- Overview
- Resources
- API summary
- List Content Providers
- Get a Content Provider
- Create a New CDN prefix
- List CDN prefixes
- Update a CDN Prefix
- Delete a CDN prefix
- Get a CDN prefix
- Update a rule tree
- Get a rule tree
- Create a new origin
- List origins
- Update an origin
- Delete an origin
- Get an origin
- Create a new TLS delivery profile
- List TLS delivery profiles
- Update a TLS delivery profile
- Delete a TLS delivery profile
- Get a TLS delivery profile
- List CDN prefixes for a TLS delivery profile
- Create a new TLS ingest profile
- List TLS ingest profiles
- Update a TLS ingest profile
- Delete a TLS ingest profile
- Get a TLS ingest profile
- List origins for a TLS delivery profile
- Create a new shared secret set
- List shared secret sets
- Delete a shared secret
- Get a shared secret set
- Update secrets
- Get secrets
- List errors
- Data
- ContentProvider
- CdnPrefix
- Origin
- TlsDeliveryProfile
- TlsIngestProfile
- Certificate
- SharedSecretSet
- Secrets
- Rule
- Behavior
- cacheControlOverride
- cacheKeyUri
- chunkSize
- cors
- defaultHttpDelivery
- defaultHttp2Delivery
- defaultHttpsDelivery
- dscp
- excludedQueryArguments
- externalOriginAuth
- fastcgiAuth
- followRedirect
- frontEndCache
- http2Delivery
- httpDelivery
- httpsDelivery
- keepaliveRequests
- lastMileAcceleration
- limitRate
- originAffinityUri
- originRangeRequest
- originServer
- originServerUri
- purgeKeyUri
- ramOnlyCaching
- siteRedirectMode
- siteRedirectType
- storagePartition
- uriSignature
- udpSyslogAccessLog
- criterion
- Errors
Aura LCDN Content Delivery API v1
Configure content for ingestion, caching, and delivery by an Aura LCDN.
Learn more:
Download this API’s RAML and JSON schema descriptors.
Overview
This API allows the LCDN Operator or Content Provider to define which content will be ingested, cached, and delivered by an Aura LCDN.
Who should use this API
This API allows the CDN operator or content provider to manage their own content delivery options, including origin servers, CDN prefixes, URI Filters and TLS Profiles.
Get started
Before you use the Content Delivery API for the first time:
Contact your Akamai representative to enable it for your account.
A
contentProviderIdis given to the content provider.The content provider must obtain an authorization token using one of the supported flows using the
client_id/client_secretfrom the application created by the CDN operator.Review Get started on tools that Akamai provides for all its APIs.
Before you begin any API operations, you must obtain and store the value of the content provider IDs (
contentProviderId) that you need from the AMC GUI.To obtain content provider IDs, follow these instructions:
Log in to the AMC GUI using an account with LCDN operator privileges.
The default administrator account is
co@domain-name, wheredomain-namespecifies the domain assigned to the AMC. Use the password you configured when you installed and configured the AMC.The CDN Health dashboard opens.
In the CDN Health dashboard, click Configure and under Content Delivery select Content Providers.
In the Content Provider Management page, mouse over the name of a content provider to view the content provider ID.
Store the value of the content provider IDs.
Resources
This section provides details on the API’s various operations. These are the resources reflected in the API’s URLs.
Content Provider: A Content Provider is an organization that has content it wants to deliver via the LCDN.
CDN prefix: A CDN prefix corresponds to the fully qualified domain name (FQDN) at the beginning of a URI, effectively carving out a region of the URI name space to which a set of rules and policies are applied.
Rule tree: A rule object is used to respond to different kinds of requests. A rule consists of a set of children which include criteria that identify which requests to process, and the behaviors to apply to those requests.
Origin: An origin server which contains content that the content provider wants to deliver over the LCDN.
TLS delivery Profile: A profile that specifies the security settings used for TLS connections from the HyperCache for secure content delivery.
TLS ingest profile: A profile that configures the ingest of content from an origin over HTTPS.
Shared secret set: Shared secret set objects contain secret pairs that are used for URI signing, which is used as an authorization method for content delivery.
Secrets: Unique key/index string pairs to be added as members of the secret set.
Note that you need to obtain a contentProviderId value before
running any of the API’s operations. Refer to the Get
started section for instructions.
API summary
Download the RAML descriptors for this API.
| Operation | Method | Endpoint |
|---|---|---|
| Content Delivery | ||
| List Content Providers | GET | /api/ |
| Get a Content Provider | GET | /api/ |
| Create a New CDN prefix | POST | /api/ |
| List CDN prefixes | GET | /api/ |
| Update a CDN Prefix | PUT | /api/ |
| Delete a CDN prefix | DELETE | /api/ |
| Get a CDN prefix | GET | /api/ |
| Update a rule tree | PUT | /api/ |
| Get a rule tree | GET | /api/ |
| Create a new origin | POST | /api/ |
| List origins | GET | /api/ |
| Update an origin | PUT | /api/ |
| Delete an origin | DELETE | /api/ |
| Get an origin | GET | /api/ |
| Create a new TLS delivery profile | POST | /api/ |
| List TLS delivery profiles | GET | /api/ |
| Update a TLS delivery profile | PUT | /api/ |
| Delete a TLS delivery profile | DELETE | /api/ |
| Get a TLS delivery profile | GET | /api/ |
| List CDN prefixes for a TLS delivery profile | GET | /api/ |
| Create a new TLS ingest profile | POST | /api/ |
| List TLS ingest profiles | GET | /api/ |
| Update a TLS ingest profile | PUT | /api/ |
| Delete a TLS ingest profile | DELETE | /api/ |
| Get a TLS ingest profile | GET | /api/ |
| List origins for a TLS delivery profile | GET | /api/ |
| Create a new shared secret set | POST | /api/ |
| List shared secret sets | GET | /api/ |
| Delete a shared secret | DELETE | /api/ |
| Get a shared secret set | GET | /api/ |
| Update secrets | PUT | /api/ |
| Get secrets | GET | /api/ |
| Support resources | ||
| List errors | GET | /api/ |
List Content Providers
This operation provides a list of Content Providers accessible to the principal. For Operators, all Content Providers in the system are returned. For Content Provider users, only the Content Providers that are associated with that user are returned. For Service Provider users, all Content Providers associated with that user and with that Service Provider are returned.
GET /api/
Status 200
application/json
Download schema: content-provider.collection.schema.json
Response body:
{
"contentProviders": [
{
"name": "Content Provider 1",
"contentProviderId": 1
},
{
"name": "Content Provider 2",
"contentProviderId": 2
},
{
"name": "Content Provider 3",
"contentProviderId": 3
}
],
"page": {
"pageNumber": 1,
"pageSize": 100,
"totalPages": 1,
"totalResults": 3
}
}
Get a Content Provider
This operation gets the specified Content Provider.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 4 |
Unique identifier for each Content Provider. |
Status 200
application/json
Object type: ContentProvider
Download schema: content-provider.full.schema.json
Response body:
{
"account": "account1",
"name": "Content Provider 1",
"enable": true,
"contentProviderId": 1,
"serviceProviderId": 2
}
Create a New CDN prefix
This operation creates a new CDN prefix. A CDN prefix is a defined hostname which is referenced by an end user’s request for content. This is accomplished using a DNS lookup directed to a node running the request router service. The request router then determines the HPC node best able to serve that particular end user’s request.
POST /api/
Sample: /api/
Content-Type: application/json
Object type: CdnPrefix
Download schema: cdn-prefix.create.schema.json
Request body:
{
"prefix": "somewhere.com",
"enable": true,
"prefixPrioritization": "HIGH",
"contentProviderId": 3
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
Status 201
application/json
Headers:
Location: https://akzz-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx.luna.akamaiapis.net/api/content-delivery/v1/content-providers/1/cdn-prefixes/1
Object type: CdnPrefix
Download schema: cdn-prefix.full.schema.json
Response body:
{
"cdnPrefixId": 4,
"prefix": "somewhere.com",
"enable": true,
"prefixPrioritization": "HIGH",
"contentProviderId": 3
}
List CDN prefixes
This operation provides a list of the CDN prefixes owned by the content provider.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
Status 200
application/json
Object type: CdnPrefix
Download schema: cdn-prefix.collection.schema.json
Response body:
{
"cdnPrefixes": [
{
"cdnPrefixId": 4,
"prefix": "somewhere.com"
}
],
"page": {
"pageNumber": 1,
"pageSize": 100,
"totalPages": 1,
"totalResults": 1
}
}
Update a CDN Prefix
This operation modifies an existing CDN prefix.
PUT /api/
Sample: /api/
Content-Type: application/json
Object type: CdnPrefix
Download schema: cdn-prefix.full.schema.json
Request body:
{
"cdnPrefixId": 4,
"prefix": "somewhere.com",
"enable": true,
"prefixPrioritization": "HIGH",
"contentProviderId": 3
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
cdnPrefixId |
Integer | 4 |
Unique identifier for each CDN prefix. |
Status 200
application/json
Object type: CdnPrefix
Download schema: cdn-prefix.full.schema.json
Response body:
{
"cdnPrefixId": 4,
"prefix": "somewhere.com",
"enable": true,
"prefixPrioritization": "HIGH",
"contentProviderId": 3
}
If you don’t have a
cdnPrefixIdvalue, run the List CDN prefixes operation and select one from the response’scdnPrefixesarray.Run the Get a CDN prefix operation and store the response object.
Update the CdnPrefix object.
PUT the object back to the same URL as the GET operation:
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ cdn-prefixes/ {cdnPrefixId} The response reflects the updated CdnPrefix object.
Delete a CDN prefix
This operation deletes a CDN prefix.
DELETE /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
cdnPrefixId |
Integer | 4 |
Unique identifier for each CDN prefix. |
Status 204
Run the List CDN prefixes operation and store the
cdnPrefixIdof the relevant CDN prefix from the response.Make a DELETE request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ cdn-prefixes/ {cdnPrefixId}
Get a CDN prefix
This operation provides a list of the CDN prefixes.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
cdnPrefixId |
Integer | 4 |
Unique identifier for each CDN prefix. |
Status 200
application/json
Object type: CdnPrefix
Download schema: cdn-prefix.full.schema.json
Response body:
{
"cdnPrefixId": 4,
"prefix": "somewhere.com",
"enable": true,
"prefixPrioritization": "HIGH",
"contentProviderId": 3
}
If you don’t have a
cdnPrefixIdvalue, run the List CDN prefixes operation and select one from the response’scdnPrefixesarray.Make a GET request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ cdn-prefixes/ {cdnPrefixId} The response is a CdnPrefix object.
