls": false,
                    "applySlowPostControls": false
                },
                "securityPolicy": {
                    "policyId": "qik3_38800"
                },
                "bypassNetworkLists": [
                    {
                        "id": "11212_BYPASSURR",
                        "name": "bypass-URR"
                    }
                ]
            },
            {
                "type": "website",
                "defaultFile": "NO_MATCH",
                "id": 1362594,
                "isNegativeFileExtensionMatch": false,
                "isNegativePathMatch": false,
                "sequence": 2,
                "filePaths": [
                    "/images",
                    "/image1",
                    "/path"
                ],
                "hostnames": [
                    "b2c.div1.akamaniac.com"
                ],
                "effectiveSecurityControls": {
                    "applyApplicationLayerControls": true,
                    "applyApiConstraints": true,
                    "applyNetworkLayerControls": true,
                    "applyRateControls": true,
                    "applyReputationControls": true,
                    "applySlowPostControls": false
                },
                "securityPolicy": {
                    "policyId": "qik2_38799"
                }
            }
        ],
        "apiTargets": [
            {
                "type": "api",
                "id": 1362597,
                "sequence": 6,
                "effectiveSecurityControls": {
                    "applyApplicationLayerControls": false,
                    "applyApiConstraints": false,
                    "applyNetworkLayerControls": false,
                    "applyRateControls": true,
                    "applyReputationControls": false,
                    "applySlowPostControls": false
                },
                "securityPolicy": {
                    "policyId": "99e_47293"
                },
                "apis": [
                    {
                        "id": 1041,
                        "name": "hmm test"
                    }
                ],
                "bypassNetworkLists": [
                    {
                        "id": "1024_AMAZONELASTICCOMPUTECLOU",
                        "name": "Ec2 Akamai Network List"
                    },
                    {
                        "id": "1283_MICROSOFTWINDOWSAZUREDAT",
                        "name": "Azure IP range cloud services"
                    }
                ]
            },
            {
                "type": "api",
                "id": 1362598,
                "sequence": 7,
                "effectiveSecurityControls": {
                    "applyApplicationLayerControls": false,
                    "applyApiConstraints": true,
                    "applyNetworkLayerControls": true,
                    "applyRateControls": false,
                    "applyReputationControls": true,
                    "applySlowPostControls": false
                },
                "securityPolicy": {
                    "policyId": "4444_44572"
                },
                "apis": [
                    {
                        "id": 1001,
                        "name": "1001"
                    },
                    {
                        "id": 1041,
                        "name": "hmm test"
                    }
                ],
                "bypassNetworkLists": [
                    {
                        "id": "11212_BYPASSURR",
                        "name": "bypass-URR"
                    }
                ]
            }
        ]
    },
    "siem": {
        "configId": 17027,
        "configVersion": 22,
        "enableForAllPolicies": false,
        "enableSiem": true,
        "enabledBotmanSiemEvents": false,
        "siemDefinitionId": 1,
        "firewallPolicyIds": [
            "qik2_38799",
            "4444_44572",
            "teet_39295",
            "ds22_48583"
        ]
    },
    "advancedOptions": {
        "logging": {
            "allowSampling": true,
            "cookies": {
                "type": "exclude",
                "values": [
                    "_updated_By_SoapUI",
                    "w",
                    "NEW_VAL_ADDED_BY_SoapUI"
                ]
            },
            "customHeaders": {
                "type": "only",
                "values": [
                    "112",
                    "sdasd",
                    "ds"
                ]
            },
            "standardHeaders": {
                "type": "only"
            }
        },
        "prefetch": {
            "allExtensions": false,
            "enableAppLayer": true,
            "enableRateControls": false,
            "extensions": [
                "cgi",
                "jsp",
                "EMPTY_STRING",
                "aspx",
                "php",
                "py",
                "asp"
            ]
        }
    },
    "errorHosts": [
        {
            "reasonCode": 400,
            "hostname": "bankoflaverty.com",
            "reason": "property is not active in either production or staging"
        },
        {
            "reasonCode": 403,
            "hostname": "culledentropy.com",
            "reason": "You don't have access to this property"
        }
    ],
    "ratePolicies": [
        {
            "allTraffic": false,
            "averageThreshold": 3,
            "burstThreshold": 2,
            "clientIdentifier": "",
            "createDate": "2017-09-08T22:24:42Z",
            "id": 672601,
            "matchType": "path",
            "name": "dsafsfdsf",
            "pathMatchType": "RequestDisabled",
            "pathUriPositiveMatch": true,
            "requestType": "ClientRequest",
            "sameActionOnIpv6": true,
            "type": "BOTMAN",
            "updateDate": "2017-09-08T22:24:42Z",
            "useXForwardForHeaders": false,
            "used": false,
            "queryParameters": [
                {
                    "name": "dasdasdasd*",
                    "positiveMatch": true,
                    "valueInRange": false,
                    "values": [
                        "dasdasdas8*&^"
                    ]
                }
            ]
        },
        {
            "allTraffic": false,
            "averageThreshold": 1000,
            "burstThreshold": 10,
            "clientIdentifier": "ip",
            "createDate": "2017-09-08T22:24:42Z",
            "description": "These Shared Resources will be available to all policies within the Security Configuration",
            "id": 672607,
            "matchType": "path",
            "name": "These Shared Resources will be available to all policies within the Security Configuration",
            "pathMatchType": "Custom",
            "pathUriPositiveMatch": true,
            "requestType": "ClientRequest",
            "sameActionOnIpv6": true,
            "type": "WAF",
            "updateDate": "2017-09-08T22:24:42Z",
            "useXForwardForHeaders": false,
            "used": true,
            "additionalMatchOptions": [
                {
                    "positiveMatch": true,
                    "type": "NetworkListCondition",
                    "values": [
                        "25620_REPUTATIONWHITELIST174",
                        "11212_BYPASSURR"
                    ]
                },
                {
                    "positiveMatch": true,
                    "type": "RequestMethodCondition",
                    "values": [
                        "GET",
                        "HTTP_DELETE"
                    ]
                },
                {
                    "positiveMatch": true,
                    "type": "UserAgentCondition",
                    "values": [
                        "MOZILLA",
                        "Googlebot"
                    ]
                },
                {
                    "positiveMatch": true,
                    "type": "RequestMethodCondition",
                    "values": [
                        "GET",
                        "POST",
                        "HEAD"
                    ]
                },
                {
                    "positiveMatch": true,
                    "type": "ResponseStatusCondition",
                    "values": [
                        "400",
                        "401",
                        "402",
                        "403",
                        "404",
                        "405",
                        "406",
                        "407",
                        "408",
                        "409",
                        "410",
                        "500",
                        "501",
                        "502",
                        "503",
                        "504"
                    ]
                }
            ],
            "queryParameters": [
                {
                    "name": "param1",
                    "positiveMatch": false,
                    "valueInRange": true,
                    "values": [
                        "value1"
                    ]
                }
            ]
        }
    ],
    "reputationProfiles": [
        {
            "context": "SCANTL",
            "contextReadable": "Scanning Tools",
            "enabled": true,
            "id": 210588,
            "name": "Scanning Tools (Low Threat)",
            "threshold": 5
        },
        {
            "context": "WEBATCK",
            "contextReadable": "Web Attackers",
            "enabled": false,
            "id": 210578,
            "name": "Web Attackers (Low Threat)",
            "threshold": 5,
            "condition": {
                "canDelete": false,
                "configVersionId": 152889,
                "id": 88112456,
                "name": "Cloned of 87956156 for version 152889",
                "positiveMatch": true,
                "uuid": "SEC_COND_88112456",
                "version": 1504909482545,
                "atomicConditions": [
                    {
                        "className": "RequestHeaderCondition",
                        "index": 1,
                        "nameWildcard": false,
                        "positiveMatch": true,
                        "valueCase": false,
                        "valueWildcard": false,
                        "name": [
                            "test*"
                        ],
                        "value": [
                            "test*"
                        ]
                    },
                    {
                        "className": "RequestHeaderCondition",
                        "index": 2,
                        "nameWildcard": true,
                        "positiveMatch": true,
                        "valueCase": false,
                        "valueWildcard": true,
                        "name": [
                            "Head",
                            "Header"
                        ],
                        "value": [
                            "Header value"
                        ]
                    },
                    {
                        "checkIps": "connecting",
                        "className": "NetworkListCondition",
                        "index": 3,
                        "positiveMatch": true,
                        "value": [
                            "14121_IMAGEMANAGERSERVERS"
                        ]
                    },
                    {
                        "className": "RequestCookieCondition",
                        "index": 4,
                        "name": "cookieName",
                        "nameCase": false,
                        "nameWildcard": true,
                        "positiveMatch": true,
                        "valueCase": false,
                        "valueWildcard": true,
                        "value": [
                            "cookieValue"
                        ]
                    },
                    {
                        "checkIps": "connecting",
                        "className": "AsNumberCondition",
                        "index": 5,
                        "positiveMatch": true,
                        "value": [
                            "5"
                        ]
                    }
                ]
            }
        }
    ],
    "customRules": [
        {
            "configId": 17027,
            "id": 667828,
            "name": "UXR-715 RE2 Second Test with Flags",
            "ruleActivated": false,
            "structured": true,
            "version": 1,
            "tag": [
                "tagfor",
                "17.2"
            ],
            "conditions": [
                {
                    "type": "requestMethodMatch",
                    "positiveMatch": true,
                    "value": [
                        "GET"
                    ]
                }
            ]
        },
        {
            "configId": 17027,
            "description": "Test CR",
            "id": 600001,
            "name": "Test CR",
            "ruleActivated": false,
            "structured": true,
            "version": 1,
            "tag": [
                "Test",
                "Tag"
            ],
            "conditions": [
                {
                    "type": "extensionMatch",
                    "positiveMatch": true,
                    "valueCase": true,
                    "valueWildcard": false,
                    "value": [
                        "fdf"
                    ]
                }
            ]
        },
        {
            "configId": 17027,
            "description": "Test CR",
            "id": 600006,
            "name": "Test CR",
            "ruleActivated": false,
            "structured": true,
            "version": 1,
            "tag": [
                "k"
            ],
            "conditions": [
                {
                    "type": "cookieMatch",
                    "name": "kids",
                    "nameCase": true,
                    "nameWildcard": false,
                    "positiveMatch": true,
                    "valueCase": true,
                    "valueWildcard": true,
                    "value": [
                        "dsds",
                        "dasdqw",
                        "dsa",
                        "dqwd",
                        "csqw"
                    ]
                }
            ]
        },
        {
            "configId": 17027,
            "id": 606713,
            "name": "Test",
            "ruleActivated": false,
            "structured": true,
            "version": 1,
            "tag": [
                "adsa"
            ],
            "conditions": [
                {
                    "type": "pathMatch",
                    "positiveMatch": true,
                    "value": [
                        "/login"
                    ]
                }
            ]
        },
        {
            "configId": 17027,
            "description": "Test CR",
            "id": 690265,
            "name": "Test CR2",
            "ruleActivated": false,
            "structured": true,
            "version": 1,
            "tag": [
                "ee"
            ],
            "conditions": [
                {
                    "type": "argsPostMatch",
                    "name": "fvfv",
                    "positiveMatch": true,
                    "value": [
                        "fgbr"
                    ]
                },
                {
                    "type": "requestHeaderMatch",
                    "nameWildcard": true,
                    "positiveMatch": true,
                    "valueCase": false,
                    "valueWildcard": true,
                    "name": [
                        "test"
                    ],
                    "value": [
                        "test1"
                    ]
                }
            ]
        },
        {
            "configId": 17027,
            "id": 667825,
            "inspectRequest": false,
            "inspectResponse": false,
            "metadata": "<match:variable name=\"MY_SAMPLE_THREAT_DETECTED\" result=\"true\" value=\"execute rule\">\n<match:regex impl=\"re2\" regex=\"^\\d+$\" result=\"false\" select=\"REQUEST_HEADERS:Content-Length\" strict-err-check-re2=\"on\" transform=\"urlDecodeUni\">\n<security:firewall.action>\n<msg>UXR-715 CRB Metadata testing</msg>\n<tag>CUSTOM/TEST</tag>\n<id>667825</id>\n<deny>%(WAF_CUSTOM_R667825_DENY)</deny>\n<data>threat indicated from data %(MY_SAMPLE_THREAT_DETECTED)</data>\n<http-status>403</http-status>\n</security:firewall.action>\n</match:regex>\n</match:variable>\n",
            "name": "UXR-715 RE27890",
            "ruleActivated": false,
            "structured": false,
            "version": 1
        }
    ],
    "rulesets": [
        {
            "id": 41,
            "rulesetVersionId": 327550,
            "type": "Kona",
            "releaseDate": "2017-04-21T16:00:38Z",
            "attackGroups": [
                {
                    "group": "DDOS",
                    "groupName": "Anomaly Score Exceeded for DDoS",
                    "threshold": 5
                },
                {
                    "group": "IN",
                    "groupName": "Anomaly Score Exceeded for Inbound",
                    "threshold": 30
                },
                {
                    "group": "SQL",
                    "groupName": "Anomaly Score Exceeded for SQL Injection",
                    "threshold": 19
                },
                {
                    "group": "TROJAN",
                    "groupName": "Anomaly Score Exceeded for Trojan",
                    "threshold": 4
                },
                {
                    "group": "XSS",
                    "groupName": "Anomaly Score Exceeded for Cross-Site Scripting",
                    "threshold": 9
                }
            ],
            "rules": [
                {
                    "id": 699989,
                    "inspectRequestBody": false,
                    "inspectResponseBody": false,
                    "ruleVersion": 1,
                    "score": 5,
                    "tag": "<AKAMAI/PRAGMA_DEFLECTION>",
                    "title": "Akamai-X debug Pragma header detected and removed"
                },
                {
                    "id": 699990,
                    "inspectRequestBody": false,
                    "inspectResponseBody": false,
                    "ruleVersion": 1,
                    "score": 5,
                    "tag": "<AKAMAI/EDGESCAPE_ANONYMOUS_PROXY_v1>",
                    "title": "Detected request from anonymous proxy"
                },
                {
                    "id": 981252,
                    "inspectRequestBody": true,
                    "inspectResponseBody": false,
                    "ruleVersion": 4,
                    "score": 5,
                    "tag": "<OWASP_CRS/WEB_ATTACK/SQL_INJECTION>",
                    "title": "MySQL Charset Switch and MSSQL DoS Attempts",
                    "attackGroups": [
                        "SQL",
                        "IN"
                    ]
                },
                {
                    "id": 3000060,
                    "inspectRequestBody": true,
                    "inspectResponseBody": false,
                    "ruleVersion": 2,
                    "score": 1000,
                    "tag": "<AKAMAI/AUTOMATION/MALICIOUS>",
                    "title": "Mirai / Kaiten DDoS Detection - HTTP Attacks",
                    "attackGroups": [
                        "IN",
                        "DDOS"
                    ]
                },
                {
                    "id": 3000061,
                    "inspectRequestBody": true,
                    "inspectResponseBody": false,
                    "ruleVersion": 1,
                    "score": 5,
                    "tag": "<AKAMAI/WEB_ATTACK/XSS>",
                    "title": "Referer Header From OpenBugBounty Website - Potential XSS",
                    "attackGroups": [
                        "XSS",
                        "IN"
                    ]
                }
            ]
        }
    ],
    "securityPolicies": [
        {
            "id": "qik2_38799",
            "name": "Generated Quick Policy - 4/10/17 7:13:18 PM GMT",
            "hasRatePolicyWithApiKey": false,
            "networkLayerControls": {
                "block": "blockSpecificIPGeo",
                "geoControls": {
                    "blockedIPNetworkLists": {
                        "additional": [
                            "AF",
                            "AS"
                        ],
                        "networkList": [
                            "4389_BLANKLIST"
                        ]
                    }
                },
                "slowPost": {
                    "action": "alert",
                    "durationThreshold": {
                        "timeout": 5
                    },
                    "slowRateThreshold": {
                        "rate": 10,
                        "period": 60
                    }
                },
                "ipControls": {
                    "allowedIPNetworkLists": {
                        "additional": [
                            "2.2.2.2"
                        ],
                        "networkList": [
                            "12801_25000",
                            "19440_1671"
                        ]
                    },
                    "blockedIPNetworkLists": {
                        "additional": [
                            "1.1.1.1"
                        ],
                        "networkList": [
                            "16656_CPISERVERS",
                            "18460_166RELEASETESTING"
                        ]
                    }
                }
            },
            "ruleActions": [
                {
                    "action": "alert",
                    "id": 960912,
                    "rulesetVersionId": 327550
                },
                {
                    "action": "alert",
                    "id": 960035,
                    "rulesetVersionId": 327550
                },
                {
                    "action": "alert",
                    "id": 981300,
                    "rulesetVersionId": 327550
                },
                {
                    "action": "deny",
                    "id": 3000001,
                    "rulesetVersionId": 327550
                },
                {
                    "action": "alert",
                    "id": 970903,
                    "rulesetVersionId": 327550,
                    "exception": {
                        "values": [
                            "test",
                            "sdfasf"
                        ],
                        "selectors": [
                            {
                                "type": "GENERIC",
                                "selector": "REQUEST_COOKIES"
                            },
                            {
                                "type": "EXACT",
                                "name": "cccx",
                                "selector": "XML_PAIRS",
                                "value": "vvv"
                            },
                            {
                                "type": "GENERIC",
                                "selector": "REQUEST_COOKIES"
                            },
                            {
                                "type": "GENERIC",
                                "selector": "ARGS"
                            }
                        ]
                    },
                    "conditions": [
                        {
                            "type": "hostMatch",
                            "positiveMatch": true,
                            "hosts": [
                                "www.example.com",
                                "*.example.com"
                            ]
                        },
                        {
                            "type": "pathMatch",
                            "positiveMatch": false,
                            "paths": [
                                "/a/d",
                                "/test/"
                            ]
                        },
                        {
                            "type": "uriQueryMatch",
                            "caseSensitive": false,
                            "name": "test",
                            "nameCase": false,
                            "positiveMatch": false,
                            "value": "value",
                            "wildcard": false
                        },
                        {
                            "type": "requestHeaderMatch",
                            "header": "user-agent",
                            "positiveMatch": false,
                            "value": "test-agent-*",
                            "valueCase": false,
                            "valueWildcard": true
                        }
                    ]
                }
            ],
            "attackGroupActions": [
                {
                    "action": "deny",
                    "group": "SQL",
                    "rulesetVersionId": 327550
                },
                {
                    "action": "deny",
                    "group": "XSS",
                    "rulesetVersionId": 327550
                },
                {
                    "action": "deny",
                    "group": "IN",
                    "rulesetVersionId": 327550
                }
            ],
            "customRuleActions": [
                {
                    "action": "deny",
                    "id": 628035
                },
                {
                    "action": "alert",
                    "id": 628037
                }
            ],
            "reputationProfileActions": [
                {
                    "action": "alert",
                    "id": 281778
                },
                {
                    "action": "deny",
                    "id": 210588
                }
            ],
            "ratePolicyActions": [
                {
                    "id": 0,
                    "ipv4Action": "alert",
                    "ipv6Action": "deny"
                },
                {
                    "id": 0,
                    "ipv4Action": "alert",
                    "ipv6Action": "none"
                }
            ]
        },
        {
            "id": "qqqq_39297",
            "name": "qqqqqq",
            "hasRatePolicyWithApiKey": false
        },
        {
            "id": "178t_48704",
            "name": "Copy of Tet-a-Tet with 17.8",
            "hasRatePolicyWithApiKey": false,
            "networkLayerControls": {
                "block": "blockSpecificIPGeo",
                "ipControls": {
                    "blockedIPNetworkLists": {
                        "networkList": [
                            "24321_TESTNW"
                        ]
                    }
                }
            },
            "apiRequestConstraints": {
                "action": "alert"
            },
            "reputationProfileActions": [
                {
                    "action": "alert",
                    "id": 281778
                },
                {
                    "action": "alert",
                    "id": 281776
                }
            ]
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Make a GET request to /appsec/v1/export/configs/{configId}/versions/{versionNumber}.

