Fast Purge API v3

Purge content from your edge servers by URL, content provider (CP) code, or cache tag.

Learn more:


Overview

The Fast Purge API (formerly known as Content Control Utility API v3, or CCU API v3) provides a programmatic interface for you to purge edge content. In this version, you can purge any set of URLs, Content Provider (CP) codes, or cache tags. Delivery products such as Ion, Adaptive Media Delivery, Dynamic Delivery, and Dynamic Site Accelerator all support Fast Purge. To purge streaming content, use the Content Control Utility API v2.

If you’re a developer, website architect, or content administrator, you can use the Akamai Control Center to purge content. For details, see the Fast Purge quick start.

For users of the legacy Content Control Utility REST API, this API leverages the Fast Purge utility. If you’d like to convert your API programs to use the Fast Purge utility, see the migration instructions.

For more information about Fast Purge, see Fast Purge API concepts.

Who should use this API

The Fast Purge API is a simple API that enables purging content at the edge. It allows developers and architects to purge individual URLs or grouped content via CP code or Cache Tag within approximately five seconds.

The API also comes with a CLI version that you can set up as a task within automation tools such as CircleCI or Jenkins.

For more information on content control using TTL (Time to Live) methods, refer to Time to Live (TTL) in Cache: Methods and Considerations.

Get started

To configure this API for the first time:

  • Review Get Started with APIs for details on how to set up client tokens to access any Akamai API. These tokens appear as custom hostnames that look like this: https://akzz-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX.luna.akamaiapis.net.

  • To enable this API, filter the API listings to display OPEN CCU / Fast Purge APIs. Then select the API service named CCU APIs, and set the access level to READ-WRITE.

  • Review Identity and Access Management for details on how to create your API access credentials and authorizations. When creating, adding, and naming clients for API access, do so under CCU APIs, not Luna APIs. Note that you can select all CP codes when configuring your API credentials. This means all current and future CP codes on the current contract, not all CP codes on the account.

  • Get help from our developer community or Technical Support, and provide feedback. You can also contact your account representative for support. We want to hear from you!

Fast Purge API concepts

This section describes the conceptual objects you deal with when interacting with this API, and provides pointers to where you can learn more.

  • Fast Purge. The Fast Purge utility completes purge requests within approximately five seconds. Fast Purge supports requests to invalidate or delete URLs and CP codes on Akamai staging and production networks. You should typically invalidate, as it will cause the edge server to treat content as though its TTL has expired. You should use delete for compliance or copyright-related purge requests, as it completely removes all content from servers.

    • invalidation. Content invalidation, or refresh request, is the default purge action in most cases. An invalidation purge action causes Akamai edge servers to send an If-Modified-Since (IMS) request to the origin on subsequent requests for invalidated content. If the timestamp of the object at the origin is more recent than the one in cache, the latter is replaced by the new object from the origin. Otherwise, it is re-validated for the duration of the TTL. If an object does not have a Last-Modified header, a regular GET request is sent to origin.

      NOTE: To avoid serving stale content, ensure the Last-Modified-Timestamp (LMT) value on the origin server is updated to a newer timestamp than the LMT value of the current object.

    • deletion. This purge actions removes the object from cache so that it is no longer available to be served to clients. Deleting content results in an expensive GET request to the origin server, and prevents Akamai from serving this content stale if the origin server is down.

  • content provider (CP) code. A CP code identifies a set, typically a subset, of content on your origin server. CP codes also provide additional granularity in reports and to track billing. Each contract supports at least one CP code. You cannot apply the same CP code to content under more than one contract. If you’re using Property Manager, use the Property Manager API (PAPI) to retrieve a list of CP codes available for a selected contract and group. PAPI also allows you to generate new CP codes, assign them to properties, and apply them within property rules.

  • cache key. The cache key is an index entry for an object in cache. By default, Akamai uses the entire uniform resource identifier (URI) and query string to identify cached objects. You can specify a custom cache key to cache different versions of an object based on differences in query parameters and other differences such as variations in device characteristics..

  • cache tag. A label that you assign to content from the origin, typically by way of the Edge-Cache-Tag header. Once a set of objects have been cached with a tag, they can be purged together with a single Fast Purge API call. You can apply many tags to any object, allowing you to purge by any overlapping set of classifications you define, such as black-friday, flash-sale, electronics, laptops, tablets. If an object matches any one of the tags in a purge request, then its cache will be refreshed. Note that cache tags are case-sensitive.