Update a rule tree
This operation updates the rule behaviors for a CDN prefix.
PUT /api/
Sample: /api/
Content-Type: application/json
Object type: Rule
Download schema: rules.schema.json
Request body:
{
"defaultBehaviors": [
{
"name": "originServer",
"options": {
"originId": 1
}
}
],
"children": [
{
"name": "first filter",
"criterion": {
"name": "uriFilter",
"options": {
"uriFilterType": "PREFIX_MATCH",
"uriFilterValue": "/objects"
}
},
"behaviors": [
{
"name": "ramOnlyCaching",
"options": {
"enable": true
}
},
{
"name": "fastcgiAuth",
"options": {
"enable": true,
"server": "auth.server:88",
"backupServers": [
"auth2.server:88"
],
"params": {
"foo": "bar"
}
}
},
{
"name": "httpsDelivery",
"options": {
"value": "DISABLE"
}
},
{
"name": "excludedQueryArguments",
"options": {
"value": [
"arg1",
"arg2"
]
}
},
{
"name": "externalOriginAuth",
"options": {
"service": "AMAZON_AWS_S3",
"accessKey": "...",
"secretKey": "...",
"region": "us-east-1",
"signedHeaders": [
"H1"
]
}
},
{
"name": "lastMileAcceleration",
"options": {
"compressionLevel": 6,
"enable": true,
"uaRestrict": "^client100$",
"contentTypes": [
"application/type1",
"application/type2"
]
}
},
{
"name": "limitRate",
"options": {
"bandwidth": 1000,
"unit": "MB_PER_SECOND"
}
},
{
"name": "uriSignature",
"options": {
"protectedPathPattern": "$some/protected/path",
"tokenEncoding": "BASE64",
"tokenParameter": "$signatureToken",
"sharedSecretSetId": 1,
"sharedSecretIndexParameter": "$myParam",
"algorithm": "MD5",
"inputParameterCapitalization": "NO_CHANGE",
"inputParameterPattern": "arg1",
"uriExpirationParameter": "$expires"
}
},
{
"name": "cors",
"options": {
"accessControlMaxAge": 3600,
"enablePreflight": true,
"accessControlAllowHeaders": [
"X-Header1",
"X-Header2"
],
"accessControlAllowMethods": [
"GET",
"HEAD"
],
"accessControlAllowOrigin": {
"allowAllOrigins": true
}
}
}
]
}
]
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
cdnPrefixId |
Integer | 4 |
Unique identifier for each CDN prefix. |
Status 200
application/json
Object type: Rule
Download schema: rules.schema.json
Response body:
{
"defaultBehaviors": [
{
"name": "originServer",
"options": {
"originId": 1
}
}
],
"children": [
{
"name": "first filter",
"criterion": {
"name": "uriFilter",
"options": {
"uriFilterType": "PREFIX_MATCH",
"uriFilterValue": "/objects"
}
},
"behaviors": [
{
"name": "ramOnlyCaching",
"options": {
"enable": true
}
},
{
"name": "fastcgiAuth",
"options": {
"enable": true,
"server": "auth.server:88",
"backupServers": [
"auth2.server:88"
],
"params": {
"foo": "bar"
}
}
},
{
"name": "httpsDelivery",
"options": {
"value": "DISABLE"
}
},
{
"name": "excludedQueryArguments",
"options": {
"value": [
"arg1",
"arg2"
]
}
},
{
"name": "externalOriginAuth",
"options": {
"service": "AMAZON_AWS_S3",
"accessKey": "...",
"secretKey": "...",
"region": "us-east-1",
"signedHeaders": [
"H1"
]
}
},
{
"name": "lastMileAcceleration",
"options": {
"compressionLevel": 6,
"enable": true,
"uaRestrict": "^client100$",
"contentTypes": [
"application/type1",
"application/type2"
]
}
},
{
"name": "limitRate",
"options": {
"bandwidth": 1000,
"unit": "MB_PER_SECOND"
}
},
{
"name": "uriSignature",
"options": {
"protectedPathPattern": "$some/protected/path",
"tokenEncoding": "BASE64",
"tokenParameter": "$signatureToken",
"sharedSecretSetId": 1,
"sharedSecretIndexParameter": "$myParam",
"algorithm": "MD5",
"inputParameterCapitalization": "NO_CHANGE",
"inputParameterPattern": "arg1",
"uriExpirationParameter": "$expires"
}
},
{
"name": "cors",
"options": {
"accessControlMaxAge": 3600,
"enablePreflight": true,
"accessControlAllowHeaders": [
"X-Header1",
"X-Header2"
],
"accessControlAllowMethods": [
"GET",
"HEAD"
],
"accessControlAllowOrigin": {
"allowAllOrigins": true
}
}
}
]
}
]
}
If you don’t have a
cdnPrefixIdvalue, run the List CDN prefixes operation and select one from the response’scdnPrefixesarray.Run the Get a rule tree operation and store the response object.
Update the Rule object.
PUT the object back to the same URL as the GET operation:
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ cdn-prefixes/ {cdnPrefixId}/ rules The response reflects the updated Rule object.
Get a rule tree
This operation displays the default rule behaviors for a CDN prefix.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
cdnPrefixId |
Integer | 4 |
Unique identifier for each CDN prefix. |
Status 200
application/json
Object type: Rule
Download schema: rules.schema.json
Response body:
{
"defaultBehaviors": [
{
"name": "originServer",
"options": {
"originId": 1
}
}
],
"children": [
{
"name": "first filter",
"criterion": {
"name": "uriFilter",
"options": {
"uriFilterType": "PREFIX_MATCH",
"uriFilterValue": "/objects"
}
},
"behaviors": [
{
"name": "ramOnlyCaching",
"options": {
"enable": true
}
},
{
"name": "fastcgiAuth",
"options": {
"enable": true,
"server": "auth.server:88",
"backupServers": [
"auth2.server:88"
],
"params": {
"foo": "bar"
}
}
},
{
"name": "httpsDelivery",
"options": {
"value": "DISABLE"
}
},
{
"name": "excludedQueryArguments",
"options": {
"value": [
"arg1",
"arg2"
]
}
},
{
"name": "externalOriginAuth",
"options": {
"service": "AMAZON_AWS_S3",
"accessKey": "...",
"secretKey": "...",
"region": "us-east-1",
"signedHeaders": [
"H1"
]
}
},
{
"name": "lastMileAcceleration",
"options": {
"compressionLevel": 6,
"enable": true,
"uaRestrict": "^client100$",
"contentTypes": [
"application/type1",
"application/type2"
]
}
},
{
"name": "limitRate",
"options": {
"bandwidth": 1000,
"unit": "MB_PER_SECOND"
}
},
{
"name": "uriSignature",
"options": {
"protectedPathPattern": "$some/protected/path",
"tokenEncoding": "BASE64",
"tokenParameter": "$signatureToken",
"sharedSecretSetId": 1,
"sharedSecretIndexParameter": "$myParam",
"algorithm": "MD5",
"inputParameterCapitalization": "NO_CHANGE",
"inputParameterPattern": "arg1",
"uriExpirationParameter": "$expires"
}
},
{
"name": "cors",
"options": {
"accessControlMaxAge": 3600,
"enablePreflight": true,
"accessControlAllowHeaders": [
"X-Header1",
"X-Header2"
],
"accessControlAllowMethods": [
"GET",
"HEAD"
],
"accessControlAllowOrigin": {
"allowAllOrigins": true
}
}
}
]
}
]
}
If you don’t have a
cdnPrefixIdvalue, run the List CDN prefixes operation and select one from the response’scdnPrefixesarray.Make a GET request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ cdn-prefixes/ {cdnPrefixId}/ rules The response is a Rule object.
Create a new origin
This operation allows a service provider to register a new URL for each origin server that a content provider wants to add to the CDN.
POST /api/
Sample: /api/
Content-Type: application/json
Object type: Origin
Download schema: origin.create.schema.json
Request body:
{
"contentProviderId": 3,
"hostname": "somewhere.com",
"description": "Some place far away",
"enable": true,
"cachingType": "CONSERVATIVE",
"interSiteProtocol": "HTTP",
"intraSiteProtocol": "HTTP",
"enableAuthenticatedContent": false,
"enableSiteRedirects": false
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
Status 201
application/json
Headers:
Location: https://akzz-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx.luna.akamaiapis.net/api/content-delivery/v1/content-providers/1/origins/1
Object type: Origin
Download schema: origin.full.schema.json
Response body:
{
"originId": 3,
"contentProviderId": 3,
"hostname": "somewhere.com",
"description": "Some place far away",
"enable": true,
"cachingType": "CONSERVATIVE",
"interSiteProtocol": "HTTP",
"intraSiteProtocol": "HTTP",
"enableAuthenticatedContent": false,
"enableSiteRedirects": false
}
List origins
This operation displays the origins owned by the
Content Provider specified by contentProviderId.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
Status 200
application/json
Object type: Origin
Download schema: origin.collection.schema.json
Response body:
{
"origins": [
{
"originId": 3,
"url": "somewhere.com"
}
],
"page": {
"pageNumber": 1,
"pageSize": 100,
"totalPages": 1,
"totalResults": 1
}
}
Update an origin
This operation modifies the origin servers associated with a specified content provider.
PUT /api/
Sample: /api/
Content-Type: application/json
Object type: Origin
Download schema: origin.full.schema.json
Request body:
{
"originId": 3,
"contentProviderId": 3,
"hostname": "somewhere.com",
"description": "Some place far away",
"enable": true,
"cachingType": "CONSERVATIVE",
"interSiteProtocol": "HTTP",
"intraSiteProtocol": "HTTP",
"enableAuthenticatedContent": false,
"enableSiteRedirects": false
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
originId |
Integer | 3 |
Unique identifier for each origin. |
Status 200
application/json
Object type: Origin
Download schema: origin.full.schema.json
Response body:
{
"originId": 3,
"contentProviderId": 3,
"hostname": "somewhere.com",
"description": "Some place far away",
"enable": true,
"cachingType": "CONSERVATIVE",
"interSiteProtocol": "HTTP",
"intraSiteProtocol": "HTTP",
"enableAuthenticatedContent": false,
"enableSiteRedirects": false
}
If you don’t have an
originIdvalue, run the List origins operation and select one from the response’soriginsarray.Run the Get an origin operation and store the response object.