The response is a Configuration object containing all configured hostnames, match targets, and custom rules.

List selectable hostnames

Lists the hostnames that a given configuration version has the ability to protect, under the current context. Hostnames may show as error hosts when they aren’t currently available, for example, when a contract expires.

GET /appsec/v1/configs/{configId}/versions/{versionNumber}/selectable-hostnames

Status 200 application/json

Object type: SelectableHostnames

Download schema: hostInfoInConfiguration.json

Response body:

{
    "configId": 123,
    "configVersion": 2,
    "protectARLInclusionHost": true,
    "availableSet": [
        {
            "arlInclusion": true,
            "activeInProduction": true,
            "activeInStaging": true,
            "configIdInProduction": 5443,
            "configNameInProduction": "WAF Security File",
            "hostname": "example.com"
        },
        {
            "arlInclusion": true,
            "activeInProduction": false,
            "activeInStaging": true,
            "configIdInProduction": 11882,
            "configNameInProduction": "A PUBLIC CONFIG",
            "hostname": "www.example.com"
        },
        {
            "arlInclusion": true,
            "activeInProduction": true,
            "activeInStaging": true,
            "configIdInProduction": 6018,
            "configNameInProduction": "Other Security Configuration",
            "hostname": "www.example-123.com"
        }
    ],
    "errorSet": [
        {
            "hostname": "*.example.net",
            "reason": "property is not active in either production or staging",
            "reasonCode": 400
        },
        {
            "hostname": "test-example.net",
            "reason": "You don't have access to this property",
            "reasonCode": 403
        }
    ],
    "selectedSet": [
        {
            "arlInclusion": false,
            "activeInProduction": true,
            "activeInStaging": true,
            "configIdInProduction": 11887,
            "configNameInProduction": "Rbac Test Config",
            "hostname": "m.example.com"
        },
        {
            "arlInclusion": false,
            "activeInProduction": true,
            "activeInStaging": true,
            "configIdInProduction": null,
            "configNameInProduction": null,
            "hostname": "m.example-123.com"
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Make a GET request to /appsec/v1/configs/{configId}/versions/{versionNumber}/selectable-hostnames.

The response is a SelectableHostnames object.

List selected hostnames

Lists the hostnames that the configuration version selects as candidates of protected hostnames, which you can use in match targets.

GET /appsec/v1/configs/{configId}/versions/{versionNumber}/selected-hostnames

Status 200 application/json

Object type: SelectedHostnames

Download schema: hostnameList.json

Response body:

{
    "hostnameList": [
        {
            "hostname": "*.example.net"
        },
        {
            "hostname": "example.com"
        },
        {
            "hostname": "m.example.com"
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Make a GET request to /appsec/v1/configs/{configId}/versions/{versionNumber}/selected-hostnames.

The response is a SelectedHostnames object.

Modify selected hostnames

Updates the list of selected hostnames for a configuration version.

PUT /appsec/v1/configs/{configId}/versions/{versionNumber}/selected-hostnames

Content-Type: application/json

Object type: SelectedHostnames

Download schema: hostnameList.json

Request body:

{
    "hostnameList": [
        {
            "hostname": "*.example.net"
        },
        {
            "hostname": "example.com"
        },
        {
            "hostname": "m.example.com"
        }
    ]
}

Status 200 application/json

Object type: SelectedHostnames

Download schema: hostnameList.json

Response body:

{
    "hostnameList": [
        {
            "hostname": "*.example.net"
        },
        {
            "hostname": "example.com"
        },
        {
            "hostname": "m.example.com"
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Run List selectable hostnames to get a list of Set objects containing hostname information.

  4. List selected hostnames to get a SelectedHostnames object.

  5. Modify the SelectedHostnames object.

  6. Make a PUT request to /appsec/v1/configs/{configId}/versions/{versionNumber}/selected-hostnames.

The response reflects the modified SelectedHostnames object.

List security policies

Returns a list of security policies available for the specified security configuration.

GET /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies{?notMatched,detail}

Sample: /appsec/v1/configs/8225/versions/2/security-policies?notMatched=false&detail=true

Parameter Type Sample Description
URL path parameters
configId Integer 8225 A unique identifier for each configuration.
versionNumber Integer 2 A unique identifier for each version of a configuration.
Optional query parameters
detail Boolean true When enabled, the response features a richer set of data than the default, which includes only the name and ID of each item.
notMatched Boolean false If true, returns all security policies in the configuration version which don’t have a match target. If false, returns all security policies in the configuration version.

Status 200 application/json

Object type: SecurityPolicy

Download schema: securityPoliciesListDto.json

Response body:

{
    "configId": 1232,
    "version": 8,
    "policies": [
        {
            "policyId": "NN3_61",
            "policyName": "NN FW 3",
            "hasRatePolicyWithApiKey": true,
            "policySecurityControls": {
                "applyApplicationLayerControls": true,
                "applyNetworkLayerControls": true,
                "applyRateControls": false,
                "applyReputationControls": false,
                "applyBotmanControls": true,
                "applyApiConstraints": false,
                "applySlowPostControls": false
            }
        },
        {
            "policyId": "NN_2",
            "policyName": "NN FW 1",
            "hasRatePolicyWithApiKey": false,
            "policySecurityControls": {
                "applyApplicationLayerControls": true,
                "applyNetworkLayerControls": true,
                "applyRateControls": false,
                "applyReputationControls": false,
                "applyBotmanControls": false,
                "applyApiConstraints": false,
                "applySlowPostControls": false
            }
        },
        {
            "policyId": "NN-2_3",
            "policyName": "NN FW 2",
            "hasRatePolicyWithApiKey": true,
            "policySecurityControls": {
                "applyApplicationLayerControls": true,
                "applyNetworkLayerControls": true,
                "applyRateControls": false,
                "applyReputationControls": false,
                "applyBotmanControls": false,
                "applyApiConstraints": false,
                "applySlowPostControls": false
            }
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Optionally, enable the notMatched query parameter to return all security policies in the configuration version which don’t have a match target

  4. Optionally, enable the detail query parameter to see detailed information on the returned items.

  5. Make a GET request to /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies{?notMatched,detail}.

Clone a security policy

Creates a new copy of an existing security policy.

POST /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies

Sample: /appsec/v1/configs/8225/versions/2/security-policies

Content-Type: application/json

Object type: SecurityPolicyClone

Download schema: securityPolicyCloneRequest.json

Request body:

{
    "createFromSecurityPolicy": "1_35752",
    "policyName": "Open Cloned IV 2",
    "policyPrefix": "bt17"
}
Parameter Type Sample Description
URL path parameters
configId Integer 8225 A unique identifier for each configuration.
versionNumber Integer 2 A unique identifier for each version of a configuration.

Status 201 application/json

Object type: SecurityPolicy

Download schema: securityPolicyDto.json

Response body:

{
    "configId": 16877,
    "version": 144,
    "policyId": "bt17_75755",
    "policyName": "Open Cloned IV 2",
    "policySecurityControls": {
        "applyApiConstraints": true,
        "applyApplicationLayerControls": true,
        "applyBotmanControls": true,
        "applyNetworkLayerControls": true,
        "applyRateControls": true,
        "applyReputationControls": true,
        "applySlowPostControls": false
    }
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Run List security policies and select a policyId.

  4. Create a SecurityPolicyClone object.

  5. Make a POST request to /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies.

The response reflects the new SecurityPolicy object.

List match targets

Lists match targets defined in the specified security configuration version.

GET /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets{?policyId,includeChildObjectName}

Sample: /appsec/v1/configs/17027/versions/25/match-targets?policyId=ancv_1234&includeChildObjectName=true

Parameter Type Sample Description
URL path parameters
configId Integer 17027 A unique identifier for each configuration.
versionNumber Integer 25 A unique identifier for each version of a configuration.
Optional query parameters
includeChildObjectName Boolean true Specifies if the name for network list and API endpoint objects to return in the payload.
policyId String ancv_1234 Specifies the security policy to filter match targets.

Status 200 application/json

Object type: MatchTarget

Download schema: matchTargetList.json

Response body:

{
    "matchTargets": {
        "apiTargets": [
            {
                "configId": 17027,
                "configVersion": 25,
                "sequence": 3,
                "targetId": 1222208,
                "type": "api",
                "effectiveSecurityControls": {
                    "applyApiConstraints": true,
                    "applyApplicationLayerControls": true,
                    "applyNetworkLayerControls": true,
                    "applyRateControls": true,
                    "applyReputationControls": true,
                    "applySlowPostControls": false
                },
                "securityPolicy": {
                    "policyId": "ancv_1234"
                },
                "apis": [
                    {
                        "id": 1111,
                        "name": "API Endpoint 1"
                    },
                    {
                        "id": 2222,
                        "name": "API Endpoint 2"
                    }
                ],
                "bypassNetworkLists": [
                    {
                        "name": "Example network list 11",
                        "id": "522825_CCCBYPASSLIST"
                    },
                    {
                        "name": "Example network list 12",
                        "id": "1622566_XXAABYPASSL"
                    }
                ]
            }
        ],
        "websiteTargets": [
            {
                "configId": 17027,
                "configVersion": 25,
                "defaultFile": "NO_MATCH",
                "isNegativeFileExtensionMatch": false,
                "isNegativePathMatch": false,
                "sequence": 1,
                "targetId": 1221059,
                "type": "website",
                "fileExtensions": [
                    "html"
                ],
                "filePaths": [
                    "/*"
                ],
                "hostnames": [],
                "effectiveSecurityControls": {
                    "applyApiConstraints": false,
                    "applyApplicationLayerControls": true,
                    "applyNetworkLayerControls": true,
                    "applyRateControls": true,
                    "applyReputationControls": true,
                    "applySlowPostControls": false
                },
                "securityPolicy": {
                    "policyId": "ancv_1234"
                },
                "bypassNetworkLists": [
                    {
                        "name": "Example network list 21",
                        "id": "222825_AAABYPASSLIST"
                    },
                    {
                        "name": "Example network list 22",
                        "id": "2622566_YYAABYPASSL"
                    }
                ]
            },
            {
                "configId": 17027,
                "configVersion": 25,
                "defaultFile": "NO_MATCH",
                "isNegativeFileExtensionMatch": false,
                "isNegativePathMatch": false,
                "sequence": 2,
                "targetId": 1222207,
                "type": "website",
                "bypassNetworkLists": [],
                "fileExtensions": [],
                "filePaths": [
                    "/path"
                ],
                "hostnames": [
                    "example.com",
                    "www.example.net",
                    "m.example.com"
                ],
                "effectiveSecurityControls": {
                    "applyApiConstraints": false,
                    "applyApplicationLayerControls": true,
                    "applyNetworkLayerControls": false,
                    "applyRateControls": true,
                    "applyReputationControls": true,
                    "applySlowPostControls": false
                },
                "securityPolicy": {
                    "policyId": "ancv_1234"
                }
            }
        ]
    }
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Optionally, Run List security policies and select a policyId.

  4. Optionally, enable the includeChildObjectName query parameter to return the object name in the payload.

  5. Make a GET request to /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets{?policyId,includeChildObjectName}.

Create a match target

Creates a new Match Target in the specified Configuration Version.

POST /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets

Sample: /appsec/v1/configs/17027/versions/25/match-targets

Content-Type: application/json

Object type: MatchTarget

Download schema: matchTarget.json

Request body:

{
    "type": "website",
    "isNegativePathMatch": false,
    "isNegativeFileExtensionMatch": true,
    "defaultFile": "BASE_MATCH",
    "hostnames": [
        "example.com",
        "www.example.net",
        "m.example.com"
    ],
    "filePaths": [
        "/sssi/*",
        "/cache/aaabbc*",
        "/price_toy/*"
    ],
    "fileExtensions": [
        "wmls",
        "jpeg",
        "pws",
        "carb",
        "pdf",
        "js",
        "hdml",
        "cct",
        "swf",
        "pct"
    ],
    "securityPolicy": {
        "policyId": "fwsf_32432"
    },
    "bypassNetworkLists": [
        {
            "id": "888518_ACDDCKERS"
        },
        {
            "id": "1304427_AAXXBBLIST"
        }
    ]
}
Parameter Type Sample Description
URL path parameters
configId Integer 17027 A unique identifier for each configuration.
versionNumber Integer 25 A unique identifier for each version of a configuration.

Status 201 application/json

Object type: MatchTarget

Download schema: matchTarget.json

Response body:

{
    "targetId": 112231,
    "configId": 17027,
    "configVersion": 25,
    "type": "website",
    "sequence": 1,
    "isNegativePathMatch": false,
    "isNegativeFileExtensionMatch": true,
    "defaultFile": "BASE_MATCH",
    "hostnames": [
        "example.com",
        "www.example.net",
        "m.example.com"
    ],
    "filePaths": [
        "/sssi/*",
        "/cache/aaabbc*",
        "/price_toy/*"
    ],
    "fileExtensions": [
        "wmls",
        "jpeg",
        "pws",
        "carb",
        "pdf",
        "js",
        "hdml",
        "cct",
        "swf",
        "pct"
    ],
    "securityPolicy": {
        "policyId": "fwsf_32432"
    },
    "effectiveSecurityControls": {
        "applyApiConstraints": false,
        "applyApplicationLayerControls": true,
        "applyNetworkLayerControls": false,
        "applyRateControls": true,
        "applyReputationControls": false,
        "applySlowPostControls": false
    },
    "bypassNetworkLists": [
        {
            "name": "Test network list 1",
            "id": "888518_ACDDCKERS"
        },
        {
            "name": "Test network list 2",
            "id": "1304427_AAXXBBLIST"
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Create a MatchTarget object.

  4. Make a POST request to /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets.

The response reflects the complete MatchTarget object.

Modify match target order

Updates the sequence of Match Targets in a configuration version. The website and api match targets’ sequence requires updates from separate requests by passing the type attribute in the JSON request.

PUT /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/sequence

Sample: /appsec/v1/configs/17027/versions/25/match-targets/sequence

Content-Type: application/json

Object type: MatchTargetOrder

Download schema: matchTargetsSequence.json

Request body:

{
    "type": "website",
    "targetSequence": [
        {
            "targetId": 1217289,
            "sequence": 1
        },
        {
            "targetId": 1217339,
            "sequence": 2
        }
    ]
}
Parameter Type Sample Description
URL path parameters
configId Integer 17027 A unique identifier for each configuration.
versionNumber Integer 25 A unique identifier for each version of a configuration.

Status 200 application/json

Object type: MatchTargetOrder

Download schema: matchTargetsSequence.json

Response body:

{
    "type": "website",
    "targetSequence": [
        {
            "targetId": 1217289,
            "sequence": 1
        },
        {
            "targetId": 1217339,
            "sequence": 2
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Run List match targets.

  4. Craft a MatchTargetOrder object using the targetIds.

  5. Make a PUT request to /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/sequence.

The response reflects the modified MatchTargetOrder object.

Get a match target

Returns the specified match target.