Cache tag constraints and other considerations

  • Do not include more than one Edge-Cache-Tag header. Only the first applies.

  • Tags in headers are derived from the ABNF token format (see RFC 7230).

  • Prohibited tag characters are whitespace characters or any of the following: *"(),:;<=>?@\[]{}

  • Tag names cannot exceed 128 bytes.

  • Use commas to delimit more than one value in the Edge-Cache-Tag header.

  • End users do not receive the Edge-Cache-Tag header.

  • If you use Drupal for content management, the Akamai Drupal 8 module can help you tag content.

  • For information on effective ways to use cache tags to purge content, see best practices.

  • Logically, cache tags should be considered part of the tagged content. Thus, new or changed tags need to be returned with a 200 response from the origin. A 304 response does not update the cache tags.

  • To make sure that tags are assigned to all targeted objects on the Akamai network, wait until they refresh based on their TTL value, or explicitly purge them when adding or changing tags.

Sample code and use cases

For sample code related to this API, see the api-kickstart repository.

For sample use cases, see the examples folder in the api-kickstart repository. It is continually updated with new examples for Akamai APIs.

Rate limiting

This API uses rate controls to limit the number of purge requests that clients within a single account can make for a given time. It also limits the rate of URLs, CP codes, or cache tags that can be submitted. When rate limits are applied, the requests from all clients associated with the same account are counted together.

The following shows the enforced rate limits for API requests in general and for each type of object. An individual API request can include many URLs, CP codes, or cache tags.

Limit Type Sustained Rate Burst
API request 50 requests per second 100 requests
URL 200 URLs per second 10,000 URLs
CP code 30 CP codes per minute 300 CP codes
Cache tag 500 cache tags per minute 5,000 cache tags

The rate limiting algorithm used for sustained rate and burst follows a token bucket model.

There is one bucket for requests and a separate bucket for each object type (URLs, CP codes, and cache tags). The burst value in the table above represents how many tokens the bucket can hold. The buckets start full of tokens. Tokens are added to the bucket constantly based on the sustained rate. Once the bucket is full, no more tokens can be added.

When an API request is made, the request may contain either URLs, CP codes or cache tags. First, the API request bucket is checked for tokens. If a token is available, one token is removed from the bucket. Next, the object type bucket is checked for tokens. The object type bucket needs to contain enough tokens to satisfy all of the objects in the request. If there are enough tokens, they are removed from the bucket and the request is accepted. If there are not enough tokens in the object bucket, no tokens are removed, the API request token is returned to the API request bucket, and the entire request is denied.

For example, the token bucket for cache tags holds 5,000 tokens and refills at a rate of 500 tokens per minute. You can submit a burst of 5,000 cache tags if the token bucket is full, but this will completely empty the token bucket. Cache tag tokens are refilled at 500 tokens per minute, so after one minute, the bucket will have 500 tokens in it and another request with up to 500 objects can be processed.

You can submit a burst of 5,000 tags every 10 minutes, 1,000 cache tags every 2 minutes, or 500 cache tags every minute. In all cases, the average sustained rate is still 500 cache tags per minute. If you submit a burst of 5,000 cache tags followed immediately by another request for 500 cache tags, the second request for 500 cache tags will be denied because there aren’t enough tokens left.

To purge more objects while remaining within defined limits, consider combining many objects into a single API request and reducing the rate of requests. A single API request may contain many objects of the same type, as long as the request body is smaller than 50,000 bytes.

Rate limit headers

When a request is denied due to rate limiting, the API responds with a 429 error, along with various X-Ratelimit-* HTTP headers and rateLimit* JSON members in the response body.

The following shows the rate limiting response headers returned by the API. These response headers appear when a request is accepted or denied.

Rate Header Description
X-Ratelimit-Limit-Per-Second The sustained rate limit for API requests per second.
X-Ratelimit-Limit The burst limit for API requests.
X-Ratelimit-Remaining Number of API requests remaining before the rate limit is exceeded.
X-Ratelimit-Limit-Per-Second-Objects The sustained rate limit for objects per second. This value depends on the purge type being requested: URL, CP code, or cache tag.
X-Ratelimit-Limit-Objects The burst limit for objects. This value depends on the purge type being requested: URL, CP code, or cache tag.
X-Ratelimit-Remaining-Objects Number of objects remaining before the rate limit is exceeded. This value depends on the purge type being requested: URL, CP code, or cache tag.