Update the Origin object.
PUT the object back to the same URL as the GET operation:
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ origins/ {originId} The response reflects the updated Origin object.
Delete an origin
This operation removes the association of an origin server from the specified content provider.
DELETE /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
originId |
Integer | 3 |
Unique identifier for each origin. |
Status 204
Run the List origins operation and store the
originIdof the relevant origin in the response.Make a DELETE request to delete the origin object from
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ origins/ {originId}
Get an origin
This operation displays a list of origin servers associated with a specified content provider.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
originId |
Integer | 3 |
Unique identifier for each origin. |
Status 200
application/json
Object type: Origin
Download schema: origin.full.schema.json
Response body:
{
"originId": 3,
"contentProviderId": 3,
"hostname": "somewhere.com",
"description": "Some place far away",
"enable": true,
"cachingType": "CONSERVATIVE",
"interSiteProtocol": "HTTP",
"intraSiteProtocol": "HTTP",
"enableAuthenticatedContent": false,
"enableSiteRedirects": false
}
If you don’t have an
originIdvalue, run the List origins operation and select one from the response’soriginsarray.Make a GET request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ origins/ {originId} The response is an Origin object.
Create a new TLS delivery profile
This operation creates a new content provider TLS delivery profile. The content provider TLS delivery profile specifies the security settings used for TLS connections when a content provider wants content delivered over HTTPS. This type of profile is created by the content provider, and its available for use by CDN prefixes owned by that content provider.
POST /api/
Sample: /api/
Content-Type: application/json
Object type: TlsDeliveryProfile
Download schema: tls-delivery-profile.create.schema.json
Request body:
{
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
"tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
"caCertificateSecretId": 10,
"tlsCertificateAndKeySecretId": 11,
"tlsCertificateDetails": {
"fingerprints": {
"sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
"sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
},
"validity": {
"notBefore": "2017-06-15T14:22:03.000+0000",
"notAfter": "2044-10-30T14:22:03.000+0000"
},
"issuedTo": {
"commonName": "JUnit Tests",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division",
"serial": "10:00"
},
"issuedBy": {
"commonName": "lcdn.docker.ca",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division"
}
}
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
Status 201
application/json
Headers:
Location: https://akzz-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx.luna.akamaiapis.net/api/content-delivery/v1/content-providers/1/tls-delivery-profiles/1
Object type: TlsDeliveryProfile
Download schema: tls-delivery-profile.full.schema.json
Response body:
{
"description": "",
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"tlsDeliveryProfileId": 1,
"tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
"tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
"caCertificateSecretId": 10,
"tlsCertificateAndKeySecretId": 11,
"tlsCertificateDetails": {
"fingerprints": {
"sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
"sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
},
"validity": {
"notBefore": "2017-06-15T14:22:03.000+0000",
"notAfter": "2044-10-30T14:22:03.000+0000"
},
"issuedTo": {
"commonName": "JUnit Tests",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division",
"serial": "10:00"
},
"issuedBy": {
"commonName": "lcdn.docker.ca",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division"
}
}
}
Build a TlsDeliveryProfile object.
POST the object to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ tls-delivery-profiles The response reflects the newly created TlsDeliveryProfile object.
The response’s
Locationheader provides a URL link to GET the new TLS delivery profile.
List TLS delivery profiles
This operation lists the TLS delivery profiles owned by the specified content provider.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
Status 200
application/json
Object type: TlsDeliveryProfile
Download schema: tls-delivery-profile.collection.schema.json
Response body:
{
"tlsDeliveryProfiles": [
{
"name": "test",
"tlsDeliveryProfileId": 1
}
]
}
Update a TLS delivery profile
After you create a content provider TLS delivery profile, you can use this operation to modify the profile parameters for the specified content provider.
PUT /api/
Sample: /api/
Content-Type: application/json
Object type: TlsDeliveryProfile
Download schema: tls-delivery-profile.full.schema.json
Request body:
{
"description": "",
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"tlsDeliveryProfileId": 1,
"tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
"tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
"caCertificateSecretId": 10,
"tlsCertificateAndKeySecretId": 11,
"tlsCertificateDetails": {
"fingerprints": {
"sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
"sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
},
"validity": {
"notBefore": "2017-06-15T14:22:03.000+0000",
"notAfter": "2044-10-30T14:22:03.000+0000"
},
"issuedTo": {
"commonName": "JUnit Tests",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division",
"serial": "10:00"
},
"issuedBy": {
"commonName": "lcdn.docker.ca",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division"
}
}
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
tlsDeliveryProfileId |
Integer | 1 |
Unique identifier for each TLS delivery profile. |
Status 200
application/json
Object type: TlsDeliveryProfile
Download schema: tls-delivery-profile.full.schema.json
Response body:
{
"description": "",
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"tlsDeliveryProfileId": 1,
"tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
"tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
"caCertificateSecretId": 10,
"tlsCertificateAndKeySecretId": 11,
"tlsCertificateDetails": {
"fingerprints": {
"sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
"sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
},
"validity": {
"notBefore": "2017-06-15T14:22:03.000+0000",
"notAfter": "2044-10-30T14:22:03.000+0000"
},
"issuedTo": {
"commonName": "JUnit Tests",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division",
"serial": "10:00"
},
"issuedBy": {
"commonName": "lcdn.docker.ca",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division"
}
}
}
If you don’t have a
tlsDeliveryProfileIdvalue, run the List TLS delivery profiles operation and select one from the response’stlsDeliveryProfilesarray.Run the Get a TLS delivery profile operation and store the response object.
Update the TlsDeliveryProfile object.
PUT the object back to the same URL as the GET operation:
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ tls-delivery-profiles/ {tlsDeliveryProfileId} The response reflects the updated TlsDeliveryProfile object.
Delete a TLS delivery profile
This operation deletes a TLS delivery profile for the specified content provider.
DELETE /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
tlsDeliveryProfileId |
Integer | 1 |
Unique identifier for each TLS delivery profile. |
Status 204
Run the List TLS delivery profiles operation and store the
tlsDeliveryProfileIdof the relevant TLS delivery profile from the response.Make a DELETE request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ tls-delivery-profiles/ {tlsDeliveryProfileId}
Get a TLS delivery profile
This operation gets the specified TLS delivery profile for the specified content provider.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
tlsDeliveryProfileId |
Integer | 1 |
Unique identifier for each TLS delivery profile. |
Status 200
application/json
Object type: TlsDeliveryProfile
Download schema: tls-delivery-profile.full.schema.json
Response body:
{
"description": "",
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"tlsDeliveryProfileId": 1,
"tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
"tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
"caCertificateSecretId": 10,
"tlsCertificateAndKeySecretId": 11,
"tlsCertificateDetails": {
"fingerprints": {
"sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
"sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
},
"validity": {
"notBefore": "2017-06-15T14:22:03.000+0000",
"notAfter": "2044-10-30T14:22:03.000+0000"
},
"issuedTo": {
"commonName": "JUnit Tests",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division",
"serial": "10:00"
},
"issuedBy": {
"commonName": "lcdn.docker.ca",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division"
}
}
}
If you don’t have a
tlsDeliveryProfileIdvalue, run the List TLS delivery profiles operation and select one from the response’stlsDeliveryProfilesarray.Make a GET request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ tls-delivery-profiles/ {tlsDeliveryProfileId} The response is a TlsDeliveryProfile object.
List CDN prefixes for a TLS delivery profile
This operation displays the list of CDN prefixes for the specified TLS delivery profile.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
tlsDeliveryProfileId |
Integer | 1 |
Unique identifier for each TLS delivery profile. |
Status 200
application/json
Object type: CdnPrefix
Download schema: cdn-prefix.collection.schema.json
Response body:
{
"cdnPrefixes": [
{
"cdnPrefixId": 4,
"prefix": "somewhere.com"
}
],
"page": {
"pageNumber": 1,
"pageSize": 100,
"totalPages": 1,
"totalResults": 1
}
}
If you don’t have a
tlsDeliveryProfileIdvalue, run the List TLS delivery profiles operation and select one from the response’stlsDeliveryProfilesarray.Make a GET request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ tls-delivery-profiles/ {tlsDeliveryProfileId}/ cdn-prefixes The response is a CdnPrefix object.
Create a new TLS ingest profile
This operation creates a TLS ingest profile. To configure the ingest of content from an origin over HTTPS, a content provider must first create a TLS ingest profile and bind the profile to the origin. The HyperCache uses the TLS parameters specified in the TLS ingest profile to ingest content from the origin. A TLS ingest profile can be bound to one or more origins, and can only be deleted if it is not bound to an origin.
POST /api/
Sample: /api/
Content-Type: application/json
Object type: TlsIngestProfile
Download schema: tls-ingest-profile.create.schema.json
Request body:
{
"description": "",
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"ciphers": "HIGH:!aNULL:!MD5",
"tlsProtocols": [
"TLSV1",
"TLSV1_2",
"TLSV1_1"
]
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
Status 201
application/json
Headers:
Location: https://akzz-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx.luna.akamaiapis.net/api/content-delivery/v1/content-providers/1/tls-ingest-profiles/1
Object type: TlsIngestProfile
Download schema: tls-ingest-profile.full.schema.json
Response body:
{
"description": "",
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"tlsIngestProfileId": 1,
"ciphers": "HIGH:!aNULL:!MD5",
"tlsProtocols": [
"TLSV1",
"TLSV1_2",
"TLSV1_1"
]
}
Build a TlsIngestProfile object.
POST the object to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ tls-ingest-profiles The response reflects the newly created TlsIngestProfile object.
The response’s
Locationheader provides a URL link to GET the new TLS ingest profile.
List TLS ingest profiles
This operation displays the list of TLS ingest profiles owned by the specified content provider.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
Status 200
application/json
Object type: TlsIngestProfile
Download schema: tls-ingest-profile.collection.schema.json
Response body:
{
"tlsIngestProfiles": [
{
"name": "test",
"tlsIngestProfileId": 1
}
]
}
Update a TLS ingest profile
After you create a TLS ingest profile, you can modify its attributes using this operation.