GET /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/{targetId}{?includeChildObjectName}

Sample: /appsec/v1/configs/17027/versions/25/match-targets/112231?includeChildObjectName=true

Parameter Type Sample Description
URL path parameters
configId Integer 17027 A unique identifier for each configuration.
versionNumber Integer 25 A unique identifier for each version of a configuration.
targetId Integer 112231 A unique identifier for each match target.
Optional query parameters
includeChildObjectName Boolean true Specify whether to return the object name in the payload.

Status 200 application/json

Object type: MatchTarget

Download schema: matchTarget.json

Response body:

{
    "targetId": 112231,
    "configId": 17027,
    "configVersion": 25,
    "type": "website",
    "sequence": 1,
    "isNegativePathMatch": false,
    "isNegativeFileExtensionMatch": true,
    "defaultFile": "BASE_MATCH",
    "hostnames": [
        "example.com",
        "www.example.net",
        "m.example.com"
    ],
    "filePaths": [
        "/sssi/*",
        "/cache/aaabbc*",
        "/price_toy/*"
    ],
    "fileExtensions": [
        "wmls",
        "jpeg",
        "pws",
        "carb",
        "pdf",
        "js",
        "hdml",
        "cct",
        "swf",
        "pct"
    ],
    "securityPolicy": {
        "policyId": "fwsf_32432"
    },
    "effectiveSecurityControls": {
        "applyApiConstraints": false,
        "applyApplicationLayerControls": true,
        "applyNetworkLayerControls": false,
        "applyRateControls": true,
        "applyReputationControls": false,
        "applySlowPostControls": false
    },
    "bypassNetworkLists": [
        {
            "name": "Test network list 1",
            "id": "888518_ACDDCKERS"
        },
        {
            "name": "Test network list 2",
            "id": "1304427_AAXXBBLIST"
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Run List match targets and select a targetId.

  4. Optionally, enable the includeChildObjectName query parameter to return the object name in the payload.

  5. Make a GET request to /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/{targetId}{?includeChildObjectName}.

The response is a MatchTarget object.

Modify a match target

Updates details about the specified match target.

PUT /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/{targetId}

Sample: /appsec/v1/configs/17027/versions/25/match-targets/112231

Content-Type: application/json

Object type: MatchTarget

Download schema: matchTarget.json

Request body:

{
    "targetId": 112231,
    "type": "website",
    "isNegativePathMatch": false,
    "isNegativeFileExtensionMatch": true,
    "defaultFile": "BASE_MATCH",
    "hostnames": [
        "example.com",
        "www.example.net",
        "m.example.com"
    ],
    "filePaths": [
        "/sssi/*",
        "/cache/aaabbc*",
        "/price_toy/*"
    ],
    "fileExtensions": [
        "wmls",
        "jpeg",
        "pws",
        "carb",
        "pdf",
        "js",
        "hdml",
        "cct",
        "swf",
        "pct"
    ],
    "securityPolicy": {
        "policyId": "fwsf_32432"
    },
    "bypassNetworkLists": [
        {
            "id": "888518_ACDDCKERS"
        },
        {
            "id": "1304427_AAXXBBLIST"
        }
    ]
}
Parameter Type Sample Description
URL path parameters
configId Integer 17027 A unique identifier for each configuration.
versionNumber Integer 25 A unique identifier for each version of a configuration.
targetId Integer 112231 A unique identifier for each match target.

Status 200 application/json

Object type: MatchTarget

Download schema: matchTarget.json

Response body:

{
    "targetId": 112231,
    "configId": 17027,
    "configVersion": 25,
    "type": "website",
    "sequence": 1,
    "isNegativePathMatch": false,
    "isNegativeFileExtensionMatch": true,
    "defaultFile": "BASE_MATCH",
    "hostnames": [
        "example.com",
        "www.example.net",
        "m.example.com"
    ],
    "filePaths": [
        "/sssi/*",
        "/cache/aaabbc*",
        "/price_toy/*"
    ],
    "fileExtensions": [
        "wmls",
        "jpeg",
        "pws",
        "carb",
        "pdf",
        "js",
        "hdml",
        "cct",
        "swf",
        "pct"
    ],
    "securityPolicy": {
        "policyId": "fwsf_32432"
    },
    "effectiveSecurityControls": {
        "applyApiConstraints": false,
        "applyApplicationLayerControls": true,
        "applyNetworkLayerControls": false,
        "applyRateControls": true,
        "applyReputationControls": false,
        "applySlowPostControls": false
    },
    "bypassNetworkLists": [
        {
            "name": "Test network list 1",
            "id": "888518_ACDDCKERS"
        },
        {
            "name": "Test network list 2",
            "id": "1304427_AAXXBBLIST"
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Run List match targets and select a targetId.

  4. Run Get a match target.

  5. Modify the MatchTarget object.

  6. Make a PUT request to /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/{targetId}.

The response reflects the modified MatchTarget object.

Remove a match target

Deletes the specified match target.

DELETE /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/{targetId}

Sample: /appsec/v1/configs/17027/versions/25/match-targets/112231

Parameter Type Sample Description
URL path parameters
configId Integer 17027 A unique identifier for each configuration.
versionNumber Integer 25 A unique identifier for each version of a configuration.
targetId Integer 112231 A unique identifier for each match target.

Status 204

  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Run List match targets and select a targetId.

  4. Make a DELETE request to /appsec/v1/configs/{configId}/versions/{versionNumber}/match-targets/{targetId}.

List custom rules

Lists custom rules defined in a security configuration.

GET /appsec/v1/configs/{configId}/custom-rules

Sample: /appsec/v1/configs/8277/custom-rules

Parameter Type Sample Description
URL path parameters
configId Integer 8277 A unique identifier for each configuration.

Status 200 application/json

Object type: CustomRule

Download schema: customRules-schema.json

Response body:

{
    "customRules": [
        {
            "link": "/appsec/v1/configs/99999/customRules/111111",
            "name": "Example 1",
            "status": "activated",
            "id": 111111,
            "version": 1
        },
        {
            "link": "/appsec/v1/configs/99999/customRules/111112",
            "name": "Example 2",
            "status": "published",
            "id": 111112,
            "version": 1
        },
        {
            "link": "/appsec/v1/configs/99999/customRules/111113",
            "name": "Example 3",
            "status": "unused",
            "id": 111113,
            "version": 2
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Make a GET request to /appsec/v1/configs/{configId}/custom-rules.

The response is a CustomRule object.

Create a custom rule

Creates a new custom rule.

POST /appsec/v1/configs/{configId}/custom-rules

Sample: /appsec/v1/configs/8277/custom-rules

Content-Type: application/json

Object type: CustomRule

Download schema: customRule-schema.json

Request body:

{
    "name": "Fat Rule",
    "description": "Can I create all conditions?",
    "tag": [
        "test"
    ],
    "conditions": [
        {
            "type": "requestMethodMatch",
            "positiveMatch": true,
            "value": [
                "GET",
                "CONNECT",
                "TRACE",
                "PUT",
                "POST",
                "OPTIONS",
                "DELETE",
                "HEAD"
            ]
        },
        {
            "type": "pathMatch",
            "positiveMatch": true,
            "value": [
                "/H",
                "/Li",
                "/He"
            ]
        },
        {
            "type": "extensionMatch",
            "positiveMatch": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "filenameMatch",
            "positiveMatch": true,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "He",
                "H",
                "Li"
            ]
        },
        {
            "type": "requestProtocolVersionMatch",
            "positiveMatch": true,
            "value": [
                "HTTP/0.9"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "H",
                "He"
            ],
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "He"
            ],
            "value": [
                "C",
                "Be",
                "B"
            ]
        },
        {
            "type": "headerOrderMatch",
            "positiveMatch": true,
            "value": "H:He"
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "H",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "H",
                "He",
                "Li"
            ]
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "Be",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "O",
                "N",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "C",
            "nameCase": true,
            "nameWildcard": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Carbon",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "N",
            "nameCase": false,
            "nameWildcard": false,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "Nitrogen",
                "N"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "H",
            "value": [
                "H",
                "Hydrogen"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "He",
            "value": [
                "He",
                "Helium"
            ]
        },
        {
            "type": "argsPostNamesMatch",
            "positiveMatch": true,
            "value": [
                "Carbon",
                "Oxygen",
                "Nitrogen",
                "Chlorine"
            ]
        },
        {
            "type": "clientCertPresentMatch",
            "positiveMatch": true
        },
        {
            "type": "clientCertValidMatch",
            "positiveMatch": false
        }
    ]
}
Parameter Type Sample Description
URL path parameters
configId Integer 8277 A unique identifier for each configuration.

Status 200 application/json

Object type: CustomRule

Download schema: customRule-schema.json

Response body:

{
    "id": 661699,
    "name": "Fat Rule",
    "description": "Can I create all conditions?",
    "version": 1,
    "ruleActivated": false,
    "tag": [
        "test"
    ],
    "conditions": [
        {
            "type": "requestMethodMatch",
            "positiveMatch": true,
            "value": [
                "GET",
                "CONNECT",
                "TRACE",
                "PUT",
                "POST",
                "OPTIONS",
                "DELETE",
                "HEAD"
            ]
        },
        {
            "type": "pathMatch",
            "positiveMatch": true,
            "value": [
                "/H",
                "/Li",
                "/He"
            ]
        },
        {
            "type": "extensionMatch",
            "positiveMatch": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "filenameMatch",
            "positiveMatch": true,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "He",
                "H",
                "Li"
            ]
        },
        {
            "type": "requestProtocolVersionMatch",
            "positiveMatch": true,
            "value": [
                "HTTP/0.9"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "H",
                "He"
            ],
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "He"
            ],
            "value": [
                "C",
                "Be",
                "B"
            ]
        },
        {
            "type": "headerOrderMatch",
            "positiveMatch": true,
            "value": "H:He"
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "H",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "H",
                "He",
                "Li"
            ]
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "Be",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "O",
                "N",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "C",
            "nameCase": true,
            "nameWildcard": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Carbon",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "N",
            "nameCase": false,
            "nameWildcard": false,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "Nitrogen",
                "N"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "H",
            "value": [
                "H",
                "Hydrogen"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "He",
            "value": [
                "He",
                "Helium"
            ]
        },
        {
            "type": "argsPostNamesMatch",
            "positiveMatch": true,
            "value": [
                "Carbon",
                "Oxygen",
                "Nitrogen",
                "Chlorine"
            ]
        },
        {
            "type": "clientCertPresentMatch",
            "positiveMatch": true
        },
        {
            "type": "clientCertValidMatch",
            "positiveMatch": true
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Create a CustomRule object.

  3. Make a POST request to /appsec/v1/configs/{configId}/custom-rules.

The response reflects the complete CustomRule object.

Get a custom rule

Returns the details of a custom rule.

GET /appsec/v1/configs/{configId}/custom-rules/{ruleId}

Sample: /appsec/v1/configs/8277/custom-rules/661699

Parameter Type Sample Description
URL path parameters
configId Integer 8277 A unique identifier for each configuration.
ruleId Integer 661699 A unique identifier for each custom rule.

Status 200 application/json

Object type: CustomRule

Download schema: customRule-schema.json

Response body:

{
    "id": 661699,
    "name": "Fat Rule",
    "description": "Can I create all conditions?",
    "version": 1,
    "ruleActivated": false,
    "tag": [
        "test"
    ],
    "conditions": [
        {
            "type": "requestMethodMatch",
            "positiveMatch": true,
            "value": [
                "GET",
                "CONNECT",
                "TRACE",
                "PUT",
                "POST",
                "OPTIONS",
                "DELETE",
                "HEAD"
            ]
        },
        {
            "type": "pathMatch",
            "positiveMatch": true,
            "value": [
                "/H",
                "/Li",
                "/He"
            ]
        },
        {
            "type": "extensionMatch",
            "positiveMatch": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "filenameMatch",
            "positiveMatch": true,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "He",
                "H",
                "Li"
            ]
        },
        {
            "type": "requestProtocolVersionMatch",
            "positiveMatch": true,
            "value": [
                "HTTP/0.9"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "H",
                "He"
            ],
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "He"
            ],
            "value": [
                "C",
                "Be",
                "B"
            ]
        },
        {
            "type": "headerOrderMatch",
            "positiveMatch": true,
            "value": "H:He"
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "H",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "H",
                "He",
                "Li"
            ]
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "Be",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "O",
                "N",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "C",
            "nameCase": true,
            "nameWildcard": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Carbon",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "N",
            "nameCase": false,
            "nameWildcard": false,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "Nitrogen",
                "N"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "H",
            "value": [
                "H",
                "Hydrogen"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "He",
            "value": [
                "He",
                "Helium"
            ]
        },
        {
            "type": "argsPostNamesMatch",
            "positiveMatch": true,
            "value": [
                "Carbon",
                "Oxygen",
                "Nitrogen",
                "Chlorine"
            ]
        },
        {
            "type": "clientCertPresentMatch",
            "positiveMatch": true
        },
        {
            "type": "clientCertValidMatch",
            "positiveMatch": true
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List custom rules and select a ruleId.

  3. Make a GET request to /appsec/v1/configs/{configId}/custom-rules/{ruleId}.

The response is a CustomRule object.

Modify a custom rule

Updates an existing custom rule.

PUT /appsec/v1/configs/{configId}/custom-rules/{ruleId}

Sample: /appsec/v1/configs/8277/custom-rules/661699

Content-Type: application/json

Object type: CustomRule

Download schema: customRule-schema.json

Request body:

{
    "id": 661699,
    "name": "Fat Rule",
    "description": "Can I create all conditions?",
    "version": 1,
    "tag": [
        "test"
    ],
    "conditions": [
        {
            "type": "requestMethodMatch",
            "positiveMatch": true,
            "value": [
                "GET",
                "CONNECT",
                "TRACE",
                "PUT",
                "POST",
                "OPTIONS",
                "DELETE",
                "HEAD"
            ]
        },
        {
            "type": "pathMatch",
            "positiveMatch": true,
            "value": [
                "/H",
                "/Li",
                "/He"
            ]
        },
        {
            "type": "extensionMatch",
            "positiveMatch": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "filenameMatch",
            "positiveMatch": true,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "He",
                "H",
                "Li"
            ]
        },
        {
            "type": "requestProtocolVersionMatch",
            "positiveMatch": true,
            "value": [
                "HTTP/0.9"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "H",
                "He"
            ],
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "He"
            ],
            "value": [
                "C",
                "Be",
                "B"
            ]
        },
        {
            "type": "headerOrderMatch",
            "positiveMatch": true,
            "value": "H:He"
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "H",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "H",
                "He",
                "Li"
            ]
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "Be",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "O",
                "N",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "C",
            "nameCase": true,
            "nameWildcard": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Carbon",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "N",
            "nameCase": false,
            "nameWildcard": false,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "Nitrogen",
                "N"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "H",
            "value": [
                "H",
                "Hydrogen"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "He",
            "value": [
                "He",
                "Helium"
            ]
        },
        {
            "type": "argsPostNamesMatch",
            "positiveMatch": true,
            "value": [
                "Carbon",
                "Oxygen",
                "Nitrogen",
                "Chlorine"
            ]
        },
        {
            "type": "clientCertPresentMatch",
            "positiveMatch": true
        },
        {
            "type": "clientCertValidMatch",
            "positiveMatch": false
        }
    ]
}
Parameter Type Sample Description
URL path parameters
configId Integer 8277 A unique identifier for each configuration.
ruleId Integer 661699 A unique identifier for each custom rule.

Status 200 application/json

Object type: CustomRule

Download schema: customRule-schema.json

Response body:

{
    "id": 661699,
    "name": "Fat Rule",
    "description": "Can I create all conditions?",
    "version": 1,
    "ruleActivated": false,
    "tag": [
        "test"
    ],
    "conditions": [
        {
            "type": "requestMethodMatch",
            "positiveMatch": true,
            "value": [
                "GET",
                "CONNECT",
                "TRACE",
                "PUT",
                "POST",
                "OPTIONS",
                "DELETE",
                "HEAD"
            ]
        },
        {
            "type": "pathMatch",
            "positiveMatch": true,
            "value": [
                "/H",
                "/Li",
                "/He"
            ]
        },
        {
            "type": "extensionMatch",
            "positiveMatch": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "filenameMatch",
            "positiveMatch": true,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "He",
                "H",
                "Li"
            ]
        },
        {
            "type": "requestProtocolVersionMatch",
            "positiveMatch": true,
            "value": [
                "HTTP/0.9"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "H",
                "He"
            ],
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "He"
            ],
            "value": [
                "C",
                "Be",
                "B"
            ]
        },
        {
            "type": "headerOrderMatch",
            "positiveMatch": true,
            "value": "H:He"
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "H",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "H",
                "He",
                "Li"
            ]
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "Be",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "O",
                "N",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "C",
            "nameCase": true,
            "nameWildcard": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Carbon",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "N",
            "nameCase": false,
            "nameWildcard": false,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "Nitrogen",
                "N"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "H",
            "value": [
                "H",
                "Hydrogen"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "He",
            "value": [
                "He",
                "Helium"
            ]
        },
        {
            "type": "argsPostNamesMatch",
            "positiveMatch": true,
            "value": [
                "Carbon",
                "Oxygen",
                "Nitrogen",
                "Chlorine"
            ]
        },
        {
            "type": "clientCertPresentMatch",
            "positiveMatch": true
        },
        {
            "type": "clientCertValidMatch",
            "positiveMatch": true
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List custom rules and select a ruleId.

  3. Run Get a custom rule.

  4. Modify the CustomRule object.

  5. Make a PUT request to /appsec/v1/configs/{configId}/custom-rules/{ruleId}.

The response reflects the modified CustomRule object.