Response body

Rate limit headers are present in success and failure responses, while the rate limit response body members are only present in responses that are denied due to rate limiting.

The following shows the rate limiting response body JSON members for a 429 failure response.

Response Body JSON Member Description
title Identifies the type of rate limit exceeded. The value is Rate Limit exceeded for API requests. For objects, the value can be URL Rate Limit exceeded, CPCODE Rate Limit exceeded, or TAG Rate Limit exceeded.
rateLimit The burst limit for the limit type that was exceeded.
rateLimitRemaining The number of API requests remaining before the rate limit is exceeded.
rateLimitCurrentRequestSize The number of items in the request that exceeded this limit.

Response examples

The following examples show 429 failure responses when a URL purge request has exceeded an API request rate limit and an object rate limit.

In the first 429 failure response below, the Rate Limit exceeded title in the response body shows that the API request rate limit was exceeded. The X-Ratelimit-Remaining header value is 0 and the rateLimitRemaining response member is 0. This means that there were no additional API requests remaining at this moment, and the request was denied.

To stay within the rate limits, you can reduce the API request rate and use the remaining 9904 URL objects, shown in the X-Ratelimit-Remaining-Objects response header, in each purge request. This allows for a comparable purge rate without exceeding the rate limit.

HTTP/1.1 429 Too Many Requests
Date: Tue, 12 Mar 2019 21:14:01 GMT
Content-Length: 239
Content-Type: application/api-problem+json
X-Ratelimit-Remaining: 0
X-Ratelimit-Limit-Per-Second: 50.00
X-Ratelimit-Limit: 100
X-Ratelimit-Remaining-Objects: 9904
X-Ratelimit-Limit-Per-Second-Objects: 200.00
X-Ratelimit-Limit-Objects: 10000

{
  "supportId": "17PY1552425241133633-211776704",
  "title": "Rate Limit exceeded",
  "httpStatus": 429,
  "describedBy": "https://api.ccu.akamai.com/ccu/v2/errors/Rate-Limit-exceeded",
  "rateLimit": 100,
  "rateLimitCurrentRequestSize": 1,
  "rateLimitRemaining": 0
}

In this next 429 failure response, the URL Rate Limit exceeded title in the response body shows that an object URL rate limit was exceeded. Note that the object rate limit for a URL purge request is 200 URLs per second, as shown in the X-Ratelimit-Limit-Per-Second-Objects header. The rateLimitRemaining response member is 94, which was the number of URLs available to purge at that moment. When the purge request was submitted, it contained 110 URLs, as shown in the rateLimitCurrentRequestSize response member. Because the request was 16 URLs over the current limit of 94, it was denied.

To maximize the purge rate without waiting, you can truncate the request to contain 94 URLs, then resubmit it immediately. Alternatively, wait until you can purge all 110 URLs at once, which in this case would only take 80 milliseconds.

HTTP/1.1 429 Too Many Requests
Date: Tue, 12 Mar 2019 21:14:31 GMT
Content-Length: 251
Content-Type: application/api-problem+json
X-Ratelimit-Remaining: 40
X-Ratelimit-Limit-Per-Second: 50.00
X-Ratelimit-Limit: 100
X-Ratelimit-Remaining-Objects: 94
X-Ratelimit-Limit-Per-Second-Objects: 200.00
X-Ratelimit-Limit-Objects: 10000

{
  "supportId": "17PY1552425341153293-211776704",
  "title": "URL Rate Limit exceeded",
  "httpStatus": 429,
  "describedBy": "https://api.ccu.akamai.com/ccu/v2/errors/URL-Rate-Limit-exceeded",
  "rateLimit": 10000,
  "rateLimitCurrentRequestSize": 110,
  "rateLimitRemaining": 94
}

In addition, the API guards against DoS level traffic flows. For example, when a single API client attempts to submit hundreds of requests per second, the API responds with a 400 error for web application firewall (WAF) rate-controlled clients.