PUT /api/
Sample: /api/
Content-Type: application/json
Object type: TlsIngestProfile
Download schema: tls-ingest-profile.full.schema.json
Request body:
{
"description": "",
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"tlsIngestProfileId": 1,
"ciphers": "HIGH:!aNULL:!MD5",
"tlsProtocols": [
"TLSV1",
"TLSV1_2",
"TLSV1_1"
]
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
tlsIngestProfileId |
Integer | 1 |
Unique identifier for each TLS ingest profile. |
Status 200
application/json
Object type: TlsIngestProfile
Download schema: tls-ingest-profile.full.schema.json
Response body:
{
"description": "",
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"tlsIngestProfileId": 1,
"ciphers": "HIGH:!aNULL:!MD5",
"tlsProtocols": [
"TLSV1",
"TLSV1_2",
"TLSV1_1"
]
}
If you don’t have a
tlsIngestProfileIdvalue, run the List TLS ingest profiles operation and select one from the response’stlsIngestProfilesarray.Run the Get a TLS ingest profile and store the response object.
Update the TlsIngestProfile object.
PUT the object back to the same URL as the GET operation:
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ tls-ingest-profiles/ {tlsIngestProfileId} The response reflects the updated TlsIngestProfile object.
Delete a TLS ingest profile
This operation deletes a TLS ingest profile for the specified content provider. A TLS ingest profile can be bound to one or more origins, and can only be deleted if it is not bound to an origin.
DELETE /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
tlsIngestProfileId |
Integer | 1 |
Unique identifier for each TLS ingest profile. |
Status 204
Run the List TLS ingest profiles operation and store the
tlsIngestProfileIdof the relevant TLS ingest profile from the response.Make a DELETE request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ tls-ingest-profiles/ {tlsIngestProfileId}
Get a TLS ingest profile
This operation gets details about a specified TLS ingest profile.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
tlsIngestProfileId |
Integer | 1 |
Unique identifier for each TLS ingest profile. |
Status 200
application/json
Object type: TlsIngestProfile
Download schema: tls-ingest-profile.full.schema.json
Response body:
{
"description": "",
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"tlsIngestProfileId": 1,
"ciphers": "HIGH:!aNULL:!MD5",
"tlsProtocols": [
"TLSV1",
"TLSV1_2",
"TLSV1_1"
]
}
If you don’t have a
tlsIngestProfileIdvalue, run the List TLS ingest profiles operation and select one from the response’stlsIngestProfilesarray.Make a GET request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ tls-ingest-profiles/ {tlsIngestProfileId} The response is a TlsIngestProfile object.
List origins for a TLS delivery profile
This operation lists the origins associated with a specified TLS delivery profile.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
tlsIngestProfileId |
Integer | 1 |
Unique identifier for each TLS ingest profile. |
Status 200
application/json
Object type: Origin
Download schema: origin.collection.schema.json
Response body:
{
"origins": [
{
"originId": 3,
"url": "somewhere.com"
}
],
"page": {
"pageNumber": 1,
"pageSize": 100,
"totalPages": 1,
"totalResults": 1
}
}
If you don’t have a
tlsIngestProfileIdvalue, run the List TLS ingest profiles operation and select one from the response’stlsIngestProfilesarray.Make a GET request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ tls-ingest-profiles/ {tlsIngestProfileId}/ origins The response lists a set of Origin objects.
Create a new shared secret set
This operation creates a new shared secret set for the specified content provider.
POST /api/
Sample: /api/
Content-Type: application/json
Object type: SharedSecretSet
Download schema: shared-secret-set.create.schema.json
Request body:
{
"name": "secret-set1"
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
Status 201
application/json
Headers:
Location: https://akzz-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx.luna.akamaiapis.net/api/content-delivery/v1/content-providers/1/shared-secret-sets/1
Object type: SharedSecretSet
Download schema: shared-secret-set.full.schema.json
Response body:
{
"sharedSecretSetId": 3,
"name": "secret-set1"
}
Build a SharedSecretSet POST object.
POST the object to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ shared-secrets-sets The response reflects the newly created SharedSecretSet object.
The response’s
Locationheader provides a URL link to GET the new shared secret set.
List shared secret sets
This operation lists all shared secrets sets for a specified content provider.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
Status 200
application/json
Object type: SharedSecretSet
Download schema: shared-secret-set.collection.schema.json
Response body:
{
"sharedSecretSets": [
{
"sharedSecretSetId": 3,
"name": "secret-set1"
}
],
"page": {
"pageNumber": 1,
"pageSize": 100,
"totalPages": 1,
"totalResults": 1
}
}
Delete a shared secret
This operation deletes a shared secret set for a specified content provider.
DELETE /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
sharedSecretSetId |
Integer | 1 |
Unique identifier for each shared secret set. |
Status 204
Run the List shared secret sets operation and store the
sharedSecretIdof the relevant shared secret set in the response.Make a DELETE request to delete the shared secret set object from
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ shared-secrets-sets/ {sharedSecretSetId}
Get a shared secret set
This operation gets the details about a shared secret set for a specified content provider.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
sharedSecretSetId |
Integer | 1 |
Unique identifier for each shared secret set. |
Status 200
application/json
Object type: SharedSecretSet
Download schema: shared-secret-set.full.schema.json
Response body:
{
"sharedSecretSetId": 3,
"name": "secret-set1"
}
If you don’t have a
sharedSecretSetIdvalue, run the List shared secret sets operation and select one from the response’ssharedSecretSetsarray.Make a GET request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ shared-secrets-sets/ {sharedSecretSetId} The response is a SharedSecretSet object.
Update secrets
This operations updates the details of a Shared Secret Set for a specified Content Provider.
PUT /api/
Sample: /api/
Content-Type: application/json
Object type: Secrets
Download schema: shared-secret-set-secrets.schema.json
Request body:
{
"secrets": {
"secret1": "sshh!",
"secret2": "psst!"
}
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
sharedSecretSetId |
Integer | 1 |
Unique identifier for each shared secret set. |
Status 200
application/json
Object type: Secrets
Download schema: shared-secret-set-secrets.schema.json
Response body:
{
"secrets": {
"secret1": "sshh!",
"secret2": "psst!"
}
}
If you don’t have a
sharedSecretSetIdvalue, run the List shared secret sets operation and select one from the response’ssharedSecretSetsarray.Run the Get secrets operation and store the response object.
Update the Secrets object.
PUT the object back to the same URL as the GET operation:
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ shared-secrets-sets/ {sharedSecretSetId}/ secrets The response reflects the updated Secrets object.
Get secrets
This operations gets the details of a shared secret set for a specified content provider.
GET /api/
Sample: /api/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
contentProviderId |
Integer | 3 |
Unique identifier for each content provider. |
sharedSecretSetId |
Integer | 1 |
Unique identifier for each shared secret set. |
Status 200
application/json
Object type: Secrets
Download schema: shared-secret-set-secrets.schema.json
Response body:
{
"secrets": {
"secret1": "sshh!",
"secret2": "psst!"
}
}
If you don’t have a
sharedSecretSetIdvalue, run the List shared secret sets operation and select one from the response’ssharedSecretSetsarray.Make a GET request to
/.api/ content-delivery/ v1/ content-providers/ {contentProviderId}/ shared-secrets-sets/ {sharedSecretSetId}/ secrets The response is a Secrets object.
List errors
Retrieve a listing of this API’s HTML-formatted error codes.
GET /api/
Status 200
text/html
Response body:
<!DOCTYPE html>
<html>
<head><title>Content-delivery API Errors</title></head>
<body>
<h1>Content-delivery API Error Descriptions</h1>
<a name="core.internal-error-exception"><h3>core.internal-error-exception</h3></a>
An internal error has occurred during processing. Internal errors are not expected during normal system operation. Please contact the system administrator for more information
<a name="core.unauthorized"><h3>core.unauthorized</h3></a>
The request did not contain valid authorization. Obtain a valid authorization token from the authorization server and retry the request.
<a name="core.bad-request"><h3>core.bad-request</h3></a>
A bad request was received by the system. The intent of the request could not be understood. Please inspect the requested operation and ensure it is properly formed
<a name="core.constraint-violation"><h3>core.constraint-violation</h3></a>
The request received by the system contained more or more constraint violations. More detail about each violation should be included in the error response. Please check the error description for each respective error to learn more about each constraint violation.
<a name="core.not-null-violation"><h3>core.not-null-violation</h3></a>
A required property was missing from the request. For many required properties, the system is able to determine a reasonable default. However, not all properties have defaults, and thus must be specified. Please retry the request with the property specified.
<a name="core.null-violation"><h3>core.null-violation</h3></a>
A property required to not be specified for a request was present. Please retry the request withouth the property.
<a name="core.size-violation"><h3>core.size-violation</h3></a>
A property was specified with a value that was outside the valid range for the property. The error message will often include the allowable minimum and maximum values. Please retry the request with a valid value.
<a name="core.max-violation"><h3>core.max-violation</h3></a>
A property was specified with a value larger than it's allowable maximum. Please check the documentation for the range of allowable values for this property
<a name="core.min-violation"><h3>core.min-violation</h3></a>
A property was specified with a value smaller than it's allowable minimum. Please check the documentation for the range of allowable values for this property
<a name="core.pattern-violation"><h3>core.pattern-violation</h3></a>
A property value did not match the required pattern. Please check the documentation for this entity for rules about property naming.
<a name="core.entity-not-found"><h3>core.entity-not-found</h3></a>
The requested entity could not be found.
<a name="core.entity-general-conflict"><h3>core.entity-general-conflict</h3></a>
A non-specific conflict error occurred.
<a name="core.hostname-violation"><h3>core.hostname-violation</h3></a>
The provided hostname was not properly formed.
<a name="core.ipv4-address-violation"><h3>core.ipv4-address-violation</h3></a>
The provided IPv4 address was not a well-formed address.
<a name="core.ipv6-address-violation"><h3>core.ipv6-address-violation</h3></a>
The provided IPv6 address was not a well-formed address.
<a name="core.mac-address-violation"><h3>core.mac-address-violation</h3></a>
The provided MAC address was not a well-formed address
<a name="core.non-existent-reference"><h3>core.non-existent-reference</h3></a>
The request referred to an instance of another entity that could not be found. Please check the configuration and locate the correct instance.
<a name="core.entity-referenced-conflict"><h3>core.entity-referenced-conflict</h3></a>
An operation was attempted on an entity that is referenced by other entities. This would cause a problem, for example, if the request was attempting to delete such an entity.