Remove a custom rule

Deletes a custom rule as long as it isn’t activated.

DELETE /appsec/v1/configs/{configId}/custom-rules/{ruleId}

Sample: /appsec/v1/configs/8277/custom-rules/661699

Parameter Type Sample Description
URL path parameters
configId Integer 8277 A unique identifier for each configuration.
ruleId Integer 661699 A unique identifier for each custom rule.

Status 204

  1. Run List configurations and select a configId.

  2. Run List custom rules and select a ruleId.

  3. Make a DELETE request to /appsec/v1/configs/{configId}/custom-rules/{ruleId}.

List custom rule actions

Returns a list of all configured custom rules for the specified configuration. It includes information for rules that are associated with this policy, as well as the latest versions of the rules in the configuration that aren’t associated with the current policy. Unassociated rules have an action of none.

GET /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/custom-rules

Sample: /appsec/v1/configs/8277/versions/25/security-policies/WC_3/custom-rules

Parameter Type Sample Description
URL path parameters
configId Integer 8277 A unique identifier for each configuration.
versionNumber Integer 25 A unique identifier for each version of a configuration.
policyId String WC_3 A unique identifier for the security policy.

Status 200 application/json

Object type: CustomRuleActions

Download schema: customRuleActions.json

Response body:

{
    "customRules": [
        {
            "action": "alert",
            "link": "/appsec/v1/configs/16400/custom-rules/622918",
            "name": "Custom Rule Example 1",
            "id": 622918
        },
        {
            "action": "none",
            "link": "/appsec/v1/configs/16400/custom-rules/657604",
            "name": "Custom Rule Example 2",
            "id": 657604
        },
        {
            "action": "deny",
            "link": "/appsec/v1/configs/16400/custom-rules/615894",
            "name": "Custom Rule Example 3",
            "id": 615894
        }
    ]
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Run List security policies and select a policyId.

  4. Make a GET request to /appsec/v1/configs/{configId}/versions/1/security-policies/{policyId}/custom-rules.

The response is a CustomRuleActions object.

Modify a custom rule action

Updates the action of a custom rule.

PUT /appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/custom-rules/{ruleId}

Sample: /appsec/v1/configs/8277/versions/25/security-policies/WC_3/custom-rules/661699

Content-Type: application/json

Object type: CustomRuleActions

Download schema: updateCustomRuleAction.json

Request body:

{
    "action": "alert"
}
Parameter Type Sample Description
URL path parameters
configId Integer 8277 A unique identifier for each configuration.
versionNumber Integer 25 A unique identifier for each version of a configuration.
policyId String WC_3 A unique identifier for the security policy.
ruleId Integer 661699 A unique identifier for each custom rule.

Status 200 application/json

Object type: CustomRuleActions

Download schema: updateCustomRuleAction.json

Response body:

{
    "action": "alert"
}
  1. Run List configurations and select a configId.

  2. Run List configuration versions and select a versionNumber.

  3. Run List security policies and select a policyId.

  4. Run List custom rule actions and select a ruleId.

  5. Make a PUT request with a single-member object containing the specified action to /appsec/v1/configs/{configId}/versions/1/security-policies/{policyId}/custom-rules/{ruleId}.

The response reflects the modified single-member object.

Activate a configuration version

Activates one or more configurations globally.

POST /appsec/v1/activations

Content-Type: application/json

Object type: Activation

Download schema: activations-request.json

Request body:

{
    "action": "ACTIVATE",
    "network": "STAGING",
    "note": "Free text notes",
    "notificationEmails": [
        "a@abc.com",
        "b@abc.com"
    ],
    "activationConfigs": [
        {
            "configId": 1,
            "configVersion": 4
        }
    ]
}

Status 200 application/json

Object type: Activation

Download schema: activation-status.json

Response body:

{
    "dispatchCount": 1,
    "activationId": 1234,
    "action": "ACTIVATE",
    "status": "RECEIVED",
    "network": "PRODUCTION",
    "estimate": "PTM5",
    "createdBy": "user1",
    "createDate": "2013-10-07T17:41:52+00:00",
    "activationConfigs": [
        {
            "configId": 1,
            "configName": "config 1",
            "configVersion": 4,
            "previousConfigVersion": 2
        }
    ]
}

Status 202 application/json

Headers:

Location: /appsec/v1/activations/status/f81c92c5-b150-4c41-9b53-9cef7969150a

Download schema: activation-request-status-created.json

Response body:

{
    "statusId": "f81c92c5-b150-4c41-9b53-9cef7969150a",
    "createDate": "2018-06-19T11:27:55Z",
    "links": {
        "check-status": {
            "href": "/appsec/v1/activations/status/f81c92c5-b150-4c41-9b53-9cef7969150a"
        }
    }
}
  1. Create an Activation object.

  2. Make a POST request to /appsec/v1/activations.

The response reflects the complete Activation object.

Get an activation request status

Returns the status of a long-running activation request. Any errors that occur when generating the activation cause this API to respond with the underlying error status.

GET /appsec/v1/activations/status/{statusId}

Sample: /appsec/v1/activations/status/f81c92c5-b150-4c41-9b53-9cef7969150a

Parameter Type Sample Description
URL path parameters
statusId String f81c92c5-b150-4c41-9b53-9cef7969150a UUID of this activation request status.

Status 200 application/json

Headers:

Retry-After: 300

Download schema: activation-request-status-in-progress.json

Response body:

{
    "statusId": "f81c92c5-b150-4c41-9b53-9cef7969150a",
    "createDate": "2018-06-19T11:27:55Z"
}

Status 303 application/json

Headers:

Location: /appsec/v1/activations/1234

Download schema: activation-request-status-complete.json

Response body:

{
    "activationId": 1234
}
  1. Activate a configuration version, if you haven’t already done so, and note the statusId in the response.

  2. Make a GET request to /appsec/v1/activations/status/{statusId}.

  3. The response produces an object with an HTTP status code and relevant activation request data in the header.

  4. The optional Retry-After response header indicates the number of seconds to wait before submitting another status request.

  5. The optional Location response header indicates the URL of the specified activation.

Get activation status

Returns the status of an activation.

GET /appsec/v1/activations/{activationId}

Sample: /appsec/v1/activations/1234

Parameter Type Sample Description
URL path parameters
activationId Number 1234 A unique identifier for an activation.

Status 200 application/json

Object type: Activation

Download schema: activation-status.json

Response body:

{
    "dispatchCount": 1,
    "activationId": 1234,
    "action": "ACTIVATE",
    "status": "RECEIVED",
    "network": "PRODUCTION",
    "estimate": "PTM5",
    "createdBy": "user1",
    "createDate": "2013-10-07T17:41:52+00:00",
    "activationConfigs": [
        {
            "configId": 1,
            "configName": "config 1",
            "configVersion": 4,
            "previousConfigVersion": 2
        }
    ]
}
  1. Run Activate a configuration version and note the activationId in the response object.

  2. Make a GET request to /appsec/v1/activations/{activationId}.

The response is an Activation object.

Data

This section provides you with the data model for the Application Security API.

Download the JSON schemas for this API.

This section’s data schema tables list membership requirements as follows:

Member is required in requests, or always present in responses, even if its value is empty or null.
Member is optional, and may be omitted in some cases.
Member is out of scope, and irrelevant to the specified interaction context. If you include the member in that context, it either triggers an error, or is ignored.

Configuration

Contains details about a security configuration.

Download schema: configListing.json

Sample GET response:

{
    "configurations": [
        {
            "id": 22330,
            "latestVersion": 5,
            "name": "CaroTestTransition2Versioning",
            "description": "(user notes)"
        },
        {
            "id": 7180,
            "latestVersion": 9,
            "name": "Corporate Sites WAF",
            "productionVersion": 1,
            "stagingVersion": 2,
            "productionHostnames": [
                "example.com",
                "www.example.net",
                "m.example.com"
            ]
        }
    ]
}

Configuration members

Member Type Required Description
Configuration: Contains details about a security configuration.
description String Describes the security configuration.
id Integer Uniquely identifies the security configuration.
latestVersion Integer The latest version of the security configuration.
name String The security configuration name.
productionHostnames Array The list of hostnames protected by this security configuration in the production network.
productionVersion Integer The latest security configuration version active in the production network.
stagingVersion Integer The latest security configuration version active in the staging network.

VersionList

Contains details about a security configuration’s versions.

Download schema: wafConfigVersionListDto.json

Sample GET response:

{
    "totalSize": 3,
    "pageSize": 3,
    "page": 1,
    "configId": 8277,
    "configName": "TestConfig",
    "stagingExpediteRequestId": 5861,
    "productionExpediteRequestId": 6951,
    "productionActiveVersion": 9,
    "stagingActiveVersion": 8,
    "lastCreatedVersion": 9,
    "versionList": [
        {
            "version": 9,
            "versionNotes": "Membership Benefits",
            "createDate": "2013-10-07T17:58:52Z",
            "createdBy": "user1",
            "basedOn": 8,
            "production": {
                "status": "Active",
                "time": "2014-07-08T07:40:00Z"
            },
            "staging": {
                "status": "Inactive"
            }
        },
        {
            "version": 8,
            "versionNotes": "Membership Benefits",
            "createDate": "2013-10-07T17:41:52Z",
            "createdBy": "user2",
            "basedOn": 7,
            "production": {
                "status": "Inactive"
            },
            "staging": {
                "status": "Active",
                "time": "2014-07-08T07:40:00Z"
            }
        },
        {
            "version": 7,
            "versionNotes": "Membership Benefits",
            "createDate": "2013-08-07T17:41:52Z",
            "createdBy": "user3",
            "production": {
                "status": "Inactive"
            },
            "staging": {
                "status": "Inactive"
            }
        }
    ]
}

VersionList members

Member Type Required Description
VersionList: Contains details about a security configuration’s versions.
configId Integer Uniquely identifies the security configuration.
configName String The name you assigned to the security configuration.
lastCreatedVersion Integer The version number of the security configuration that you created most recently.
page Integer The current page number.
pageSize Integer Represents the number of items per page.
productionActiveVersion Integer The version number of the security configuration that is currently active on the production network.
productionExpediteRequestId Integer Uniquely identifies the expedite activation request of the configuration version on the production network.
stagingActiveVersion Integer The version number of the security configuration that is currently active on the staging network.
stagingExpediteRequestId Integer Uniquely identifies the expedite activation request of the configuration version on the staging network.
totalSize Integer The total number of configuration versions.
versionList Version array The security configuration’s versions.

Version

Contains configuration version details.

Download schema: wafConfigVersionDto.json

Sample full GET response:

{
    "configId": 8277,
    "configName": "TestConfig",
    "version": 2,
    "versionNotes": "Membership Benefits",
    "createDate": "2013-10-07T17:58:52Z",
    "createdBy": "user1",
    "basedOn": 1,
    "production": {
        "status": "Active",
        "time": "2014-07-08T07:40:00Z"
    },
    "staging": {
        "status": "Inactive"
    }
}

Version members

Member Type Required Description
Version: Contains configuration version details.
basedOn Integer Read-only. The version from which you cloned this version.
configId Integer Read-only. Uniquely identifies the security configuration.
configName String The security configuration name.
createDate String Read-only. The date when you created the configuration version.
createdBy String Read-only. The user who created the configuration version.
production Version.production Read-only. The activation status of the configuration version in the production network.
staging Version.staging Read-only. The activation status of the configuration version in the staging network.
version Integer The security configuration version.
versionNotes String The notes you entered for the configuration version.
Version.production: The activation status of the configuration version in the production network.
action Enumeration The action taken on the configuration version. Either ACTIVATE or DEACTIVATE.
status Enumeration The activation status, either Pending, Active, Inactive, Deactivated, or Failed.
time String The activation time.
Version.staging: The activation status of the configuration version in the staging network.
action Enumeration The action taken on the configuration version. Either ACTIVATE or DEACTIVATE.
status Enumeration The activation status, either Pending, Active, Inactive, Deactivated, or Failed.
time String The ISO 8601 timestamp indicating the activation time.

ConfigurationClone

Specifies the settings for a new clone of a security configuration.

Download schema: configCloneCreate.json

Sample POST request:

{
    "createFromVersion": 1,
    "ruleUpdate": false
}

ConfigurationClone members

Member Type Required Description
ConfigurationClone: Specifies the settings for a new clone of a security configuration.
createFromVersion Integer The configuration version to clone from.
ruleUpdate Boolean Specifies whether the application rules should be migrated to the latest version.

SelectableHostnames

Contains the list of hostnames available for protection and its details.

Download schema: hostInfoInConfiguration.json

Sample GET response:

{
    "configId": 123,
    "configVersion": 2,
    "protectARLInclusionHost": true,
    "availableSet": [
        {
            "arlInclusion": true,
            "activeInProduction": true,
            "activeInStaging": true,
            "configIdInProduction": 5443,
            "configNameInProduction": "WAF Security File",
            "hostname": "example.com"
        },
        {
            "arlInclusion": true,
            "activeInProduction": false,
            "activeInStaging": true,
            "configIdInProduction": 11882,
            "configNameInProduction": "A PUBLIC CONFIG",
            "hostname": "www.example.com"
        },
        {
            "arlInclusion": true,
            "activeInProduction": true,
            "activeInStaging": true,
            "configIdInProduction": 6018,
            "configNameInProduction": "Other Security Configuration",
            "hostname": "www.example-123.com"
        }
    ],
    "errorSet": [
        {
            "hostname": "*.example.net",
            "reason": "property is not active in either production or staging",
            "reasonCode": 400
        },
        {
            "hostname": "test-example.net",
            "reason": "You don't have access to this property",
            "reasonCode": 403
        }
    ],
    "selectedSet": [
        {
            "arlInclusion": false,
            "activeInProduction": true,
            "activeInStaging": true,
            "configIdInProduction": 11887,
            "configNameInProduction": "Rbac Test Config",
            "hostname": "m.example.com"
        },
        {
            "arlInclusion": false,
            "activeInProduction": true,
            "activeInStaging": true,
            "configIdInProduction": null,
            "configNameInProduction": null,
            "hostname": "m.example-123.com"
        }
    ]
}

SelectableHostnames members

Member Type Required Description
SelectableHostnames: Contains the list of hostnames available for protection and its details.
availableSet Set array The available hosts set for the current user.
configId Integer Uniquely identifies the security configuration.
configVersion Integer The security configuration version.
errorSet SelectableHostnames.errorSet[] The requested hosts aren’t available in this configuration version.
protectARLInclusionHost Boolean Whether the host defined in the ARL file has legacy WAF enabled in the configuration.
selectedSet Set array The selected set of hostnames in this configuration version.
SelectableHostnames.errorSet[]: The requested hosts aren’t available in this configuration version.
hostname String The hostname that triggers an error.
reason String The reason why the hosts aren’t protectable in this configuration version.
reasonCode Integer The error status code for the hostname.

Set

Contains details about the hostname and its status.

Download schema: hostNameObject.json

Set members

Member Type Required Description
Set: Contains details about the hostname and its status.
activeInProduction Boolean Whether the hostname is active in the production network.
activeInStaging Boolean Whether the hostname is active in the staging network.
arlInclusion Boolean Whether the hostname is Akamai Resource Locator (ARL) included.
configIdInProduction Integer Uniquely identifies the configuration that protects the hostname.
configNameInProduction String The name of the configuration that protects the hostname.
hostname String The hostname.

SelectedHostnames

Contains a list of selected hostnames for the specified configuration version.

Download schema: hostnameList.json

Sample GET response:

{
    "hostnameList": [
        {
            "hostname": "*.example.net"
        },
        {
            "hostname": "example.com"
        },
        {
            "hostname": "m.example.com"
        }
    ]
}

SelectedHostnames members

Member Type Required Description
SelectedHostnames: Contains a list of selected hostnames for the specified configuration version.
hostnameList SelectedHostnames.hostnameList[] The list of hostnames for a configuration version.
SelectedHostnames.hostnameList[]: The list of hostnames for a configuration version.
hostname String The hostname.

SecurityPolicy

Specifies the details of a policy.

Download schema: securityPolicyDto.json

Sample POST response:

{
    "configId": 1232,
    "version": 8,
    "policies": [
        {
            "policyId": "NN3_61",
            "policyName": "NN FW 3",
            "hasRatePolicyWithApiKey": true,
            "policySecurityControls": {
                "applyApplicationLayerControls": true,
                "applyNetworkLayerControls": true,
                "applyRateControls": false,
                "applyReputationControls": false,
                "applyBotmanControls": true,
                "applyApiConstraints": false,
                "applySlowPostControls": false
            }
        },
        {
            "policyId": "NN_2",
            "policyName": "NN FW 1",
            "hasRatePolicyWithApiKey": false,
            "policySecurityControls": {
                "applyApplicationLayerControls": true,
                "applyNetworkLayerControls": true,
                "applyRateControls": false,
                "applyReputationControls": false,
                "applyBotmanControls": false,
                "applyApiConstraints": false,
                "applySlowPostControls": false
            }
        },
        {
            "policyId": "NN-2_3",
            "policyName": "NN FW 2",
            "hasRatePolicyWithApiKey": true,
            "policySecurityControls": {
                "applyApplicationLayerControls": true,
                "applyNetworkLayerControls": true,
                "applyRateControls": false,
                "applyReputationControls": false,
                "applyBotmanControls": false,
                "applyApiConstraints": false,
                "applySlowPostControls": false
            }
        }
    ]
}

SecurityPolicy members

Member Type Required Description
SecurityPolicy: Specifies the details of a policy.
configId Integer Uniquely identifies the security configuration.
hasRatePolicyWithApiKey Boolean Indicates whether this security policy has a rate policy which has API_KEY as client identifier. APIs are managed using the API Endpoint Definition API.
policyId String Uniquely identifies the security policy.
policyName String The name of the security policy.
policySecurityControls SecurityControls The status of security controls defined in the security policy.
version Integer The version number of the security configuration.