HTTP/1.1 400 Bad Request
Content-Length: 427
Date: Thu, 01 Mar 2018 18:46:03 GMT
Connection: close
Content-Type: application/problem+json

{
    "type": "https://problems.purge.akamaiapis.net/-/pep-authn/request-error",
    "title": "Bad request",
    "status": 400,
    "detail": "WAF deny rule IPBLOCK-BURST4-27754",
    "instance": "https://akab-cj2eq2kcsv7cpt75-bi4ae4mdehbj2p4a.purge.akamaiapis.net/ccu/v3/invalidate/url",
    "method": "POST",
    "serverIp": "104.76.97.105",
    "clientIp": "24.2.26.125",
    "requestId": "1dd8d22",
    "requestTime": "2018-03-01T18:46:03Z"
}

Resources

This section provides details on the API’s various operations.

API summary

Download the RAML descriptors for this API.

Operation Method Endpoint
Invalidations  
Invalidate by URL POST /ccu/v3/invalidate/url/{network}
Invalidate by CP code POST /ccu/v3/invalidate/cpcode/{network}
Invalidate by cache tag POST /ccu/v3/invalidate/tag/{network}
Deletions  
Delete by URL POST /ccu/v3/delete/url/{network}
Delete by CP code POST /ccu/v3/delete/cpcode/{network}
Delete by cache tag POST /ccu/v3/delete/tag/{network}

Invalidate by URL

Invalidates content on the selected URL for the selected network. You should consider invalidating content by default. This keeps each object in cache until the version on your origin server is newer. Deletion retrieves the object regardless, which can dramatically increase the load on your origin server and would prevent Akamai from serving the old content if your origin is unreachable.

POST /ccu/v3/invalidate/url/{network}

Sample: /ccu/v3/invalidate/url/staging

Content-Type: application/json

Object type: UrlRequest

Download schema: UrlRequest.json

Request Body:

{
    "objects": [
        "https://foo1.bar.com/some/path",
        "http://foo2.bar.com/some/other/path"
    ]
}
Parameter Type Sample Description
URL parameters
network Enumeration staging The network on which you want to invalidate or delete content, either staging or the default production network. If omitting this optional parameter, also omit any trailing slash from the shortened URL.

Status 201 application/json

Object type: Response

Download schema: Response.json

Response Body:

{
    "httpStatus": 201,
    "estimatedSeconds": 5,
    "purgeId": "e535071c-26b2-11e7-94d7-276f2f54d938",
    "supportId": "17PY1492793544958045-219026624",
    "detail": "Request accepted"
}

Invalidate by CP code

Invalidates content on the selected CP code for the selected network. You should consider invalidating content by default. This keeps each object in cache until the version on your origin server is newer. Deletion retrieves the object regardless, which can dramatically increase the load on your origin server and would prevent Akamai from serving the old content if your origin is unreachable.

POST /ccu/v3/invalidate/cpcode/{network}

Sample: /ccu/v3/invalidate/cpcode/staging

Content-Type: application/json

Object type: CpCodeRequest

Download schema: CPCodeRequest.json

Request Body:

{
    "objects": [
        12345,
        98765
    ]
}
Parameter Type Sample Description
URL parameters
network Enumeration staging The network on which you want to invalidate or delete content, either staging or the default production network. If omitting this optional parameter, also omit any trailing slash from the shortened URL.

Status 201 application/json

Object type: Response

Download schema: Response.json

Response Body:

{
    "httpStatus": 201,
    "estimatedSeconds": 5,
    "purgeId": "e535071c-26b2-11e7-94d7-276f2f54d938",
    "supportId": "17PY1492793544958045-219026624",
    "detail": "Request accepted"
}

Invalidate by cache tag

Invalidates content on the selected set of cache tags for the selected network. You should consider invalidating content by default. This keeps each object in cache until the version on your origin server is newer. Deletion retrieves the object regardless, which can dramatically increase the load on your origin server and would prevent Akamai from serving the old content if your origin is unreachable.

POST /ccu/v3/invalidate/tag/{network}

Sample: /ccu/v3/invalidate/tag/staging

Content-Type: application/json

Object type: TagRequest

Download schema: TagRequest.json

Request Body:

{
    "objects": [
        "black-friday",
        "electronics",
        "laptops",
        "tablets"
    ]
}
Parameter Type Sample Description
URL parameters
network Enumeration staging The network on which you want to invalidate or delete content, either staging or the default production network. If omitting this optional parameter, also omit any trailing slash from the shortened URL.