<a name="core.entity-property-conflict"><h3>core.entity-property-conflict</h3></a>
An attempt was made to set a property of an entity, but doing so would result in an invalid configuration. For example, an entity class might require unique values for some properties. If an entity with the given value already exists, then the system cannot accept the request.
<a name="core.invalid-parameter-violation"><h3>core.invalid-parameter-violation</h3></a>
A field was passed in a request that did not meet formatting constraints. Please check the field and retry the request.
<a name="core.access-denied"><h3>core.access-denied</h3></a>
The request attempted to access a resource on which the principal does not have authority.
<a name="core.illegal-operation"><h3>core.illegal-operation</h3></a>
The requested operation is illegal
<a name="core.json-parse-error"><h3>core.json-parse-error</h3></a>
The received payload could not be parsed
<a name="core.json-mapping-error"><h3>core.json-mapping-error</h3></a>
The received payload was structurally valid, but could not be processed or mapped onto internal data types. Check the content of the message for field type mismatches.
<a name="core.path-param-entity-field-mismatch"><h3>core.path-param-entity-field-mismatch</h3></a>
A parameter of the URI represents a field that is also specified in the request entity body. When specified in the body, the values of the URI parameter and entity field must match for the request to be consistent.
<a name="core.invalid-path-param"><h3>core.invalid-path-param</h3></a>
A path parameter specified in the request URI did not meet expectations.
<a name="core.assert-condition-violation"><h3>core.assert-condition-violation</h3></a>
The provided value doesn't meet a predetermined condition (true/false).
<a name="core.readonly-property-violation"><h3>core.readonly-property-violation</h3></a>
An attempt was made to modify a property that is read-only. Entity updates that specify the property must have a value matching the current value.
<a name="core.invalid-search-field-error"><h3>core.invalid-search-field-error</h3></a>
A search filter was presented that contained an unknown or unsearchable field in the query expression.
<a name="core.invalid-search-value-error"><h3>core.invalid-search-value-error</h3></a>
A search filter was presented that contained an invalid value for a field
<a name="core.invalid-search-expression-error"><h3>core.invalid-search-expression-error</h3></a>
A search filter was presented that was not syntactically correct.
<a name="core.illegal-reference"><h3>core.illegal-reference</h3></a>
An attempt was made to refer to one entity from another, but this operation was not deemed legal
<a name="core.entity-already-referenced"><h3>core.entity-already-referenced</h3></a>
An attempt was made to refer to an entity that is already referred to, where only a single reference is allowed
<a name="core.entity-optimistic-concurrency-failure"><h3>core.entity-optimistic-concurrency-failure</h3></a>
An attempt was made to optimistically update an entity, but the update was not made successfully.
<a name="core.method-not-allowed-error"><h3>core.method-not-allowed-error</h3></a>
The requested resource does not support the presented HTTP method
<a name="core.resource-not-found-error"><h3>core.resource-not-found-error</h3></a>
A resource was requested that does not exist. Please check documentation for supported resource paths.
<a name="core.unsupported-media-type-error"><h3>core.unsupported-media-type-error</h3></a>
The request did not successfully complete content-type negotiation, as an unsupported content-type was presented.
<a name="core.general-client-error"><h3>core.general-client-error</h3></a>
A non-specific client side error occurred
<a name="core.service-unavailable-error"><h3>core.service-unavailable-error</h3></a>
Service is temporarily unavailable
<a name="content-delivery.client-auth-without-certs-violation"><h3>content-delivery.client-auth-without-certs-violation</h3></a>
Client auth was enabled in the request, but the certificate/key was not provided.
<a name="content-delivery.tls-certificate-chain-violation"><h3>content-delivery.tls-certificate-chain-violation</h3></a>
A valid PEM formatted X.509 certificate chain with matching key is required. The system was unable to parse and determine validity of the provided values.
<a name="content-delivery.tls-certificate-violation"><h3>content-delivery.tls-certificate-violation</h3></a>
A valid PEM formatted X.509 certificate is required. The system was unable to parse and determine validity of the provided values.
<a name="content-delivery.tls-protocol-incompatible-ciphers-violation"><h3>content-delivery.tls-protocol-incompatible-ciphers-violation</h3></a>
A TLS protocol was specified to be used with incompatible ciphers.
<a name="content-delivery.ca-properties-violation"><h3>content-delivery.ca-properties-violation</h3></a>
Certificate Authority related properties are not consistent.
<a name="content-delivery.tls-buffer-size-violation"><h3>content-delivery.tls-buffer-size-violation</h3></a>
Invalid TLS Buffer Size. Supported sizes include 4, 16, and 32.
<a name="content-delivery.origin-edge-params-violation"><h3>content-delivery.origin-edge-params-violation</h3></a>
The edge parameters set on an origin are not consistent. For example, when setting the edge type to AEX, the edge hostname must be set to valid Akamai edge hostname.
<a name="content-delivery.origin-fast-reroute-params-violation"><h3>content-delivery.origin-fast-reroute-params-violation</h3></a>
The fast reroute parameters set on an origin are not consistent.
<a name="content-delivery.invalid-healthcheck-url-violation"><h3>content-delivery.invalid-healthcheck-url-violation</h3></a>
An invalid healthcheck URL was proposed.
<a name="content-delivery.invalid-shared-secret-map"><h3>content-delivery.invalid-shared-secret-map</h3></a>
Shared secret map must be valid. Keys must be non-null and non-empty.
<a name="content-delivery.http-response-code-violation"><h3>content-delivery.http-response-code-violation</h3></a>
An invalid HTTP response code was provided. A valid HTTP response code can be a single value (such as 200), or in some cases, a range is allowed (such as 200-202). When using a range, the starting value must be before then ending value.
<a name="content-delivery.rules.dscp-value-violation"><h3>content-delivery.rules.dscp-value-violation</h3></a>
Must provide valid DSCP value
<a name="content-delivery.rules.duplicate-behavior-violation"><h3>content-delivery.rules.duplicate-behavior-violation</h3></a>
A request was presented that contained duplicate element types for either defaultBehaviors or childBehaviors.
<a name="content-delivery.rules.fastcgi-invalid-param-map"><h3>content-delivery.rules.fastcgi-invalid-param-map</h3></a>
FastCGI param map must be valid. Keys must be non-null and non-empty.
<a name="content-delivery.rules.uri-signature-protect-subfiles-filter-type-setting-violation"><h3>content-delivery.rules.uri-signature-protect-subfiles-filter-type-setting-violation</h3></a>
UriSignature protectSubFiles cannot be enabled when the UriFilterType on the rule is neither REGULAR_EXPRESSION_MATCH nor CASE_INSENSITIVE_REGULAR_EXPRESSION_MATCH
<a name="content-delivery.rules.uri-signature-protect-subfiles-protected-path-setting-violation"><h3>content-delivery.rules.uri-signature-protect-subfiles-protected-path-setting-violation</h3></a>
UriSignature protectSubFiles cannot be enabled unless protectedPathPattern is specified
</body>
</html>
Data
This section describes the Content Delivery API’s data objects that the API exposes.
Download the JSON schemas for this API.
This section’s data schema tables list membership requirements as follows:
| ✓ | Member is required in requests, or always present in responses, even if its value is empty or null. |
| ○ | Member is optional, and may be omitted in some cases. |
ContentProvider
A Content Provider is an organization that has content it wants to deliver via the LCDN.
Download schema:
content-provider.full.schema.json
Sample GET:
{
"account": "account1",
"name": "Content Provider 1",
"enable": true,
"contentProviderId": 1,
"serviceProviderId": 2
}
ContentProvider members
| Member | Type | Required | Description |
|---|---|---|---|
ContentProvider: A Content Provider is an organization that has content it wants to deliver via the LCDN. |
|||
account |
String | ✓ | A unique, lowercase, alphanumeric ID for the Content Provider. |
content |
Integer | ○ | Read-only. A unique identifier for the Content Provider. |
enable |
Boolean | ○ | Enable this Content Provider. The default is true. Set false to disable it. |
name |
String | ✓ | A unique name to identify the Content Provider. |
service |
Integer | ✓ | ID of the Service Provider associated with this Content Provider. |
CdnPrefix
A CDN prefix corresponds to the fully qualified domain name (FQDN) at the beginning of a URI, effectively carving out a region of the URI name space to which a set of rules and policies are applied.
Download schema:
cdn-prefix.full.schema.json
Sample GET:
{
"cdnPrefixId": 4,
"prefix": "somewhere.com",
"enable": true,
"prefixPrioritization": "HIGH",
"contentProviderId": 3
}
CdnPrefix members
| Member | Type | Required | Description |
|---|---|---|---|
CdnPrefix: A CDN prefix corresponds to the fully qualified domain name (FQDN) at the beginning of a URI, effectively carving out a region of the URI name space to which a set of rules and policies are applied. |
|||
accessMapId |
Integer | ○ | Identifies the access map associated with this CDN prefix. |
cdnPrefixId |
Integer | ✓ | Read-only. A unique identifier for the CDN prefix. |
content |
Integer | ✓ | Read-only. Identifies the content provider that owns this CDN prefix. |
dnsTtl |
Integer | ○ | DNS response time-to-live (TTL) value for this CDN prefix, in seconds. Note that setting this field is only recommended for CDN operators. |
enable |
Boolean | ○ | Enables the CDN to use this CDN prefix, true by default. |
ipAddressTagId |
Integer | ○ | Identifies the IP address tag associated with this CDN prefix. |
keepalive |
Integer | ○ | Sets the maximum number of requests that can be served through one keep-alive connection. After the maximum number of requests are made, the connection is closed. |
prefix |
String | ✓ | The CDN prefix registered on behalf of the content provider. For example, cdn.example.com. |
prefix |
Enumeration | ○ | Prefix prioritization helps manage peak period resources by prioritizing requests for content from specific content providers. Priorities are LOW, MEDIUM, or HIGH. |
siteMapId |
Integer | ○ | Identifies the site map associated with this CDN prefix. Note that setting this field is only recommended for CDN operators. |
Origin
Origin update.