SecurityPolicyClone

Specifies the settings for a new clone of a security policy.

Download schema: securityPolicyCloneRequest.json

Sample POST request:

{
    "createFromSecurityPolicy": "1_35752",
    "policyName": "Open Cloned IV 2",
    "policyPrefix": "bt17"
}

SecurityPolicyClone members

Member Type Required Description
SecurityPolicyClone: Specifies the settings for a new clone of a security policy.
createFromSecurityPolicy String The unique identifier (policyId) of the source policy to create the new policy from.
policyName String The name of the security policy. If not provided, the system generates a name automatically with the pattern ‘clone from ’.
policyPrefix String The four-character alphanumeric string prefix for the policyId. If not provided, the prefix is autogenerated.

SecurityControls

Describes the status security controls.

Download schema: securityControls.json

SecurityControls members

Member Type Description
SecurityControls: Describes the status security controls.
applyApiConstraints Boolean Whether you enabled API constraints.
applyApplicationLayerControls Boolean Whether you enabled application layer controls.
applyBotmanControls Boolean Whether you enabled Bot Manager controls.
applyNetworkLayerControls Boolean Whether you enabled network layer controls.
applyRateControls Boolean Whether you enabled rate controls.
applyReputationControls Boolean Whether you enabled reputation controls.
applySlowPostControls Boolean Whether you enabled slow post controls.

MatchTarget

Contains information about a match target.

Download schema: matchTarget.json

Sample GET response:

{
    "targetId": 112231,
    "configId": 17027,
    "configVersion": 25,
    "type": "website",
    "sequence": 1,
    "isNegativePathMatch": false,
    "isNegativeFileExtensionMatch": true,
    "defaultFile": "BASE_MATCH",
    "hostnames": [
        "example.com",
        "www.example.net",
        "m.example.com"
    ],
    "filePaths": [
        "/sssi/*",
        "/cache/aaabbc*",
        "/price_toy/*"
    ],
    "fileExtensions": [
        "wmls",
        "jpeg",
        "pws",
        "carb",
        "pdf",
        "js",
        "hdml",
        "cct",
        "swf",
        "pct"
    ],
    "securityPolicy": {
        "policyId": "fwsf_32432"
    },
    "effectiveSecurityControls": {
        "applyApiConstraints": false,
        "applyApplicationLayerControls": true,
        "applyNetworkLayerControls": false,
        "applyRateControls": true,
        "applyReputationControls": false,
        "applySlowPostControls": false
    },
    "bypassNetworkLists": [
        {
            "name": "Test network list 1",
            "id": "888518_ACDDCKERS"
        },
        {
            "name": "Test network list 2",
            "id": "1304427_AAXXBBLIST"
        }
    ]
}

MatchTarget members

Member Type Required Description
MatchTarget: Contains information about a match target.
apis MatchTarget.apis[] Contains a list of objects containing an API endpoint ID and name. This field applies only to API match targets.
bypassNetworkLists MatchTarget.bypassNetworkLists[] The list of network list identifiers and names.
configId Integer Uniquely identifies the security configuration.
configVersion Integer The version of security configuration.
defaultFile Enumeration Describes the rule to match on paths. Either NO_MATCH to not match on the default file, BASE_MATCH to match only requests for top-level hostnames ending in a trailing slash, or RECURSIVE_MATCH to match all requests for paths that end in a trailing slash.
effectiveSecurityControls SecurityControls Read-only. Defines the security controls to apply. For a security control to be effectively turned on, it has to be enabled in both the match target and the security policy.
fileExtensions Array Contains a list of file extensions.
filePaths Array Contains a list of file paths.
hostnames Array Contains a list of hostnames to protect.
isNegativeFileExtensionMatch Boolean Describes whether the match target applies when a match is found in the specified fileExtensions or when a match isn’t found.
isNegativePathMatch Boolean Describes whether the match target applies when a match is found in the specified paths or when a match isn’t found.
securityPolicy MatchTarget.securityPolicy The security policy associated with the match target.
sequence Integer The position in the sequence of match targets.
targetId Integer Uniquely identifies the match target.
type Enumeration Describes the type of match target, either website or api.
validations MatchTarget.validations Read-only. Describes warnings, errors, or notices determined by a validation of this resource.
MatchTarget.apis[]: Contains a list of objects containing an API endpoint ID and name. This field applies only to API match targets.
id Integer Uniquely identifies the API endpoint.
name String The API endpoint name.
MatchTarget.bypassNetworkLists[]: The list of network list identifiers and names.
id String Uniquely identifies the network list.
name String The name of the network list.
MatchTarget.securityPolicy: The security policy associated with the match target.
policyId String Uniquely identifies the security policy.
MatchTarget.validations: Describes warnings, errors, or notices determined by a validation of this resource.
errors Validation array The list of errors.
notices Validation array The list of notices.
warnings Validation array The list of warnings.

Validation

Contains feedback on validation.

Download schema: validation-dto.json

Validation members

Member Type Required Description
Validation: Contains feedback on validation.
detail String The explanation of the error message.
fieldName String The name of the field causing the validation problem.
jsonReference String The JSON reference to the field in the resource.
title String The title for the error.
type String The URL for the error type.

MatchTargetOrder

Contains match target settings and a list of objects containing match targets with their assigned sequence number.

Download schema: matchTargetsSequence.json

Sample PUT request:

{
    "type": "website",
    "targetSequence": [
        {
            "targetId": 1217289,
            "sequence": 1
        },
        {
            "targetId": 1217339,
            "sequence": 2
        }
    ]
}

MatchTargetOrder members

Member Type Required Description
MatchTargetOrder: Contains match target settings and a list of objects containing match targets with their assigned sequence number.
targetSequence MatchTargetOrder.targetSequence[] Contains the ID and sequence of a match target.
type Enumeration Describes the type of match target, either WEBSITE or API.
MatchTargetOrder.targetSequence[]: Contains the ID and sequence of a match target.
sequence Integer The position in the sequence of match targets.
targetId Integer Uniquely identifies the match target.

CustomRule

Contains settings for a custom rule.

Download schema: customRule-schema.json, customRules-schema.json

Sample GET response:

{
    "id": 661699,
    "name": "Fat Rule",
    "description": "Can I create all conditions?",
    "version": 1,
    "ruleActivated": false,
    "tag": [
        "test"
    ],
    "conditions": [
        {
            "type": "requestMethodMatch",
            "positiveMatch": true,
            "value": [
                "GET",
                "CONNECT",
                "TRACE",
                "PUT",
                "POST",
                "OPTIONS",
                "DELETE",
                "HEAD"
            ]
        },
        {
            "type": "pathMatch",
            "positiveMatch": true,
            "value": [
                "/H",
                "/Li",
                "/He"
            ]
        },
        {
            "type": "extensionMatch",
            "positiveMatch": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "filenameMatch",
            "positiveMatch": true,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "He",
                "H",
                "Li"
            ]
        },
        {
            "type": "requestProtocolVersionMatch",
            "positiveMatch": true,
            "value": [
                "HTTP/0.9"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "H",
                "He"
            ],
            "value": [
                "Li",
                "He",
                "H"
            ]
        },
        {
            "type": "requestHeaderMatch",
            "positiveMatch": true,
            "valueCase": true,
            "valueWildcard": true,
            "nameWildcard": true,
            "name": [
                "He"
            ],
            "value": [
                "C",
                "Be",
                "B"
            ]
        },
        {
            "type": "headerOrderMatch",
            "positiveMatch": true,
            "value": "H:He"
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "H",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "H",
                "He",
                "Li"
            ]
        },
        {
            "type": "cookieMatch",
            "positiveMatch": true,
            "name": "Be",
            "nameWildcard": true,
            "nameCase": true,
            "valueCase": true,
            "valueWildcard": true,
            "value": [
                "O",
                "N",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "C",
            "nameCase": true,
            "nameWildcard": true,
            "valueWildcard": true,
            "valueCase": true,
            "value": [
                "Carbon",
                "C"
            ]
        },
        {
            "type": "uriQueryMatch",
            "positiveMatch": true,
            "name": "N",
            "nameCase": false,
            "nameWildcard": false,
            "valueWildcard": false,
            "valueCase": false,
            "value": [
                "Nitrogen",
                "N"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "H",
            "value": [
                "H",
                "Hydrogen"
            ]
        },
        {
            "type": "argsPostMatch",
            "positiveMatch": true,
            "name": "He",
            "value": [
                "He",
                "Helium"
            ]
        },
        {
            "type": "argsPostNamesMatch",
            "positiveMatch": true,
            "value": [
                "Carbon",
                "Oxygen",
                "Nitrogen",
                "Chlorine"
            ]
        },
        {
            "type": "clientCertPresentMatch",
            "positiveMatch": true
        },
        {
            "type": "clientCertValidMatch",
            "positiveMatch": true
        }
    ]
}

CustomRule members

Member Type Required Description
CustomRule: Contains settings for a custom rule.
conditions CustomRule.conditions[] Contains the details about the condition that triggers the custom rule.
description String The custom rule description.
id Integer Uniquely identifies the rule.
inspectRequest Boolean Read-only. Whether to inspect the HTTP request for unstructured custom rules.
inspectResponse Boolean Read-only. Whether to inspect the HTTP response for unstructured custom rules.
link String The link to the full custom rule definition. This member is only available when you run the List custom rules operation.
metadata String Read-only. The metadata you provided for unstructured custom rules.
name String The custom rule name.
ruleActivated Boolean Read-only. Whether the rule is active in the configuration.
status Enumeration The custom rule deployment status. Either activated if a rule is enabled in at least one security policy within a security configuration currently active in production, published if a rule is associated with at least one security policy in an inactive security configuration, or unused if a rule exists as a shared resource, but isn’t associated with any security policy. This member is only available when you run the List custom rules operation.
structured Boolean Read-only. Whether you created the rule with the structured custom rule builder or free-form XML.
tag Array The list of labels you assigned to the custom rule.
version Integer The custom rule version.
CustomRule.conditions[]: Contains the details about the condition that triggers the custom rule.
positiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
type Enumeration The type of condition. See CustomRule condition type values.
value Array, String The value that triggers the condition when matched or not matched. Depending on the condition type, can either be a string or an array.

CustomRule condition type values

You can specify any of these values as a CustomRule condition type:

type value… Matches on…
argsPostMatch POST request body parameters
argsPostNamesMatch POST request body parameter names
clientCertPresentMatch Presence of a client certificate
clientCertValidMatch Validity of a client certificate
cookieMatch Cookies
extensionMatch Extensions
filenameMatch File names
headerOrderMatch A specific order of headers
hoitMatch Host templates
hostnameMatch Hostnames
ipMatch IP addresses
pathMatch Paths
requestHeaderMatch Request headers
requestMethodMatch Request methods
requestProtocolVersionMatch Request protocol versions
uriQueryMatch Query parameters

CustomRuleActions

Contains settings for custom rule actions.

Download schema: customRuleActions.json

Sample GET response:

{
    "customRules": [
        {
            "action": "alert",
            "link": "/appsec/v1/configs/16400/custom-rules/622918",
            "name": "Custom Rule Example 1",
            "id": 622918
        },
        {
            "action": "none",
            "link": "/appsec/v1/configs/16400/custom-rules/657604",
            "name": "Custom Rule Example 2",
            "id": 657604
        },
        {
            "action": "deny",
            "link": "/appsec/v1/configs/16400/custom-rules/615894",
            "name": "Custom Rule Example 3",
            "id": 615894
        }
    ]
}

CustomRuleActions members

Member Type Required Description
CustomRuleActions: Contains settings for custom rule actions.
action String The action to assign to this custom rule, either alert, deny, or none. If the action is none, the rule is inactive in the policy.
link String Read-only. The link to additional information about the rule associated with this policy or the latest version of a rule if action is set to none (unassociated).
name String Read-only. The name you assign to the custom rule.
status String Read-only. The custom rule action’s activation status.
version Integer Read-only. The rule version.

Activation

Contains activation settings for a configuration version.

Download schema: activations-request.json, activation-status.json

Sample POST request:

{
    "action": "ACTIVATE",
    "network": "STAGING",
    "note": "Free text notes",
    "notificationEmails": [
        "a@abc.com",
        "b@abc.com"
    ],
    "activationConfigs": [
        {
            "configId": 1,
            "configVersion": 4
        }
    ]
}

Sample GET response:

{
    "dispatchCount": 1,
    "activationId": 1234,
    "action": "ACTIVATE",
    "status": "RECEIVED",
    "network": "PRODUCTION",
    "estimate": "PTM5",
    "createdBy": "user1",
    "createDate": "2013-10-07T17:41:52+00:00",
    "activationConfigs": [
        {
            "configId": 1,
            "configName": "config 1",
            "configVersion": 4,
            "previousConfigVersion": 2
        }
    ]
}

Activation members

Member Type POST GET Description
Activation: Contains activation settings for a configuration version.
acknowledgedInvalidHosts Array The list of invalid hostnames in the security configuration to activate. In some cases, you may want to activate a security configuration with hostnames that WAF can’t protect (for example, hostnames not managed as Akamai properties, or managed under a different contract than the configuration). By default, the existence of invalid hostnames blocks activation with a warning. The warning includes the names of the invalid hostnames. If you want to activate a configuration with invalid hostnames, enter the hostnames in this array. This field is now deprecated. Use acknowledgedInvalidHostsByConfig instead.
acknowledgedInvalidHostsByConfig Activation.acknowledgedInvalidHostsByConfig[] The list of invalid hostnames per security configuration to activate. In some cases, you may want to activate a security configuration with hostnames that WAF can’t protect (for example, hostnames not managed as Akamai properties, or managed under a different contract than the configuration). By default, the existence of invalid hostnames blocks activation with a warning. The warning includes the names of the invalid hostnames. If you want to activate a configuration with invalid hostnames, enter the hostnames and the configuration ID in this array.
action Enumeration The action to take, either ACTIVATE or DEACTIVATE.
activationConfigs Activation.activationConfigs[] Specifies the security configuration and version to activate or deactivate.
activationId Number Uniquely identifies the activation.
completionDate String Read-only. The ISO 8601 timestamp at which the activation reaches a steady state and validates across the Akamai network.
createDate String Read-only. The ISO 8601 timestamp at which the activation request was submitted.
createdBy String Read-only. The user who created the activation request.
dispatchCount Integer Read-only. The number of times which this activation has been dispatched to the Akamai edge network. A number greater than 1 indicates that this activation may be retried due to network safety concerns.
estimate String The estimated time remaining to complete the activation in ISO 8601 duration format, starting when the response is generated.
network Enumeration The target Akamai activation environment, either STAGING or PRODUCTION.
note String The notes you entered for the activation.
notificationEmails Array The email addresses to notify when the activation happens.
status Enumeration The current activation status, either RECEIVED, LIVE, DEPLOYED, CANCELING, STOPPED, REMOVED, ROLLBACK, ACTIVATED, FAILED, CANCELLING, or UNDEPLOYED.
Activation.acknowledgedInvalidHostsByConfig[]: The list of invalid hostnames per security configuration to activate. In some cases, you may want to activate a security configuration with hostnames that WAF can’t protect (for example, hostnames not managed as Akamai properties, or managed under a different contract than the configuration). By default, the existence of invalid hostnames blocks activation with a warning. The warning includes the names of the invalid hostnames. If you want to activate a configuration with invalid hostnames, enter the hostnames and the configuration ID in this array.
configId Number Uniquely identifies the security configuration with invalid hostnames.
invalidHosts Array The list of invalid hostnames in the security configuration.
Activation.activationConfigs[]: Specifies the security configuration and version to activate or deactivate.
configId Number The origin identifier or destination configuration to activate.
configName String The name you assigned to the configuration. This field is provided for information purposes and only appears in the API output.
configVersion Number The origin version or destination configuration to activate.
previousConfigVersion Number Read-only. The previous active configuration version.

Export

Contains details about an exported security configuration version.