Status 201 application/json

Object type: Response

Download schema: Response.json

Response Body:

{
    "httpStatus": 201,
    "estimatedSeconds": 5,
    "purgeId": "e535071c-26b2-11e7-94d7-276f2f54d938",
    "supportId": "17PY1492793544958045-219026624",
    "detail": "Request accepted"
}

Delete by URL

Deletes content on the selected URL for the selected network. In most cases, you should invalidate rather than delete content.

POST /ccu/v3/delete/url/{network}

Sample: /ccu/v3/delete/url/staging

Content-Type: application/json

Object type: UrlRequest

Download schema: UrlRequest.json

Request Body:

{
    "objects": [
        "https://foo1.bar.com/some/path",
        "http://foo2.bar.com/some/other/path"
    ]
}
Parameter Type Sample Description
URL parameters
network Enumeration staging The network on which you want to invalidate or delete content, either staging or the default production network. If omitting this optional parameter, also omit any trailing slash from the shortened URL.

Status 201 application/json

Object type: Response

Download schema: Response.json

Response Body:

{
    "httpStatus": 201,
    "estimatedSeconds": 5,
    "purgeId": "e535071c-26b2-11e7-94d7-276f2f54d938",
    "supportId": "17PY1492793544958045-219026624",
    "detail": "Request accepted"
}

Delete by CP code

Deletes content on the selected CP code for the selected network. In most cases, you should invalidate rather than delete content.

POST /ccu/v3/delete/cpcode/{network}

Sample: /ccu/v3/delete/cpcode/staging

Content-Type: application/json

Object type: CpCodeRequest

Download schema: CPCodeRequest.json

Request Body:

{
    "objects": [
        12345,
        98765
    ]
}
Parameter Type Sample Description
URL parameters
network Enumeration staging The network on which you want to invalidate or delete content, either staging or the default production network. If omitting this optional parameter, also omit any trailing slash from the shortened URL.

Status 201 application/json

Object type: Response

Download schema: Response.json

Response Body:

{
    "httpStatus": 201,
    "estimatedSeconds": 5,
    "purgeId": "e535071c-26b2-11e7-94d7-276f2f54d938",
    "supportId": "17PY1492793544958045-219026624",
    "detail": "Request accepted"
}

Delete by cache tag

Deletes content on the selected set of cache tags for the selected network. In most cases, you should invalidate rather than delete content.

POST /ccu/v3/delete/tag/{network}

Sample: /ccu/v3/delete/tag/staging

Content-Type: application/json

Object type: TagRequest

Download schema: TagRequest.json

Request Body:

{
    "objects": [
        "black-friday",
        "electronics",
        "laptops",
        "tablets"
    ]
}
Parameter Type Sample Description
URL parameters
network Enumeration staging The network on which you want to invalidate or delete content, either staging or the default production network. If omitting this optional parameter, also omit any trailing slash from the shortened URL.

Status 201 application/json

Object type: Response

Download schema: Response.json

Response Body:

{
    "httpStatus": 201,
    "estimatedSeconds": 5,
    "purgeId": "e535071c-26b2-11e7-94d7-276f2f54d938",
    "supportId": "17PY1492793544958045-219026624",
    "detail": "Request accepted"
}

Data

This section provides details for each type of data object the API exchanges.

Download the JSON schemas for this API.

The data schema tables below list membership requirements as follows:

Member is required in requests, or always present in responses, even if its value is empty or null.
Member is optional, and may be omitted in some cases.

UrlRequest

Specifies a list of URLs to invalidate or delete.

Download schema: UrlRequest.json

Sample POST request:

{
    "objects": [
        "https://foo1.bar.com/some/path",
        "http://foo2.bar.com/some/other/path"
    ]
}

UrlRequest members

Member Type Required Description
UrlRequest: Specifies a list of URLs to invalidate or delete.
objects Array Lists URLs to purge. Purges content for both http and https schemes.

UrlRequestWithHostname

Specifies a list of server paths to invalidate or delete for a common hostname.