Download schema:
origin.full.schema.json
Sample GET response:
{
"originId": 3,
"contentProviderId": 3,
"hostname": "somewhere.com",
"description": "Some place far away",
"enable": true,
"cachingType": "CONSERVATIVE",
"interSiteProtocol": "HTTP",
"intraSiteProtocol": "HTTP",
"enableAuthenticatedContent": false,
"enableSiteRedirects": false
}
Origin members
| Member | Type | Required | Description |
|---|---|---|---|
Origin: Origin update. |
|||
cacheable |
Array | ○ | A list of HTTP status codes that the HPC caches. Each item is either a single code or a range of codes. These status codes are not allowed, either in single code, or as part of a range: 200, 203, 206, 300, 301, 410, 416. |
cache |
Integer | ○ | Use this field only if you are configuring multiple origin servers that have identical content. This field maps multiple incoming URLs, each requesting the same content from different origins identified by the hostname field above, to a single origin server identified by this cacheKeyOriginHostnameOriginId field. Doing so enables HyperCaches to conserve cache space and reduces ingest bandwidth. |
cachingType |
Enumeration | ○ | Determines whether to validate requests for cached content with the origin server. With default OPTIMISTIC caching, the HyperCache serves cached content without validating the content with the origin server, unless the content is expired. With CONSERVATIVE caching, every cache request is validated with the origin server by sending an HTTP HEAD request. If the content is stale, the HyperCache node gets the new content from the origin server. The old content ages out of the cache. |
content |
Integer | ✓ | Read-only. Identifies the content provider object. |
dynamicHierarchy |
Origin. |
○ | Configure a HyperCache node that is the endpoint of an origin path (a root HyperCache) to monitor the health of the origin server by sending a GET request for a specific URL. |
edgeHostname |
String | ○ | Hostname of the AEX origin server. |
edgeHostType |
Enumeration | ○ | Indicates whether the origin server is an AEX (Aura Edge eXchange) server or the default HTTP. |
enable |
Boolean | ○ | Enables the CDN to deliver content from this origin server, true by default. |
enable |
Boolean | ○ | Causes the HyperCache to send a HEAD request to the origin server for each client request. If the response is a status code of 2XX, the content is served to the client. Otherwise, the origin’s status code is returned. This typically occurs when the origin server authenticates the client request using a cookie, token, or other means. Default is false. |
enable |
Boolean | ○ | Enables internal Request ID to be exported to this origin server, false by default. |
enable |
Boolean | ○ | Determines whether or not HyperCache redirects a client to a better site based on the rules in the site map. Enabling this to true allows the HyperCache to adhere to the LCDN site map configured using the request router service. If set to false, cache miss client requests to a CDN prefix that uses this origin server as a default result in a HyperCache request for the content directly to the origin server. |
errorCacheMaxAge |
Integer | ○ | The maximum amount of time the HTTP status codes is cached by the HPC. |
error |
Integer | ○ | The maximum number of retries in the case of an error response. |
fastReroute |
Origin. |
○ | Enables a HyperCache node to detect failed or slow connections to a specific origin IP address, or between Sites, and to send a second request to an alternate origin IP (or site) if the first request is delayed. If a successful response is received from either origin IP (or site), the first response is used to fulfill a client’s request. The second response, if received, is ignored. If no connection to either destination is established, or if no response is received within the configured origin timeout value, the requests to the origin (or site) are retried four times before a 504 is returned to the client. This method helps ensure rapid recovery in case a temporary network problem results in loss of the initial request or response. |
hostname |
String | ✓ | Hostname of the origin server. |
inter |
Enumeration | ○ | The protocol used to transport this origin’s content between Sites in the LCDN, either HTTP or HTTPS. |
intra |
Enumeration | ○ | The protocol used to transport this origin’s content between nodes within a site in the LCDN, either HTTP or HTTPS. |
ipAddressTypes |
Array | ○ | A list of IPv4 and IPv6 address types, in order of preference, that may be used to communicate with this origin server. ‘IPv6’ and ‘IPv4’ are enabled by default, and ‘IPv6’ is preferred. |
originId |
Integer | ✓ | Read-only. Identifies the Origin object. |
originTimeout |
Integer | ○ | Origin idle connection timeout in seconds, specifies the length of time the HPC waits for a response to a request from an origin. If no response is received from an origin server within the configured timeout value, four additional attempts are made to the same origin server. If no response is received for the final request within the configured timeout, then that connection is terminated, and a 504 response is sent to the requesting client. |
resolvable |
Array | ○ | A list of virtual hosts, origin servers with resolvable hostnames. |
storage |
Integer | ○ | Identifies the storage partition object. |
tls |
Integer | ○ | Identifies the TLS ingest profile object. |
Origin.dynamicHierarchy: Configure a HyperCache node that is the endpoint of an origin path (a root HyperCache) to monitor the health of the origin server by sending a GET request for a specific URL. |
|||
health |
Integer | ○ | A numeric value that represents the number of seconds between successive HTTP GET health check requests. The minimum acceptable value is 1, and the default is 2. |
healthCheckUrl |
String | ○ | URL used by health check request to determine the health of the origin server. The HyperCache periodically sends an HTTP GET request for this URL to check the health of the origin server. Any response received is interpreted as a healthy origin, including error responses. |
health |
String | ○ | Matches a single response code, or a range of codes. |
Origin.fastReroute: Enables a HyperCache node to detect failed or slow connections to a specific origin IP address, or between Sites, and to send a second request to an alternate origin IP (or site) if the first request is delayed. If a successful response is received from either origin IP (or site), the first response is used to fulfill a client’s request. The second response, if received, is ignored. If no connection to either destination is established, or if no response is received within the configured origin timeout value, the requests to the origin (or site) are retried four times before a 504 is returned to the client. This method helps ensure rapid recovery in case a temporary network problem results in loss of the initial request or response. |
|||
enable |
Boolean | ○ | Enables Fast Reroute functionality. |
intraCdnTimeout |
Number | ○ | Used by the HyperCache when it makes a request to an origin through a parent site or a peer node within the same site. It specifies the number of seconds you want the HyperCache in one site to wait before sending the second request to an alternate site. The number of seconds configured can be expressed to the nearest thousandth of a second, for example: 4, 3.0, 1.05, 2.005. Note that the configured value for this field must be at least 0.5 seconds greater than the originTimeout. |
originTimeout |
Number | ○ | Value used by the HyperCache when it makes a request directly to the origin server. It specifies the number of seconds you want the HyperCache to wait before sending the second request to an alternate origin IP address. The number of seconds configured can be expressed to the nearest thousandth of a second, for example: 4, 3.0, 1.05, 2.005. Note that the configured value for this field must be at least 0.5 seconds less than the intraCdnTimeout. |
TlsDeliveryProfile
TLS delivery Profile object schema definition.
Download schema:
tls-delivery-profile.full.schema.json
Sample GET response:
{
"description": "",
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"tlsDeliveryProfileId": 1,
"tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
"tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
"caCertificateSecretId": 10,
"tlsCertificateAndKeySecretId": 11,
"tlsCertificateDetails": {
"fingerprints": {
"sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
"sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
},
"validity": {
"notBefore": "2017-06-15T14:22:03.000+0000",
"notAfter": "2044-10-30T14:22:03.000+0000"
},
"issuedTo": {
"commonName": "JUnit Tests",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division",
"serial": "10:00"
},
"issuedBy": {
"commonName": "lcdn.docker.ca",
"organization": "Akamai Technologies\\, Inc.",
"organizationalUnit": "Carrier Products Division"
}
}
}
TlsDeliveryProfile members
| Member | Type | Required | Description |
|---|---|---|---|
TlsDeliveryProfile: TLS delivery Profile object schema definition. |
|||
caCertificate |
String | ○ | An OpenSSL PEM-formatted Certificate Authority (CA) certificate used to verify client certificates. |
ca |
Certificate | ○ | Read-only. A view of Certificate Authority (CA) certificate details. |
ca |
Integer | ○ | Id of the secret from the secret-management API referencing the CA certificate. |
ciphers |
String | ○ | An OpenSSL style ciphers string. |
content |
Integer | ✓ | Read-only. Identifies content provider which owns the TLS delivery profile. |
crl |
String | ○ | Certificate Revocation List. An OpenSSL PEM-formatted list of revoked client certificates. |
crlDetails |
Certificate | ○ | Read-only. A view of the CRL (Certificate Revocation List) details. |
description |
String | ○ | A description of the TLS delivery profile. |
ecdhCurve |
Enumeration | ○ | Elliptic Curve Diffie-Hellman (ECDH) protocol. Specifies a curve for ECDHE ciphers. |
enableClientAuth |
Boolean | ○ | Allows you to enable or disable client authorization. When client authorization is enabled, the HyperCache authenticates client certificates using the CA certificate for each TLS connection. |
name |
String | ✓ | The name of the TLS delivery profile. |
tlsBufferSize |
Integer Enumeration | ○ | Sets the size of the TLS buffer used for sending data (KB). |
tlsCertificate |
String | ○ | An OpenSSL PEM-formatted TLS certificate used by an HyperCache node as a server certificate. |
tls |
Integer | ○ | Id of the secret from the secret-management API referencing the TLS certificate and private key. |
tls |
Certificate | ○ | Read-only. A view of TLS certificate details. |
tls |
String | ○ | An OpenSSL PEM-formatted private key associated with the TLS certificate. |
tls |
Integer | ✓ | Read-only. Primary ID for the TLS delivery profile object. Must be set on updates, must not be set for creates. |
tls |
Integer | ○ | Sets the verification depth in the client certificates chain. |
TlsIngestProfile
TLS ingest profile object schema definition.
Download schema:
tls-ingest-profile.full.schema.json
Sample GET response:
{
"description": "",
"name": "test",
"contentProviderId": 3,
"enableClientAuth": false,
"tlsIngestProfileId": 1,
"ciphers": "HIGH:!aNULL:!MD5",
"tlsProtocols": [
"TLSV1",
"TLSV1_2",
"TLSV1_1"
]
}
TlsIngestProfile members
| Member | Type | Required | Description |
|---|---|---|---|
TlsIngestProfile: TLS ingest profile object schema definition. |
|||
caCertificate |
String | ○ | An OpenSSL PEM-formatted Certificate Authority (CA) certificate used to verify origin server certificates. |
ca |
Certificate | ○ | Read-only. A view of Certificate Authority (CA) certificate details. |
ciphers |
String | ○ | An OpenSSL style ciphers string. |
client |
String | ○ | An OpenSSL PEM-formatted TLS ingest certificate used by a HyperCache node as a client certificate. |
client |
Certificate | ○ | Read-only. A view of the TLS ingest client certificate details. |
client |
String | ○ | An OpenSSL PEM-formatted private key associated with the TLS ingest client certificate. |
content |
Integer | ✓ | Read-only. Identifies content provider which owns the TLS ingest profile. |
crl |
String | ○ | Certificate Revocation List. An OpenSSL PEM-formatted list of revoked server certificates. |
crlDetails |
Certificate | ○ | Read-only. A view of the CRL (Certificate Revocation List) details. |
description |
String | ○ | A description of the TLS ingest profile. |
enableClientAuth |
Boolean | ○ | Allows you to enable or disable client authorization. When client authorization is enabled, the HyperCache transmits the TLS ingest client certificate to the origin server for authentication, required if the origin server authenticates clients. |
name |
String | ✓ | The name of the TLS ingest profile. |
tls |
Integer | ✓ | Read-only. Primary ID for the TLS ingest object. Must be set on updates, must not be set for creates. |
tlsProtocols |
Enumeration | ○ | TLS protocols supported, either TLSV1, TLSV1_1 or TLSV1_2. Defaults to TLSV1, TLSV1_1, TLSV1_2. The use of SSLV2 or SSLV3 are discouraged for security reasons. |
Certificate
Summary information of a digital X.509 Certificate.