Download schema: export.json

Sample GET response:

{
    "configId": 8277,
    "configName": "New Security Config",
    "version": 2,
    "basedOn": 1,
    "createDate": "2017-09-08T22:24:41Z",
    "createdBy": "disharma",
    "selectableHosts": [
        "www.example1.com",
        "www.example2.com"
    ],
    "selectedHosts": [
        "www.example3.com",
        "www.example4.com"
    ],
    "staging": {
        "status": "Inactive"
    },
    "production": {
        "status": "Inactive"
    },
    "matchTargets": {
        "websiteTargets": [
            {
                "type": "website",
                "defaultFile": "NO_MATCH",
                "id": 1362593,
                "isNegativeFileExtensionMatch": false,
                "isNegativePathMatch": false,
                "sequence": 1,
                "fileExtensions": [
                    "jpg"
                ],
                "filePaths": [
                    "/path"
                ],
                "effectiveSecurityControls": {
                    "applyApplicationLayerControls": true,
                    "applyApiConstraints": true,
                    "applyNetworkLayerControls": false,
                    "applyRateControls": true,
                    "applyReputationControls": false,
                    "applySlowPostControls": false
                },
                "securityPolicy": {
                    "policyId": "qik3_38800"
                },
                "bypassNetworkLists": [
                    {
                        "id": "11212_BYPASSURR",
                        "name": "bypass-URR"
                    }
                ]
            },
            {
                "type": "website",
                "defaultFile": "NO_MATCH",
                "id": 1362594,
                "isNegativeFileExtensionMatch": false,
                "isNegativePathMatch": false,
                "sequence": 2,
                "filePaths": [
                    "/images",
                    "/image1",
                    "/path"
                ],
                "hostnames": [
                    "b2c.div1.akamaniac.com"
                ],
                "effectiveSecurityControls": {
                    "applyApplicationLayerControls": true,
                    "applyApiConstraints": true,
                    "applyNetworkLayerControls": true,
                    "applyRateControls": true,
                    "applyReputationControls": true,
                    "applySlowPostControls": false
                },
                "securityPolicy": {
                    "policyId": "qik2_38799"
                }
            }
        ],
        "apiTargets": [
            {
                "type": "api",
                "id": 1362597,
                "sequence": 6,
                "effectiveSecurityControls": {
                    "applyApplicationLayerControls": false,
                    "applyApiConstraints": false,
                    "applyNetworkLayerControls": false,
                    "applyRateControls": true,
                    "applyReputationControls": false,
                    "applySlowPostControls": false
                },
                "securityPolicy": {
                    "policyId": "99e_47293"
                },
                "apis": [
                    {
                        "id": 1041,
                        "name": "hmm test"
                    }
                ],
                "bypassNetworkLists": [
                    {
                        "id": "1024_AMAZONELASTICCOMPUTECLOU",
                        "name": "Ec2 Akamai Network List"
                    },
                    {
                        "id": "1283_MICROSOFTWINDOWSAZUREDAT",
                        "name": "Azure IP range cloud services"
                    }
                ]
            },
            {
                "type": "api",
                "id": 1362598,
                "sequence": 7,
                "effectiveSecurityControls": {
                    "applyApplicationLayerControls": false,
                    "applyApiConstraints": true,
                    "applyNetworkLayerControls": true,
                    "applyRateControls": false,
                    "applyReputationControls": true,
                    "applySlowPostControls": false
                },
                "securityPolicy": {
                    "policyId": "4444_44572"
                },
                "apis": [
                    {
                        "id": 1001,
                        "name": "1001"
                    },
                    {
                        "id": 1041,
                        "name": "hmm test"
                    }
                ],
                "bypassNetworkLists": [
                    {
                        "id": "11212_BYPASSURR",
                        "name": "bypass-URR"
                    }
                ]
            }
        ]
    },
    "siem": {
        "configId": 17027,
        "configVersion": 22,
        "enableForAllPolicies": false,
        "enableSiem": true,
        "enabledBotmanSiemEvents": false,
        "siemDefinitionId": 1,
        "firewallPolicyIds": [
            "qik2_38799",
            "4444_44572",
            "teet_39295",
            "ds22_48583"
        ]
    },
    "advancedOptions": {
        "logging": {
            "allowSampling": true,
            "cookies": {
                "type": "exclude",
                "values": [
                    "_updated_By_SoapUI",
                    "w",
                    "NEW_VAL_ADDED_BY_SoapUI"
                ]
            },
            "customHeaders": {
                "type": "only",
                "values": [
                    "112",
                    "sdasd",
                    "ds"
                ]
            },
            "standardHeaders": {
                "type": "only"
            }
        },
        "prefetch": {
            "allExtensions": false,
            "enableAppLayer": true,
            "enableRateControls": false,
            "extensions": [
                "cgi",
                "jsp",
                "EMPTY_STRING",
                "aspx",
                "php",
                "py",
                "asp"
            ]
        }
    },
    "errorHosts": [
        {
            "reasonCode": 400,
            "hostname": "bankoflaverty.com",
            "reason": "property is not active in either production or staging"
        },
        {
            "reasonCode": 403,
            "hostname": "culledentropy.com",
            "reason": "You don't have access to this property"
        }
    ],
    "ratePolicies": [
        {
            "allTraffic": false,
            "averageThreshold": 3,
            "burstThreshold": 2,
            "clientIdentifier": "",
            "createDate": "2017-09-08T22:24:42Z",
            "id": 672601,
            "matchType": "path",
            "name": "dsafsfdsf",
            "pathMatchType": "RequestDisabled",
            "pathUriPositiveMatch": true,
            "requestType": "ClientRequest",
            "sameActionOnIpv6": true,
            "type": "BOTMAN",
            "updateDate": "2017-09-08T22:24:42Z",
            "useXForwardForHeaders": false,
            "used": false,
            "queryParameters": [
                {
                    "name": "dasdasdasd*",
                    "positiveMatch": true,
                    "valueInRange": false,
                    "values": [
                        "dasdasdas8*&^"
                    ]
                }
            ]
        },
        {
            "allTraffic": false,
            "averageThreshold": 1000,
            "burstThreshold": 10,
            "clientIdentifier": "ip",
            "createDate": "2017-09-08T22:24:42Z",
            "description": "These Shared Resources will be available to all policies within the Security Configuration",
            "id": 672607,
            "matchType": "path",
            "name": "These Shared Resources will be available to all policies within the Security Configuration",
            "pathMatchType": "Custom",
            "pathUriPositiveMatch": true,
            "requestType": "ClientRequest",
            "sameActionOnIpv6": true,
            "type": "WAF",
            "updateDate": "2017-09-08T22:24:42Z",
            "useXForwardForHeaders": false,
            "used": true,
            "additionalMatchOptions": [
                {
                    "positiveMatch": true,
                    "type": "NetworkListCondition",
                    "values": [
                        "25620_REPUTATIONWHITELIST174",
                        "11212_BYPASSURR"
                    ]
                },
                {
                    "positiveMatch": true,
                    "type": "RequestMethodCondition",
                    "values": [
                        "GET",
                        "HTTP_DELETE"
                    ]
                },
                {
                    "positiveMatch": true,
                    "type": "UserAgentCondition",
                    "values": [
                        "MOZILLA",
                        "Googlebot"
                    ]
                },
                {
                    "positiveMatch": true,
                    "type": "RequestMethodCondition",
                    "values": [
                        "GET",
                        "POST",
                        "HEAD"
                    ]
                },
                {
                    "positiveMatch": true,
                    "type": "ResponseStatusCondition",
                    "values": [
                        "400",
                        "401",
                        "402",
                        "403",
                        "404",
                        "405",
                        "406",
                        "407",
                        "408",
                        "409",
                        "410",
                        "500",
                        "501",
                        "502",
                        "503",
                        "504"
                    ]
                }
            ],
            "queryParameters": [
                {
                    "name": "param1",
                    "positiveMatch": false,
                    "valueInRange": true,
                    "values": [
                        "value1"
                    ]
                }
            ]
        }
    ],
    "reputationProfiles": [
        {
            "context": "SCANTL",
            "contextReadable": "Scanning Tools",
            "enabled": true,
            "id": 210588,
            "name": "Scanning Tools (Low Threat)",
            "threshold": 5
        },
        {
            "context": "WEBATCK",
            "contextReadable": "Web Attackers",
            "enabled": false,
            "id": 210578,
            "name": "Web Attackers (Low Threat)",
            "threshold": 5,
            "condition": {
                "canDelete": false,
                "configVersionId": 152889,
                "id": 88112456,
                "name": "Cloned of 87956156 for version 152889",
                "positiveMatch": true,
                "uuid": "SEC_COND_88112456",
                "version": 1504909482545,
                "atomicConditions": [
                    {
                        "className": "RequestHeaderCondition",
                        "index": 1,
                        "nameWildcard": false,
                        "positiveMatch": true,
                        "valueCase": false,
                        "valueWildcard": false,
                        "name": [
                            "test*"
                        ],
                        "value": [
                            "test*"
                        ]
                    },
                    {
                        "className": "RequestHeaderCondition",
                        "index": 2,
                        "nameWildcard": true,
                        "positiveMatch": true,
                        "valueCase": false,
                        "valueWildcard": true,
                        "name": [
                            "Head",
                            "Header"
                        ],
                        "value": [
                            "Header value"
                        ]
                    },
                    {
                        "checkIps": "connecting",
                        "className": "NetworkListCondition",
                        "index": 3,
                        "positiveMatch": true,
                        "value": [
                            "14121_IMAGEMANAGERSERVERS"
                        ]
                    },
                    {
                        "className": "RequestCookieCondition",
                        "index": 4,
                        "name": "cookieName",
                        "nameCase": false,
                        "nameWildcard": true,
                        "positiveMatch": true,
                        "valueCase": false,
                        "valueWildcard": true,
                        "value": [
                            "cookieValue"
                        ]
                    },
                    {
                        "checkIps": "connecting",
                        "className": "AsNumberCondition",
                        "index": 5,
                        "positiveMatch": true,
                        "value": [
                            "5"
                        ]
                    }
                ]
            }
        }
    ],
    "customRules": [
        {
            "configId": 17027,
            "id": 667828,
            "name": "UXR-715 RE2 Second Test with Flags",
            "ruleActivated": false,
            "structured": true,
            "version": 1,
            "tag": [
                "tagfor",
                "17.2"
            ],
            "conditions": [
                {
                    "type": "requestMethodMatch",
                    "positiveMatch": true,
                    "value": [
                        "GET"
                    ]
                }
            ]
        },
        {
            "configId": 17027,
            "description": "Test CR",
            "id": 600001,
            "name": "Test CR",
            "ruleActivated": false,
            "structured": true,
            "version": 1,
            "tag": [
                "Test",
                "Tag"
            ],
            "conditions": [
                {
                    "type": "extensionMatch",
                    "positiveMatch": true,
                    "valueCase": true,
                    "valueWildcard": false,
                    "value": [
                        "fdf"
                    ]
                }
            ]
        },
        {
            "configId": 17027,
            "description": "Test CR",
            "id": 600006,
            "name": "Test CR",
            "ruleActivated": false,
            "structured": true,
            "version": 1,
            "tag": [
                "k"
            ],
            "conditions": [
                {
                    "type": "cookieMatch",
                    "name": "kids",
                    "nameCase": true,
                    "nameWildcard": false,
                    "positiveMatch": true,
                    "valueCase": true,
                    "valueWildcard": true,
                    "value": [
                        "dsds",
                        "dasdqw",
                        "dsa",
                        "dqwd",
                        "csqw"
                    ]
                }
            ]
        },
        {
            "configId": 17027,
            "id": 606713,
            "name": "Test",
            "ruleActivated": false,
            "structured": true,
            "version": 1,
            "tag": [
                "adsa"
            ],
            "conditions": [
                {
                    "type": "pathMatch",
                    "positiveMatch": true,
                    "value": [
                        "/login"
                    ]
                }
            ]
        },
        {
            "configId": 17027,
            "description": "Test CR",
            "id": 690265,
            "name": "Test CR2",
            "ruleActivated": false,
            "structured": true,
            "version": 1,
            "tag": [
                "ee"
            ],
            "conditions": [
                {
                    "type": "argsPostMatch",
                    "name": "fvfv",
                    "positiveMatch": true,
                    "value": [
                        "fgbr"
                    ]
                },
                {
                    "type": "requestHeaderMatch",
                    "nameWildcard": true,
                    "positiveMatch": true,
                    "valueCase": false,
                    "valueWildcard": true,
                    "name": [
                        "test"
                    ],
                    "value": [
                        "test1"
                    ]
                }
            ]
        },
        {
            "configId": 17027,
            "id": 667825,
            "inspectRequest": false,
            "inspectResponse": false,
            "metadata": "<match:variable name=\"MY_SAMPLE_THREAT_DETECTED\" result=\"true\" value=\"execute rule\">\n<match:regex impl=\"re2\" regex=\"^\\d+$\" result=\"false\" select=\"REQUEST_HEADERS:Content-Length\" strict-err-check-re2=\"on\" transform=\"urlDecodeUni\">\n<security:firewall.action>\n<msg>UXR-715 CRB Metadata testing</msg>\n<tag>CUSTOM/TEST</tag>\n<id>667825</id>\n<deny>%(WAF_CUSTOM_R667825_DENY)</deny>\n<data>threat indicated from data %(MY_SAMPLE_THREAT_DETECTED)</data>\n<http-status>403</http-status>\n</security:firewall.action>\n</match:regex>\n</match:variable>\n",
            "name": "UXR-715 RE27890",
            "ruleActivated": false,
            "structured": false,
            "version": 1
        }
    ],
    "rulesets": [
        {
            "id": 41,
            "rulesetVersionId": 327550,
            "type": "Kona",
            "releaseDate": "2017-04-21T16:00:38Z",
            "attackGroups": [
                {
                    "group": "DDOS",
                    "groupName": "Anomaly Score Exceeded for DDoS",
                    "threshold": 5
                },
                {
                    "group": "IN",
                    "groupName": "Anomaly Score Exceeded for Inbound",
                    "threshold": 30
                },
                {
                    "group": "SQL",
                    "groupName": "Anomaly Score Exceeded for SQL Injection",
                    "threshold": 19
                },
                {
                    "group": "TROJAN",
                    "groupName": "Anomaly Score Exceeded for Trojan",
                    "threshold": 4
                },
                {
                    "group": "XSS",
                    "groupName": "Anomaly Score Exceeded for Cross-Site Scripting",
                    "threshold": 9
                }
            ],
            "rules": [
                {
                    "id": 699989,
                    "inspectRequestBody": false,
                    "inspectResponseBody": false,
                    "ruleVersion": 1,
                    "score": 5,
                    "tag": "<AKAMAI/PRAGMA_DEFLECTION>",
                    "title": "Akamai-X debug Pragma header detected and removed"
                },
                {
                    "id": 699990,
                    "inspectRequestBody": false,
                    "inspectResponseBody": false,
                    "ruleVersion": 1,
                    "score": 5,
                    "tag": "<AKAMAI/EDGESCAPE_ANONYMOUS_PROXY_v1>",
                    "title": "Detected request from anonymous proxy"
                },
                {
                    "id": 981252,
                    "inspectRequestBody": true,
                    "inspectResponseBody": false,
                    "ruleVersion": 4,
                    "score": 5,
                    "tag": "<OWASP_CRS/WEB_ATTACK/SQL_INJECTION>",
                    "title": "MySQL Charset Switch and MSSQL DoS Attempts",
                    "attackGroups": [
                        "SQL",
                        "IN"
                    ]
                },
                {
                    "id": 3000060,
                    "inspectRequestBody": true,
                    "inspectResponseBody": false,
                    "ruleVersion": 2,
                    "score": 1000,
                    "tag": "<AKAMAI/AUTOMATION/MALICIOUS>",
                    "title": "Mirai / Kaiten DDoS Detection - HTTP Attacks",
                    "attackGroups": [
                        "IN",
                        "DDOS"
                    ]
                },
                {
                    "id": 3000061,
                    "inspectRequestBody": true,
                    "inspectResponseBody": false,
                    "ruleVersion": 1,
                    "score": 5,
                    "tag": "<AKAMAI/WEB_ATTACK/XSS>",
                    "title": "Referer Header From OpenBugBounty Website - Potential XSS",
                    "attackGroups": [
                        "XSS",
                        "IN"
                    ]
                }
            ]
        }
    ],
    "securityPolicies": [
        {
            "id": "qik2_38799",
            "name": "Generated Quick Policy - 4/10/17 7:13:18 PM GMT",
            "hasRatePolicyWithApiKey": false,
            "networkLayerControls": {
                "block": "blockSpecificIPGeo",
                "geoControls": {
                    "blockedIPNetworkLists": {
                        "additional": [
                            "AF",
                            "AS"
                        ],
                        "networkList": [
                            "4389_BLANKLIST"
                        ]
                    }
                },
                "slowPost": {
                    "action": "alert",
                    "durationThreshold": {
                        "timeout": 5
                    },
                    "slowRateThreshold": {
                        "rate": 10,
                        "period": 60
                    }
                },
                "ipControls": {
                    "allowedIPNetworkLists": {
                        "additional": [
                            "2.2.2.2"
                        ],
                        "networkList": [
                            "12801_25000",
                            "19440_1671"
                        ]
                    },
                    "blockedIPNetworkLists": {
                        "additional": [
                            "1.1.1.1"
                        ],
                        "networkList": [
                            "16656_CPISERVERS",
                            "18460_166RELEASETESTING"
                        ]
                    }
                }
            },
            "ruleActions": [
                {
                    "action": "alert",
                    "id": 960912,
                    "rulesetVersionId": 327550
                },
                {
                    "action": "alert",
                    "id": 960035,
                    "rulesetVersionId": 327550
                },
                {
                    "action": "alert",
                    "id": 981300,
                    "rulesetVersionId": 327550
                },
                {
                    "action": "deny",
                    "id": 3000001,
                    "rulesetVersionId": 327550
                },
                {
                    "action": "alert",
                    "id": 970903,
                    "rulesetVersionId": 327550,
                    "exception": {
                        "values": [
                            "test",
                            "sdfasf"
                        ],
                        "selectors": [
                            {
                                "type": "GENERIC",
                                "selector": "REQUEST_COOKIES"
                            },
                            {
                                "type": "EXACT",
                                "name": "cccx",
                                "selector": "XML_PAIRS",
                                "value": "vvv"
                            },
                            {
                                "type": "GENERIC",
                                "selector": "REQUEST_COOKIES"
                            },
                            {
                                "type": "GENERIC",
                                "selector": "ARGS"
                            }
                        ]
                    },
                    "conditions": [
                        {
                            "type": "hostMatch",
                            "positiveMatch": true,
                            "hosts": [
                                "www.example.com",
                                "*.example.com"
                            ]
                        },
                        {
                            "type": "pathMatch",
                            "positiveMatch": false,
                            "paths": [
                                "/a/d",
                                "/test/"
                            ]
                        },
                        {
                            "type": "uriQueryMatch",
                            "caseSensitive": false,
                            "name": "test",
                            "nameCase": false,
                            "positiveMatch": false,
                            "value": "value",
                            "wildcard": false
                        },
                        {
                            "type": "requestHeaderMatch",
                            "header": "user-agent",
                            "positiveMatch": false,
                            "value": "test-agent-*",
                            "valueCase": false,
                            "valueWildcard": true
                        }
                    ]
                }
            ],
            "attackGroupActions": [
                {
                    "action": "deny",
                    "group": "SQL",
                    "rulesetVersionId": 327550
                },
                {
                    "action": "deny",
                    "group": "XSS",
                    "rulesetVersionId": 327550
                },
                {
                    "action": "deny",
                    "group": "IN",
                    "rulesetVersionId": 327550
                }
            ],
            "customRuleActions": [
                {
                    "action": "deny",
                    "id": 628035
                },
                {
                    "action": "alert",
                    "id": 628037
                }
            ],
            "reputationProfileActions": [
                {
                    "action": "alert",
                    "id": 281778
                },
                {
                    "action": "deny",
                    "id": 210588
                }
            ],
            "ratePolicyActions": [
                {
                    "id": 0,
                    "ipv4Action": "alert",
                    "ipv6Action": "deny"
                },
                {
                    "id": 0,
                    "ipv4Action": "alert",
                    "ipv6Action": "none"
                }
            ]
        },
        {
            "id": "qqqq_39297",
            "name": "qqqqqq",
            "hasRatePolicyWithApiKey": false
        },
        {
            "id": "178t_48704",
            "name": "Copy of Tet-a-Tet with 17.8",
            "hasRatePolicyWithApiKey": false,
            "networkLayerControls": {
                "block": "blockSpecificIPGeo",
                "ipControls": {
                    "blockedIPNetworkLists": {
                        "networkList": [
                            "24321_TESTNW"
                        ]
                    }
                }
            },
            "apiRequestConstraints": {
                "action": "alert"
            },
            "reputationProfileActions": [
                {
                    "action": "alert",
                    "id": 281778
                },
                {
                    "action": "alert",
                    "id": 281776
                }
            ]
        }
    ]
}