Download schema: UrlRequestWithHostname.json

Sample POST request:

{
    "hostname": "origin.qux.com",
    "objects": [
        "/some/path/object1",
        "/some/other/path/object2"
    ]
}

UrlRequestWithHostname members

Member Type Required Description
UrlRequestWithHostname: Specifies a list of server paths to invalidate or delete for a common hostname.
hostname String Identifies the domain from which the content is purged.
objects Array Lists server paths. Purges content for both http and https schemes.

CpCodeRequest

Specifies a list of CP codes to invalidate or delete.

Download schema: CPCodeRequest.json

Sample POST request:

{
    "objects": [
        12345,
        98765
    ]
}

CpCodeRequest members

Member Type Required Description
CpCodeRequest: Specifies a list of CP codes to invalidate or delete.
objects Array For CP code-based operations, an array of the CP codes you want to purge.

TagRequest

Specifies a list of cache tags to invalidate or delete.

Download schema: TagRequest.json

Sample POST request:

{
    "objects": [
        "black-friday",
        "electronics",
        "laptops",
        "tablets"
    ]
}

TagRequest members

Member Type Required Description
TagRequest: Specifies a list of cache tags to invalidate or delete.
objects Array An array of cache tag strings you want to purge.

Response

V3 Purge response schema

Download schema: Response.json

Sample POST response:

{
    "httpStatus": 201,
    "estimatedSeconds": 5,
    "purgeId": "e535071c-26b2-11e7-94d7-276f2f54d938",
    "supportId": "17PY1492793544958045-219026624",
    "detail": "Request accepted"
}

Response members

Member Type Required Description
Response: V3 Purge response schema
describedBy String The URL for the API’s machine readable documentation, for example, https://api.ccu.akamai.com/ccu/v2/errors/internal-error. It describes the error code in more detail.
detail String Detailed information about the HTTP status code returned with the response.
estimatedSeconds Integer The estimated number of seconds before the purge is to complete.
httpStatus Integer The HTTP code that indicates the status of the request to invalidate or purge content. Successful requests yield a 201 code.
purgeId String Unique identifier for the purge request.
supportId String Identifier to provide Akamai Technical Support if issues arise.
title String Describes the response type, for example, Rate Limit exceeded.

Errors

This section shows you how to handle various kinds of errors the Fast Purge API generates and lists the range of HTTP status codes along with their likely causes.

NOTE: It is strongly recommended that you code test the response. The response is not hard coded, and can be different.

Error responses

The format of error response objects follows the JSON Problem Details standard, and are identified with the application/api-problem+json content type.

The following example shows an error response for a request processed by Fast Purge.

{
    "supportId": "17PY1234567890123456-123456789",
    "title": "Unauthorized",
    "httpStatus": 401,
    "detail": "You are not authorized to invalidate this resource.",
    "describedBy": "https://api.ccu.akamai.com/ccu/v3/errors/unauthorized"
}

The describedBy link describes the error code in more detail. For example, a link may provide the following information:

<html>
<head><title>unauthorized-url</title></head>
<body>Permission to purge an url was denied.<p>
The detail element of the response may contain additional information.</p>
</body>
</html>

HTTP status codes

The Fast Purge API responds with these standard HTTP response codes:

Code Description
201 Successful POST of a purge request.
400 Bad request. Often this is an error in the JSON purge request and you’ll want to check all parameters. The API also responds with an error when DoS-level traffic for web application firewall (WAF) rate-controlled clients exceed the limit of requests per second (see Rate limiting).
401 The request requires authentication. Check credentials used to connect to the edge server.
403 Forbidden. The authorization token does not allow access to the resource. For example, the request may specify products not authorized on a contract. Check the authorizations for the client and the property configurations being purged.
413 Request entity too large. The request was denied because it exceeds the maximum message body size, which is 50,000 bytes. Review your request and edit as needed to be under the 50,000 byte limit.
415 Bad media type. Verify the following header is present in the request: Content-Type: application/json.
429 Too many requests. Exceeded the limit of requests per second (see Rate limiting). Wait five seconds, then retry once there are enough tokens to handle the request.
500 Internal server error.
503 Service is temporarily unavailable.
507 Insufficient storage. Wait five seconds, then retry your request.

Last modified: 5/1/2019