Download schema:
common-definitions.json
Certificate members
| Member | Type | Required | Description |
|---|---|---|---|
Certificate: Summary information of a digital X.509 Certificate. |
|||
fingerprints |
Certificate. |
○ | An abbreviated form of the public key of the certificate. |
issuedBy |
Certificate. |
○ | A distinguished name (DN) that identifies the certificate authorizer. |
issuedTo |
Certificate. |
○ | A distinguished name (DN) that identifies the certificate owner. |
validity |
Certificate. |
○ | The validity time period of the certificate. |
Certificate.fingerprints: An abbreviated form of the public key of the certificate. |
|||
sha1Fingerprint |
String | ○ | The fingerprint of the certificate using the SHA1 algorithm. |
sha256Fingerprint |
String | ○ | The fingerprint of the certificate using the SHA256 algorithm. |
Certificate.issuedBy: A distinguished name (DN) that identifies the certificate authorizer. |
|||
commonName |
String | ✓ | The entity (user/web server/domain/hostname) associated with the certificate authorizer. |
organization |
String | ✓ | The organization of the certificate authorizer. |
organizational |
String | ✓ | The organizational unit of the certificate issuer. |
Certificate.issuedTo: A distinguished name (DN) that identifies the certificate owner. |
|||
commonName |
String | ✓ | A common name (CN) that identifies the host and domain name associated with the certificate. |
organization |
String | ✓ | The organization of the certificate owner. |
organizational |
String | ✓ | The organizational unit of the certificate owner. |
serial |
String | ✓ | A serial number that uniquely identifies the certificate. |
Certificate.validity: The validity time period of the certificate. |
|||
notAfter |
String | ○ | The time and date on which the certificate is no longer valid. |
notBefore |
String | ○ | The time and date on which the certificate is valid. |
SharedSecretSet
Shared secret set object schema definition. Shared secrets are used for URI signing, which is used as an authorization method for content delivery.
Download schema:
shared-secret-set.full.schema.json
Sample GET response:
{
"sharedSecretSetId": 3,
"name": "secret-set1"
}
SharedSecretSet members
| Member | Type | Required | Description |
|---|---|---|---|
SharedSecretSet: Shared secret set object schema definition. Shared secrets are used for URI signing, which is used as an authorization method for content delivery. |
|||
content |
Integer | ✓ | Read-only. Identifies the content provider which owns the shared secret set. |
name |
String | ✓ | Read-only. The name of the shared secret set. The name can include alphanumeric characters, dashes, underscores, dots, and backslashes, but must start with a letter. Once set, the name of the shared secret set cannot be updated. |
shared |
Integer | ✓ | Read-only. Primary ID for the shared secret set object. Must be set on updates, must not be set for creates. |
Secrets
Shared secret set secrets object definition.
Download schema:
shared-secret-set-secrets.schema.json
Sample GET response:
{
"secrets": {
"secret1": "sshh!",
"secret2": "psst!"
}
}
Secrets members
| Member | Type | Required | Description |
|---|---|---|---|
Secrets: Shared secret set secrets object definition. |
|||
secrets |
Object | ✓ | One or more unique key/index string pairs to be added as members of the secret set. |
Rule
A rule object which is used to respond to different kinds of requests. A rule consists of criteria that identify which requests to process, and the behaviors to apply to those requests.
Download schema:
rules.schema.json
Sample GET response:
{
"defaultBehaviors": [
{
"name": "originServer",
"options": {
"originId": 1
}
}
],
"children": [
{
"name": "first filter",
"criterion": {
"name": "uriFilter",
"options": {
"uriFilterType": "PREFIX_MATCH",
"uriFilterValue": "/objects"
}
},
"behaviors": [
{
"name": "ramOnlyCaching",
"options": {
"enable": true
}
},
{
"name": "fastcgiAuth",
"options": {
"enable": true,
"server": "auth.server:88",
"backupServers": [
"auth2.server:88"
],
"params": {
"foo": "bar"
}
}
},
{
"name": "httpsDelivery",
"options": {
"value": "DISABLE"
}
},
{
"name": "excludedQueryArguments",
"options": {
"value": [
"arg1",
"arg2"
]
}
},
{
"name": "externalOriginAuth",
"options": {
"service": "AMAZON_AWS_S3",
"accessKey": "...",
"secretKey": "...",
"region": "us-east-1",
"signedHeaders": [
"H1"
]
}
},
{
"name": "lastMileAcceleration",
"options": {
"compressionLevel": 6,
"enable": true,
"uaRestrict": "^client100$",
"contentTypes": [
"application/type1",
"application/type2"
]
}
},
{
"name": "limitRate",
"options": {
"bandwidth": 1000,
"unit": "MB_PER_SECOND"
}
},
{
"name": "uriSignature",
"options": {
"protectedPathPattern": "$some/protected/path",
"tokenEncoding": "BASE64",
"tokenParameter": "$signatureToken",
"sharedSecretSetId": 1,
"sharedSecretIndexParameter": "$myParam",
"algorithm": "MD5",
"inputParameterCapitalization": "NO_CHANGE",
"inputParameterPattern": "arg1",
"uriExpirationParameter": "$expires"
}
},
{
"name": "cors",
"options": {
"accessControlMaxAge": 3600,
"enablePreflight": true,
"accessControlAllowHeaders": [
"X-Header1",
"X-Header2"
],
"accessControlAllowMethods": [
"GET",
"HEAD"
],
"accessControlAllowOrigin": {
"allowAllOrigins": true
}
}
}
]
}
]
}
Rule members
| Member | Type | Required | Description |
|---|---|---|---|
Rule: A rule object which is used to respond to different kinds of requests. A rule consists of criteria that identify which requests to process, and the behaviors to apply to those requests. |
|||
children |
Rule Array | ○ | A list of child rules. Each child rule object consists of its name, the criterion to match URIs, and a list of behaviors that act upon that criterion. |
defaultBehaviors |
Behavior Array | ○ | A set of features (behaviors) for the top-level (default) rule. These default behaviors are applied to all requests. |
Behavior
You can place behaviors throughout your Rule tree.
The top-level rule’s defaultBehaviors support any of these behaviors:
- defaultHttp2Delivery
- defaultHttpDelivery
- defaultHttpsDelivery
- frontEndCache
- originServer
- ramOnlyCaching
- storagePartition
Within child rules (children), a criterion member specifies a
criterion test, based on which subsequent
behaviors execute. These can include any of the default set above,
to conditionally override default settings, or any of these additional behaviors:
- cacheControlOverride
- cacheKeyUri
- chunkSize
- keepaliveRequests
- cors
- dscp
- excludedQueryArguments
- externalOriginAuth
- fastcgiAuth
- followRedirect
- http2Delivery
- httpDelivery
- httpsDelivery
- lastMileAcceleration
- limitRate
- originAffinityUri
- originRangeRequest
- originServerUri
- purgeKeyUri
- siteRedirectMode
- siteRedirectType
- storagePartition
- uriSignature
- udpSyslogAccessLog
cacheControlOverride
Ignore Cache-Control, overriding Cache-Control at the HyperCache with the provided value when caching contents. This override value does not modify any received Cache-Control headers or insert any missing Cache-Control headers. Origin headers remain intact when sent to the client.
Download schema:
rules.schema.json
cacheControlOverride members
| Member | Type | Required | Description |
|---|---|---|---|
cacheControlOverride: Ignore Cache-Control, overriding Cache-Control at the HyperCache with the provided value when caching contents. This override value does not modify any received Cache-Control headers or insert any missing Cache-Control headers. Origin headers remain intact when sent to the client. |
|||
name |
Enumeration | ✓ | The name of the behavior, cacheControlOverride in this case. |
options |
cache |
✓ | This behavior’s set of configuration options. |
cacheControlOverride.options: This behavior’s set of configuration options. |
|||
value |
String | ✓ | The value of the Cache-Control header to be used on HTTP responses coming from the origin server. |
cacheKeyUri
URI pattern used by HyperCache for generating a cache key.
Download schema:
rules.schema.json
cacheKeyUri members
| Member | Type | Required | Description |
|---|---|---|---|
cacheKeyUri: URI pattern used by HyperCache for generating a cache key. |
|||
name |
Enumeration | ✓ | The name of the behavior, cacheKeyUri in this case. |
options |
cache |
✓ | This behavior’s set of configuration options. |
cacheKeyUri.options: This behavior’s set of configuration options. |
|||
value |
String | ✓ | The cache key URI pattern without query parameters. By default, all incoming query parameters are added to the cache key URI. By default, this value is also used for the purge key URI. |
chunkSize
Chunk size for the asset, used for tuning the HyperCache internal chunk size.
Download schema:
rules.schema.json
chunkSize members
| Member | Type | Required | Description |
|---|---|---|---|
chunkSize: Chunk size for the asset, used for tuning the HyperCache internal chunk size. |
|||
name |
Enumeration | ✓ | The name of the behavior, chunkSize in this case. |
options |
chunk |
✓ | This behavior’s set of configuration options. |
chunkSize.options: This behavior’s set of configuration options. |
|||
value |
Integer | ✓ | Size of the chunk for this content, in bytes. |
cors
Configuration of Cross-Origin Resource Sharing (CORS) response headers at the HyperCache for this rule.