Export members

Member Type Required Description
Export: Contains details about an exported security configuration version.
advancedOptions Export.advancedOptions[] The logging and prefetch settings in the configuration version.
basedOn Integer The version from which you cloned this version. If it’s the first version, this member is omitted from the response.
configId Integer Uniquely identifies each security configuration.
configName String The name that you assign to the security configuration.
createDate String The date when you created the security configuration.
createdBy String The user who created the configuration version.
customRules Export.customRules[] The custom rule details in the configuration version.
errorHosts Export.errorHosts[] Specifies the set of hostnames unavailable for protection in this configuration version.
matchTargets ZZZ The match target details in the configuration version.
production Export.production Specifies the configuration version’s activation status on the production network.
ratePolicies Export.ratePolicies[] The rate policy details in the configuration version.
reputationProfiles Export.reputationProfiles[] The reputation profile details in the configuration version.
ruleSets Export.ruleSets[] The ruleset details in the configuration version.
securityPolicies Export.securityPolicies[] The security policies in the configuration version.
selectableHosts Array The hostnames that are available for protection in the configuration version.
selectedHosts Array The hostnames protected in the configuration version.
siem Export.siem[] The SIEM details in the configuration version.
staging Export.staging Specifies the configuration version’s activation status on the staging network.
version Integer The security configuration’s incremental version number.
versionNotes String The notes that you provide to describe the security configuration version.
Export.advancedOptions[]: The logging and prefetch settings in the configuration version.
logging Export.advancedOptions[].logging Contains the configuration version level settings for header logging.
prefetch Export.advancedOptions[].prefetch Contains the configuration version level prefetch settings. Use this object to apply application firewall rules and rate controls to prefetch requests.
Export.advancedOptions[].logging: Contains the configuration version level settings for header logging.
allowSampling Boolean Whether you enabled the header data sampling.
cookies Export.advancedOptions[].logging.cookies The sampling settings for the cookie data.
customHeaders Export.advancedOptions[].logging.customHeaders The sampling settings for the custom headers.
standardHeaders Export.advancedOptions[].logging.standardHeaders The sampling settings for the standard headers.
Export.advancedOptions[].logging.cookies: The sampling settings for the cookie data.
type Enumeration The directive for including cookies. Either all to include all cookies, exclude to exclude specific cookies, none not to include any cookies, or only to include only specific cookies.
values Array The cookie names to log or exclude. This applies only when the type is either only or exclude.
Export.advancedOptions[].logging.customHeaders: The sampling settings for the custom headers.
type Enumeration The directive for including custom headers. Either all to include all custom headers, exclude to exclude specific custom headers, none not to include any custom headers, or only to include only specific custom headers.
values Array The custom headers to log or exclude. This applies only when the type is either only or exclude.
Export.advancedOptions[].logging.standardHeaders: The sampling settings for the standard headers.
type Enumeration The directive for including standard headers. Either all to include all standard headers, exclude to exclude specific standard headers, none not to include any standard headers, or only to include only specific standard headers.
values Array The standard headers to log or exclude. This is applies only when the type is either only or exclude. For available header values, see Export header values.
Export.advancedOptions[].prefetch: Contains the configuration version level prefetch settings. Use this object to apply application firewall rules and rate controls to prefetch requests.
allExtensions Boolean Whether to enable the prefetch settings for all file extensions. This only applies if the enableAppLayer member is true.
enableAppLayer Boolean Whether to enable the application layer rules for the prefetch requests.
enableRateControls Boolean Whether to enable the rate controls for the prefetch requests.
extensions Array The file extensions to apply the settings to. This only applies if the enableAppLayer member is true.
Export.customRules[]: The custom rule details in the configuration version.
conditions Export.customRules[].conditions[] Contains the details about the condition that triggers the custom rule.
description String The custom rule description.
id Integer Uniquely identifies the rule.
inspectRequest Boolean Whether to inspect the HTTP request for unstructured custom rules.
inspectResponse Boolean Whether to inspect the HTTP response for unstructured custom rules.
metadata String The metadata you provided for unstructured custom rules.
name String The custom rule name.
ruleActivated Boolean Whether the rule is active in the configuration.
structured Boolean Whether you created the rule with the structured custom rule builder or free-form XML.
tag Array The list of the labels you assigned to the custom rule.
version Integer The custom rule version.
Export.customRules[].conditions[]: Contains the details about the condition that triggers the custom rule.
positiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
type Enumeration The type of condition. See CustomRule condition type values.
value Array, String The value that triggers the condition when matched or not matched. Depending on the condition type, can either be a string or an array.
Export.errorHosts[]: Specifies the set of hostnames unavailable for protection in this configuration version.
hostname String The hostname unavailable for protection.
reason String Describes why WAF can’t protect the hostname.
reasonCode Integer The HTTP error code indicating why WAF can’t protect the hostname.
Export.production: Specifies the configuration version’s activation status on the production network.
action Enumeration The action you performed on the configuration version. Either ACTIVATE or DEACTIVATE.
status Enumeration The activation status. Either Active, Failed, Inactive, Deactivated, or Pending.
time String The ISO 8601 timestamp when you activated the configuration version.
Export.ratePolicies[]: The rate policy details in the configuration version.
additionalMatchOptions Export.ratePolicies[].additionalMatchOptions[] The list of additional match conditions.
apiSelectors Export.ratePolicies[].apiSelectors[] The API endpoints to match in incoming requests. This only applies to the api matchType.
averageThreshold Integer The allowed hits per second during any 2-minute interval.
bodyParameters Export.ratePolicies[].bodyParameters[] The list of body parameters to match on.
burstThreshold Integer The allowed hits per second during any 5-second interval.
clientIdentifier String The client identifier you want to use to track request senders.
createDate String The ISO 8601 timestamp when you created the rate policy.
description String Describes the rate policy.
fileExtensions Export.ratePolicies[].fileExtensions Contains the file extension match criteria.
hostnames Array The hostnames to match.
id Integer Uniquely identifies the rate policy.
matchType Enumeration The match type in the rate policy. Either path to match website paths or api to match API paths.
name String The name you assigned to the rate policy.
path Export.ratePolicies[].path Contains details about the path match criteria.
pathMatchType Enumeration The type of paths to match in incoming requests. Either AllRequests to match an empty path or any path that ends in a trailing slash (/), TopLevel to match top-level hostnames only, or Custom to match a specific path or path component. This applies only when the corresponding matchType member is path.
pathUriPositiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
queryParameters Export.ratePolicies[].queryParameters[] The list of query parameter objects to match on.
requestType Enumeration The type of requests to count towards the rate policy’s thresholds. Either ClientRequest to count client requests to edge servers, ClientResponse to count edge responses to the client, ForwardResponse to count origin responses to the client, or ForwardRequest to count edge requests to your origin.
sameActionOnIpv6 Boolean Whether to apply the same action to the IPv6 traffic as to the IPv4 traffic.
type Enumeration The rate policy type. Either WAF for Web Application Firewall, or BOTMAN for Bot Manager.
updateDate String The ISO 8601 timestamp when you last updated the rate policy.
used Boolean Whether you’re currently using the rate policy.
useXForwardForHeaders Boolean Whether to check the contents of the X-Forwarded-For header in incoming requests.
Export.ratePolicies[].additionalMatchOptions[]: The list of additional match conditions.
positiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
type Enumeration The match condition type. See Export match condition type values.
values Array The list of values that trigger the condition on match.
Export.ratePolicies[].apiSelectors[]: The API endpoints to match in incoming requests. This only applies to the api matchType.
apiDefinitionId Integer Uniquely identifies the API endpoint.
resourceIds Array The unique identifiers of the endpoint’s resources.
Export.ratePolicies[].bodyParameters[]: The list of body parameters to match on.
name String The name you assigned to the body parameter.
positiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
valueInRange Boolean Whether to match a value inside or outside a range. The range format is min:max, for example: 2:4.
values Array The body parameter values.
Export.ratePolicies[].fileExtensions: Contains the file extension match criteria.
positiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
values Array The file extensions to match on.
Export.ratePolicies[].path: Contains details about the path match criteria.
positiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
values Array The list of paths to match on.
Export.ratePolicies[].queryParameters[]: The list of query parameter objects to match on.
name String The query parameter name.
positiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
valueInRange Boolean Whether to match a value inside or outside a range. The range format is min:max, for example: 2:4.
values Array The list of query parameter values.
Export.reputationProfiles[]: The reputation profile details in the configuration version.
condition Export.reputationProfiles[].condition Contains information about the criteria that trigger the reputation profile.
context Enumeration Identifies the reputation category. Either WEBSCRP, DOSATCK, WEBATCK, ACCATCK, SCANTL, 2_WEBSCRP, 2_DOSATCK, 2_WEBATCK, 2_ACCATCK, or 2_SCANTL.
contextReadable String Describes the reputation category.
description String Describes the reputation profile.
enabled Boolean Whether you enabled the reputation profile.
id Integer Uniquely identifies the reputation profile.
name String The name you assigned to the reputation profile.
threshold Number The threshold when the profile to triggers.
Export.reputationProfiles[].condition: Contains information about the criteria that trigger the reputation profile.
atomicConditions Export.reputationProfiles[].condition.atomicConditions[] The conditions that trigger the reputation profile.
description String Describes the reputation profile condition.
id Integer Uniquely identifies the reputation profile condition.
name String The name you assigned to the reputation profile condition.
positiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
version Integer The version of the reputation profile condition.
Export.reputationProfiles[].condition.atomicConditions[]: The conditions that trigger the reputation profile.
positiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
type Enumeration The condition type. Either NetworkListCondition, AsNumberCondition, IpAddressCondition, RequestCookieCondition, RequestHeaderCondition, HostCondition, or UrlPatternCondition.
value Array The list of values that trigger the condition.
valueCase Boolean Whether to consider the character case when comparing the value string with the request value. The default is false, meaning that a value such as url would match a string UrL in the request.
valueWildcard Boolean Whether to treat the asterisk (*) and question mark (?) as wildcards when comparing the value string with the request value. Note that setting this to false isn’t supported by the host condition, and means that the value string must match exactly.
Export.ruleSets[]: The ruleset details in the configuration version.
attackGroups Export.ruleSets[].attackGroups[] The list of attack groups in the ruleset.
id Integer Uniquely identifies the ruleset.
rules Export.ruleSets[].rules[] The list of rules in the ruleset.
rulesetVersionId Integer Uniquely identifies the ruleset version.
type Enumeration The ruleset type. The only available value is kona.
Export.ruleSets[].attackGroups[]: The list of attack groups in the ruleset.
group String Identifies the attack group.
groupName String The name of the attack group.
threshold String The risk score threshold. When a request has a score above this threshold, the action set in the security policy for this risk group triggers.
Export.ruleSets[].rules[]: The list of rules in the ruleset.
attackGroups Array The attack groups that the rule belongs to.
id Number Uniquely identifies the rule.
inspectRequestBody Boolean Whether to inspect the request body.
inspectResponseBody Boolean Whether to inspect the response body.
ruleVersion Number The rule’s version.
score Number The risk score for the rule.
tag String The tag you assigned to the rule.
title String The rule title.
Export.securityPolicies[]: The security policies in the configuration version.
apiRequestConstraints Export.securityPolicies[].apiRequestConstraints The API request constraint action set in this policy. The action applies to the APIs associated with this policy via the API match targets.
clientReputation Export.securityPolicies[].clientReputation Contains details about the reputation profile actions.
customRuleActions Export.securityPolicies[].customRuleActions[] The list of custom rule actions set in the security policy.
hasRatePolicyWithApiKey Boolean Whether the security policy has a rate policy with an API_KEY client identifier. You can manage APIs using the API Endpoint Definition API.
id String Uniquely identifies the security policy.
ipGeoFirewall Export.securityPolicies[].ipGeoFirewall The status of IP and geographic controls defined in the security policy.
loggingOverrides Export.securityPolicies[].loggingOverrides The header logging settings that override the config version level settings.
name String The name of the security policy.
ratePolicyActions Export.securityPolicies[].ratePolicyActions[] The list of rate policy actions set in the security policy.
securityControls Export.securityPolicies[].securityControls Contains details about the security controls defined in the security policy.
slowPost Export.securityPolicies[].slowPost Contains details about the slow POST protection. Lets you set thresholds to control slow traffic. The duration threshold takes precedence over the slow rate threshold.
webApplicationFirewall Export.securityPolicies[].webApplicationFirewall Contains information about the rule and attack group actions.
Export.securityPolicies[].apiRequestConstraints: The API request constraint action set in this policy. The action applies to the APIs associated with this policy via the API match targets.
action String The action to take for the requests that violate the constraints.
Export.securityPolicies[].clientReputation: Contains details about the reputation profile actions.
reputationProfileActions Export.securityPolicies[].clientReputation.reputationProfileActions[] The list of reputation profile actions set in the security policy.
Export.securityPolicies[].clientReputation.reputationProfileActions[]: The list of reputation profile actions set in the security policy.
action String The action to take when the request exceeds the threshold set in the reputation profile.
id Integer Uniquely identifies the reputation profile.
Export.securityPolicies[].customRuleActions[]: The list of custom rule actions set in the security policy.
action String The action to take when a request meets the custom rule conditions.
id Integer Uniquely identifies the custom rule.
Export.securityPolicies[].ipGeoFirewall: The status of IP and geographic controls defined in the security policy.
block Enumeration The directive for blocking IP addresses. Either blockSpecificIPGeo to block specific IPs unless they’re in block exceptions, or blockAllTrafficExceptAllowedIPs to block all traffic apart from the IPs in block exceptions.
geoControls Export.securityPolicies[].ipGeoFirewall.geoControls Contains details about the geographic regions to block.
ipControls Export.securityPolicies[].ipGeoFirewall.ipControls Contains details about the allowed and blocked IP network lists.
Export.securityPolicies[].ipGeoFirewall.geoControls: Contains details about the geographic regions to block.
blockedGeoNetworkLists Export.securityPolicies[].ipGeoFirewall.geoControls.blockedGeoNetworkLists The geo network lists and specific geographic locations to block.
Export.securityPolicies[].ipGeoFirewall.geoControls.blockedGeoNetworkLists: The geo network lists and specific geographic locations to block.
additional Array The specific geographic locations to block.
networkList Array The geo network lists to block.
Export.securityPolicies[].ipGeoFirewall.ipControls: Contains details about the allowed and blocked IP network lists.
allowedIPNetworkLists Export.securityPolicies[].ipGeoFirewall.ipControls.allowedIPNetworkLists The collection of IPs and network lists to allow.
blockedIPNetworkLists Export.securityPolicies[].ipGeoFirewall.ipControls.blockedIPNetworkLists The collection of IPs and network lists to block.
Export.securityPolicies[].ipGeoFirewall.ipControls.allowedIPNetworkLists: The collection of IPs and network lists to allow.
additional Array The specific IPs to allow.
networkList Array The IP network lists to allow.
Export.securityPolicies[].ipGeoFirewall.ipControls.blockedIPNetworkLists: The collection of IPs and network lists to block.
additional Array The specific IPs to block.
networkList Array The IP network lists to block.
Export.securityPolicies[].loggingOverrides: The header logging settings that override the config version level settings.
allowSampling Boolean Whether you enabled the header data sampling.
cookies Export.securityPolicies[].loggingOverrides.cookies The sampling settings for the cookie data.
customHeaders Export.securityPolicies[].loggingOverrides.customHeaders The sampling settings for the custom headers.
standardHeaders Export.securityPolicies[].loggingOverrides.standardHeaders The sampling settings for the standard headers.
Export.securityPolicies[].loggingOverrides.cookies: The sampling settings for the cookie data.
type Enumeration The directive for including cookies. Either all to include all cookies, exclude to exclude specific cookies, none not to include any cookies, or only to include only specific cookies.
values Array The cookie names to log or exclude. This applies only when the type is either only or exclude.
Export.securityPolicies[].loggingOverrides.customHeaders: The sampling settings for the custom headers.
type Enumeration The directive for including custom headers. Either all to include all custom headers, exclude to exclude specific custom headers, none not to include any custom headers, or only to include only specific custom headers.
values Array The custom headers to log or exclude. This applies only when the type is either only or exclude.
Export.securityPolicies[].loggingOverrides.standardHeaders: The sampling settings for the standard headers.
type Enumeration The directive for including standard headers. Either all to include all standard headers, exclude to exclude specific standard headers, none not to include any standard headers, or only to include only specific standard headers.
values Array The standard headers to log or exclude. This is applies only when the type is either only or exclude. For available header values, see Export header values.
Export.securityPolicies[].ratePolicyActions[]: The list of rate policy actions set in the security policy.
id Integer Uniquely identifies the rate policy.
ipv4Action String The action to take for the IPv4 traffic when the limits set in the rate policy are exceeded.
ipv6Action String The action to take for the IPv6 traffic when the limits set in the rate policy are exceeded.
Export.securityPolicies[].securityControls: Contains details about the security controls defined in the security policy.
applyApplicationLayerControls Boolean Whether you enabled the application layer controls.
applyNetworkLayerControls Boolean Whether you enabled the network layer controls.
applyRateControls Boolean Whether you enabled the rate controls.
applyReputationControls Boolean Whether you enabled the reputation controls.
Export.securityPolicies[].slowPost: Contains details about the slow POST protection. Lets you set thresholds to control slow traffic. The duration threshold takes precedence over the slow rate threshold.
action Enumeration The action to take for a request that exceeds the threshold. Either alert to send an alert notification, or abort to deny the request.
durationThreshold Export.securityPolicies[].slowPost.durationThreshold The settings based on the first 8 kilobytes of the POST body transfer.
slowRateThreshold Export.securityPolicies[].slowPost.slowRateThreshold The settings based on the request body transfer speed.
Export.securityPolicies[].slowPost.durationThreshold: The settings based on the first 8 kilobytes of the POST body transfer.
timeout Integer The time (in seconds) when the first 8 kilobytes of the POST body should be processed to avoid flagging the request.
Export.securityPolicies[].slowPost.slowRateThreshold: The settings based on the request body transfer speed.
period Integer The period (in seconds) when the rate applies.
rate Integer The maximum rate of bandwidth in bytes per second, averaged every 2 minutes.
Export.securityPolicies[].webApplicationFirewall: Contains information about the rule and attack group actions.
attackGroupActions Export.securityPolicies[].webApplicationFirewall.attackGroupActions[] The list of attack group actions set in the security policy.
evaluation Export.securityPolicies[].webApplicationFirewall.evaluation Specifies the ruleset version evaluated as part of the policy.
ruleActions Export.securityPolicies[].webApplicationFirewall.ruleActions[] The list of rules in the security policy and the actions to perform when a request violates the rule.
Export.securityPolicies[].webApplicationFirewall.attackGroupActions[]: The list of attack group actions set in the security policy.
action String The action to take when the risk score exceeds the set threshold.
group String The attack group name.
rulesetVersionId Integer Uniquely identifies the ruleset version.
Export.securityPolicies[].webApplicationFirewall.evaluation: Specifies the ruleset version evaluated as part of the policy.
attackGroupActions Export.securityPolicies[].webApplicationFirewall.evaluation.attackGroupActions[] The list of attack group actions set in the security policy.
evaluationId Integer Uniquely identifies the rule evaluation configuration.
evaluationVersion Integer The evaluation version. The version numbers start at 1 and increase on the first change to an evaluation configuration after its activation.
ruleActions Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[] The list of rules in the security policy and the actions to perform when a request violates the rule.
rulesetVersion Integer Uniquely identifies the evaluated ruleset version.
Export.securityPolicies[].webApplicationFirewall.evaluation.attackGroupActions[]: The list of attack group actions set in the security policy.
action String The action to take when the risk score exceeds the set threshold.
group String The attack group name.
rulesetVersionId Integer Uniquely identifies the ruleset version.
Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[]: The list of rules in the security policy and the actions to perform when a request violates the rule.
action String The action to take when a request violates the rule.
conditions Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[].conditions[] The list of conditions that trigger the rule.
exceptions Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[].exceptions Contains details about the exceptions under which the rule’s action doesn’t trigger.
id Integer Uniquely identifies the rule.
rulesetVersionId Integer Uniquely identifies the rule set version.
Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[].conditions[]: The list of conditions that trigger the rule.
caseSensitive Boolean Whether to consider the case-sensitivity of the provided query parameter value. This only applies to the uriQueryMatch condition type.
extensions Array The file extensions that trigger the condition. This only applies to the extensionMatch condition type.
filenames Array The filenames that trigger the condition. This only applies to the filenameMatch condition type.
header Enumeration The name of the HTTP header to check for. Either referer or user-agent. This only applies to the requestHeaderMatch condition type.
hosts Array The hostnames that trigger the condition. This only applies to the hostMatch condition type.
ips Array The IPs that trigger the condition. This only applies to the ipMatch condition type.
methods Array The HTTP request methods that trigger the condition. The possible values are GET, POST, HEAD, PUT, and DELETE. This only applies to the requestMethodMatch condition type.
name String The query parameter name that triggers the condition. This only applies to the uriQueryMatch condition type.
nameCase Boolean Whether to consider the case-sensitivity of the provided query parameter name. This only applies to the uriQueryMatch condition type.
paths Array The paths that trigger the condition. This only applies to the pathMatch condition type.
positiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
type Enumeration The condition type to match on. See Export condition type values.
useHeaders Boolean Whether the condition should include the X-Forwarded-For (XFF) headers. This only applies to the ipMatch condition type.
value String The query parameter value if the condition type is uriQueryMatch and header value if the condition type is requestHeaderMatch. This only applies to the uriQueryMatch and requestHeaderMatch condition types.
valueCase Boolean Whether to consider the case-sensitivity of the provided header value. This only applies to the requestHeaderMatch condition type.
valueWildcard Boolean Whether the provided header value is a wildcard. This only applies to the requestHeaderMatch condition type.
wildcard Boolean Whether the provided query parameter value is a wildcard. This only applies to the uriQueryMatch condition type.
Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[].exceptions: Contains details about the exceptions under which the rule’s action doesn’t trigger.
anyHeaderCookieOrParam Array The list of request attributes to treat as rule exceptions. The possible values are COOKIE, JSON_PARAM for a JSON parameter, XML_PARAM for an XML parameter, REQ_PARAM for a request parameter, and REQ_HDR for a request header. Use this option if you can’t get an exhaustive list of elements to exclude or the list is too large. You can exclude several attributes.
headerCookieOrParamValues Array The list of excepted values in headers, cookies, or query parameters.
specificHeaderCookieOrParamNames Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[].exceptions.specificHeaderCookieOrParamNames Contains details about the excepted request attribute name.
specificHeaderCookieOrParamNameValue Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[].exceptions.specificHeaderCookieOrParamNameValue Contains details about the excepted name-value pair in a request.
specificHeaderCookieOrParamPrefix Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[].exceptions.specificHeaderCookieOrParamPrefix Contains details about the excepted request attribute name prefix.
Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[].exceptions.specificHeaderCookieOrParamNames: Contains details about the excepted request attribute name.
names Array The list of request attribute names.
selector Enumeration The request attribute that includes the excepted name. Either COOKIE, JSON_PARAM for a JSON parameter, XML_PARAM for an XML parameter, REQ_PARAM for a request parameter, or REQ_HDR for a request header.
Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[].exceptions.specificHeaderCookieOrParamNameValue: Contains details about the excepted name-value pair in a request.
name String The name of the request attribute.
selector Enumeration The request attribute that includes the excepted name-value pair. Either COOKIE, JSON_PARAM for a JSON parameter, XML_PARAM for an XML parameter, REQ_PARAM for a request parameter, or REQ_HDR for a request header.
value String The value of the request attribute.
Export.securityPolicies[].webApplicationFirewall.evaluation.ruleActions[].exceptions.specificHeaderCookieOrParamPrefix: Contains details about the excepted request attribute name prefix.
prefix String The request attribute name prefix.
selector Enumeration The request attribute that includes the excepted name prefix. Either COOKIE, JSON_PARAM for a JSON parameter, XML_PARAM for an XML parameter, REQ_PARAM for a request parameter, or REQ_HDR for a request header.
Export.securityPolicies[].webApplicationFirewall.ruleActions[]: The list of rules in the security policy and the actions to perform when a request violates the rule.
action String The action to take when a request violates the rule.
conditions Export.securityPolicies[].webApplicationFirewall.ruleActions[].conditions[] The list of conditions that trigger the rule.
exceptions Export.securityPolicies[].webApplicationFirewall.ruleActions[].exceptions Contains details about the exceptions under which the rule’s action doesn’t trigger.
id Integer Uniquely identifies the rule.
rulesetVersionId Integer Uniquely identifies the rule set version.
Export.securityPolicies[].webApplicationFirewall.ruleActions[].conditions[]: The list of conditions that trigger the rule.
caseSensitive Boolean Whether to consider the case-sensitivity of the provided query parameter value. This only applies to the uriQueryMatch condition type.
extensions Array The file extensions that trigger the condition. This only applies to the extensionMatch condition type.
filenames Array The filenames that trigger the condition. This only applies to the filenameMatch condition type.
header Enumeration The name of the HTTP header to check for. Either referer or user-agent. This only applies to the requestHeaderMatch condition type.
hosts Array The hostnames that trigger the condition. This only applies to the hostMatch condition type.
ips Array The IPs that trigger the condition. This only applies to the ipMatch condition type.
methods Array The HTTP request methods that trigger the condition. The possible values are GET, POST, HEAD, PUT, and DELETE. This only applies to the requestMethodMatch condition type.
name String The query parameter name that triggers the condition. This only applies to the uriQueryMatch condition type.
nameCase Boolean Whether to consider the case-sensitivity of the provided query parameter name. This only applies to the uriQueryMatch condition type.
paths Array The paths that trigger the condition. This only applies to the pathMatch condition type.
positiveMatch Boolean Whether the condition should trigger on a match (true) or a lack of match (false).
type Enumeration The condition type to match on. See Export condition type values.
useHeaders Boolean Whether the condition should include the X-Forwarded-For (XFF) headers. This only applies to the ipMatch condition type.
value String The query parameter value if the condition type is uriQueryMatch and header value if the condition type is requestHeaderMatch. This only applies to the uriQueryMatch and requestHeaderMatch condition types.
valueCase Boolean Whether to consider the case-sensitivity of the provided header value. This only applies to the requestHeaderMatch condition type.
valueWildcard Boolean Whether the provided header value is a wildcard. This only applies to the requestHeaderMatch condition type.
wildcard Boolean Whether the provided query parameter value is a wildcard. This only applies to the uriQueryMatch condition type.
Export.securityPolicies[].webApplicationFirewall.ruleActions[].exceptions: Contains details about the exceptions under which the rule’s action doesn’t trigger.
anyHeaderCookieOrParam Array The list of request attributes to treat as rule exceptions. The possible values are COOKIE, JSON_PARAM for a JSON parameter, XML_PARAM for an XML parameter, REQ_PARAM for a request parameter, and REQ_HDR for a request header. Use this option if you can’t get an exhaustive list of elements to exclude or the list is too large. You can exclude several attributes.
headerCookieOrParamValues Array The list of excepted values in headers, cookies, or query parameters.
specificHeaderCookieOrParamNames Export.securityPolicies[].webApplicationFirewall.ruleActions[].exceptions.specificHeaderCookieOrParamNames Contains details about the excepted request attribute name.
specificHeaderCookieOrParamNameValue Export.securityPolicies[].webApplicationFirewall.ruleActions[].exceptions.specificHeaderCookieOrParamNameValue Contains details about the excepted name-value pair in a request.
specificHeaderCookieOrParamPrefix Export.securityPolicies[].webApplicationFirewall.ruleActions[].exceptions.specificHeaderCookieOrParamPrefix Contains details about the excepted request attribute name prefix.
Export.securityPolicies[].webApplicationFirewall.ruleActions[].exceptions.specificHeaderCookieOrParamNames: Contains details about the excepted request attribute name.
names Array The list of request attribute names.
selector Enumeration The request attribute that includes the excepted name. Either COOKIE, JSON_PARAM for a JSON parameter, XML_PARAM for an XML parameter, REQ_PARAM for a request parameter, or REQ_HDR for a request header.
Export.securityPolicies[].webApplicationFirewall.ruleActions[].exceptions.specificHeaderCookieOrParamNameValue: Contains details about the excepted name-value pair in a request.
name String The name of the request attribute.
selector Enumeration The request attribute that includes the excepted name-value pair. Either COOKIE, JSON_PARAM for a JSON parameter, XML_PARAM for an XML parameter, REQ_PARAM for a request parameter, or REQ_HDR for a request header.
value String The value of the request attribute.
Export.securityPolicies[].webApplicationFirewall.ruleActions[].exceptions.specificHeaderCookieOrParamPrefix: Contains details about the excepted request attribute name prefix.
prefix String The request attribute name prefix.
selector Enumeration The request attribute that includes the excepted name prefix. Either COOKIE, JSON_PARAM for a JSON parameter, XML_PARAM for an XML parameter, REQ_PARAM for a request parameter, or REQ_HDR for a request header.
Export.siem[]: The SIEM details in the configuration version.
enabledBotmanSiemEvents Boolean Whether you enabled SIEM for the Bot Manager events.
enableForAllPolicies Boolean Whether you enabled SIEM for all the security policies in the configuration version. This takes precedence when both firewallPolicyIds and enableForAllPolicies are present.
enableSiem Boolean Whether you enabled SIEM in the security configuration version.
firewallPolicyIds Array The list of security policy identifiers for which to enable the SIEM integration.
siemDefinitionId Integer Uniquely identifies the SIEM settings.
Export.staging: Specifies the configuration version’s activation status on the staging network.
action Enumeration The action you performed on the configuration version. Either ACTIVATE or DEACTIVATE.
status Enumeration The activation status. Either Pending, Active, Inactive, Deactivated, Failed.
time String The ISO 8601 timestamp when you activated the configuration version.

Export condition type values

You can specify any of these values as an Export condition type:

type value… Matches on…
extensionMatch File extensions
filenameMatch Filenames
hostMatch Hostnames
ipMatch IP addresses
pathMatch Paths
requestHeaderMatch Request headers
requestMethodMatch Request methods
uriQueryMatch Query parameters

Export match condition type values

You can specify any of these values as an Export match condition type

type value… Matches on…
AsNumberCondition The requesting client’s autonomous number
IpAddressCondition IP addresses
NetworkListCondition Network lists
RequestHeaderCondition Request headers
RequestMethodCondition Request HTTP methods
ResponseHeaderCondition Response headers
ResponseStatusCondition Response statuses
UserAgentCondition Specific software like a browser or browser version

Export header values

When exporting a configuration version, you can specify these headers:

Accept
Accept-Charset
Accept-Encoding
Accept-Language
Accept-Ranges
Access-Control-Allow-Origin
Age
Allow
Cache-Control
Connection
Content-Disposition
Content-Encoding
Content-Language
Content-Length
Content-Location
Content-MD5
Content-Range
Content-Security-Policy
Content-Type
DNT
Date
Etag
Expect
Expires
From
Host
If-Match
If-Modified-Since
If-None-Match
If-Range
If-Unmodified-Since
Last-Modified
Link
Location
Max-Forwards
Origin
P3P
Pragma
Proxy-Authenticate
Range
Referer
Refresh
Retry-After
Server
Strict-Transport-Security
TE
Trailer
Transfer-Encoding
Upgrade
User-Agent
Vary
Via
WWW-Authenticate
Warning
X-Content-Security-Policy
X-Content-Type-Options
X-Forwarded-For
X-Forwarded-Proto
X-Frame-Options
X-Powered-By
X-Requested-With
X-UA-Compatible
X-WebKit-CSP
X-XSS-Protection

Errors

This section provides details on the data object that reflects the API’s common response to error cases, and lists the API’s range of response status codes for both error and success cases.

Error responses

EdgeGrid responds with HTTP Problem error objects that provide details useful for debugging. For example:

{
    "type": "https://problems.luna.akamaiapis.net/appsec-resource/error-types/ACCESS-DENIED",
    "title": "Forbidden",
    "status":403,
    "detail": "You do not have the necessary access to perform this operation or the requested resource cannot be modified",
    "instance": "https://problems.luna.akamaiapis.net/appsec/error-instances/d54686b5-21cb-4ab7-a8d6-a92282cf1749"
}

HTTP status codes

The API returns these HTTP status codes for both success and failure scenarios:

Code Description
200 The operation was successful.
201 Resource successfully created.
400 Bad Request.
403 Access is forbidden.
404 Resource not found.
409 Conflict with current state of resource.