Download schema:
rules.schema.json
cors members
| Member | Type | Required | Description |
|---|---|---|---|
cors: Configuration of Cross-Origin Resource Sharing (CORS) response headers at the HyperCache for this rule. |
|||
name |
Enumeration | ✓ | The name of the behavior, cors in this case. |
options |
cors. |
✓ | This behavior’s set of configuration options. |
cors.options: This behavior’s set of configuration options. |
|||
access |
Boolean | ○ | Access-Control-Allow-Credentials header value. |
access |
Array | ○ | Access-Control-Allow-Headers header value. |
access |
Array | ○ | Access-Control-Allow-Methods method list. Enter a list of allowed methods or leave empty to use value of Access-Control-Request-Method header. |
access |
Object | ○ | Access-Control-Allow-Origin header source. Enter one of allowRequestHttpOrigin (allow access from any origin listed in the request Origin header), allowAllOrigins (true implies *), or allowOrigins (list of allowed origins) as an option. |
access |
Array | ○ | Access-Control-Expose-Headers header value. |
access |
Integer | ○ | Access-Control-Max-Age header value. Enter number of seconds for which client may cache preflight response or leave empty to use default of one day. |
enablePreflight |
Boolean | ○ | Enables preflight requests. |
defaultHttpDelivery
Default setting for HTTP Delivery.
Download schema:
rules.schema.json
defaultHttpDelivery members
| Member | Type | Required | Description |
|---|---|---|---|
defaultHttpDelivery: Default setting for HTTP Delivery. |
|||
name |
Enumeration | ✓ | The name of the behavior, httpDelivery in this case. |
options |
default |
✓ | This behavior’s set of configuration options. |
defaultHttpDelivery.options: This behavior’s set of configuration options. |
|||
enable |
Boolean | ✓ | Enables default HTTP Delivery for this prefix. |
defaultHttp2Delivery
Default setting for HTTP2 Delivery.
Download schema:
rules.schema.json
defaultHttp2Delivery members
| Member | Type | Required | Description |
|---|---|---|---|
defaultHttp2Delivery: Default setting for HTTP2 Delivery. |
|||
name |
Enumeration | ✓ | The name of the behavior, http2Delivery in this case. |
options |
default |
✓ | This behavior’s set of configuration options. |
defaultHttp2Delivery.options: This behavior’s set of configuration options. |
|||
enable |
Boolean | ✓ | Enables default HTTP2 Delivery for this prefix. |
defaultHttpsDelivery
Default setting for HTTPS Delivery.
Download schema:
rules.schema.json
defaultHttpsDelivery members
| Member | Type | Required | Description |
|---|---|---|---|
defaultHttpsDelivery: Default setting for HTTPS Delivery. |
|||
name |
Enumeration | ✓ | The name of the behavior, httpsDelivery in this case. |
options |
default |
✓ | This behavior’s set of configuration options. |
defaultHttpsDelivery.options: This behavior’s set of configuration options. |
|||
enable |
Boolean | ✓ | Enables default HTTPS Delivery for this prefix. |
tls |
Integer | ○ | A unique identifier for the TLS delivery profile. |
dscp
DiffServ byte field in the outgoing IP packets, typically used to prioritize, or generally schedule, traffic in an IP routed network.
Download schema:
rules.schema.json
dscp members
| Member | Type | Required | Description |
|---|---|---|---|
dscp: DiffServ byte field in the outgoing IP packets, typically used to prioritize, or generally schedule, traffic in an IP routed network. |
|||
name |
Enumeration | ✓ | The name of the behavior, dscp in this case. |
options |
dscp. |
✓ | This behavior’s set of configuration options. |
dscp.options: This behavior’s set of configuration options. |
|||
value |
Integer | ✓ | DiffServ byte field, including the last two ECN bits. When configuring this field, the ECN bits must be set to 0 (zero), and only the upper 6 bits should be set. |
excludedQueryArguments
List of query arguments that should not be part of the cache key URI.
Download schema:
rules.schema.json
excludedQueryArguments members
| Member | Type | Required | Description |
|---|---|---|---|
excludedQueryArguments: List of query arguments that should not be part of the cache key URI. |
|||
name |
Enumeration | ✓ | The name of the behavior, excludedQueryArguments in this case. |
options |
excluded |
✓ | This behavior’s set of configuration options. |
excludedQueryArguments.options: This behavior’s set of configuration options. |
|||
value |
Array | ✓ | Query argument to exclude. |
externalOriginAuth
Parameters associated with authentication with external origin server.
Download schema:
rules.schema.json
externalOriginAuth members
| Member | Type | Required | Description |
|---|---|---|---|
externalOriginAuth: Parameters associated with authentication with external origin server. |
|||
name |
Enumeration | ✓ | The name of the behavior, externalOriginAuth in this case. |
options |
external |
✓ | This behavior’s set of configuration options. |
externalOriginAuth.options: This behavior’s set of configuration options. |
|||
accessKey |
String | ✓ | External Oorigin access key ID. |
region |
String | ✓ | External origin service region, such as us-east-1 and eu-central-1. |
secretKey |
String | ✓ | External origin secret access key. |
service |
Enumeration | ✓ | External origin service. The only available service is AMAZON_AWS_S3. |
signedHeaders |
Array | ○ | List of request headers included in authorization signature. |
fastcgiAuth
Parameters associated with FastCGI Authentication.
Download schema:
rules.schema.json
fastcgiAuth members
| Member | Type | Required | Description |
|---|---|---|---|
fastcgiAuth: Parameters associated with FastCGI Authentication. |
|||
name |
Enumeration | ✓ | The name of the behavior, fastcgiAuth in this case. |
options |
fastcgi |
✓ | This behavior’s set of configuration options. |
fastcgiAuth.options: This behavior’s set of configuration options. |
|||
backupServers |
Array | ○ | Servers in hostname:port format, so the maximum length is 262, 256 of which is for the hostname. |
enable |
Boolean | ✓ | Enables FastCGI Authentication. |
params |
Object | ○ | FastCGI parameters in map form. |
role |
Enumeration | ○ | Role set for the FastCGI Server, either AUTHORIZER or RESPONDER. |
server |
String | ✓ | Destination FastCGI server server:port, maximum length is 262, 256 of which is for the hostname. |
followRedirect
Control the behavior of the HyperCache when it receives a 302 Redirect from the Origin.
Download schema:
rules.schema.json
followRedirect members
| Member | Type | Required | Description |
|---|---|---|---|
followRedirect: Control the behavior of the HyperCache when it receives a 302 Redirect from the Origin. |
|||
name |
Enumeration | ✓ | The name of the behavior, followRedirect in this case. |
options |
follow |
✓ | This behavior’s set of configuration options. |
followRedirect.options: This behavior’s set of configuration options. |
|||
enable |
Boolean | ✓ | When enabled, pass on HTTP 302 redirects to the client. |
frontEndCache
Enable or disable caching of specific types of content to front-end memory. This stores entire objects in HPC nodes, not chunks.
Download schema:
rules.schema.json
frontEndCache members
| Member | Type | Required | Description |
|---|---|---|---|
frontEndCache: Enable or disable caching of specific types of content to front-end memory. This stores entire objects in HPC nodes, not chunks. |
|||
name |
Enumeration | ✓ | The name of the behavior, frontEndCache in this case. |
options |
front |
✓ | This behavior’s set of configuration options. |
frontEndCache.options: This behavior’s set of configuration options. |
|||
enable |
Boolean | ✓ | When enabled, all content matching the URI Filter is cached only in front-end memory. |
http2Delivery
Override default setting for HTTP2 delivery.
Download schema:
rules.schema.json
http2Delivery members
| Member | Type | Required | Description |
|---|---|---|---|
http2Delivery: Override default setting for HTTP2 delivery. |
|||
name |
Enumeration | ✓ | The name of the behavior, http2Delivery in this case. |
options |
http2Delivery. |
✓ | This behavior’s set of configuration options. |
http2Delivery.options: This behavior’s set of configuration options. |
|||
value |
Enumeration | ✓ | Override value. If DEFAULT, the HTTP2 Delivery value is inherited from the default behavior. If DISABLE, the value is overridden to be false. |
httpDelivery
Override default setting for HTTP delivery.
Download schema:
rules.schema.json
httpDelivery members
| Member | Type | Required | Description |
|---|---|---|---|
httpDelivery: Override default setting for HTTP delivery. |
|||
name |
Enumeration | ✓ | The name of the behavior, httpDelivery in this case. |
options |
http |
✓ | This behavior’s set of configuration options. |
httpDelivery.options: This behavior’s set of configuration options. |
|||
value |
Enumeration | ✓ | Override value. If DEFAULT, the HTTP Delivery value is inherited from the default behavior. If DISABLE, the value is overridden to be false. |
httpsDelivery
Override default setting for HTTPS delivery.
Download schema:
rules.schema.json
httpsDelivery members
| Member | Type | Required | Description |
|---|---|---|---|
httpsDelivery: Override default setting for HTTPS delivery. |
|||
name |
Enumeration | ✓ | The name of the behavior, httpsDelivery in this case. |
options |
https |
✓ | This behavior’s set of configuration options. |
httpsDelivery.options: This behavior’s set of configuration options. |
|||
value |
Enumeration | ✓ | Override value. If DEFAULT, the HTTPS Delivery value is inherited from the default behavior. If DISABLE, the value is overridden to be false. |
keepaliveRequests
Sets the maximum number of requests that can be served through one keep-alive connection. After the maximum number of requests are made, the connection is closed.
Download schema:
rules.schema.json
keepaliveRequests members
| Member | Type | Required | Description |
|---|---|---|---|
keepaliveRequests: Sets the maximum number of requests that can be served through one keep-alive connection. After the maximum number of requests are made, the connection is closed. |
|||
name |
Enumeration | ✓ | The name of the behavior, keepAliveRequests in this case. |
options |
keepalive |
✓ | This behavior’s set of configuration options. |
keepaliveRequests.options: This behavior’s set of configuration options. |
|||
value |
Integer | ✓ | Sets the maximum number of requests that can be served through one keep-alive connection. After the maximum number of requests are made, the connection is closed. |
lastMileAcceleration
Compress contents using GZIP before sending them out from edge HyperCaches to supported clients.
Download schema:
rules.schema.json
lastMileAcceleration members
| Member | Type | Required | Description |
|---|---|---|---|
lastMileAcceleration: Compress contents using GZIP before sending them out from edge HyperCaches to supported clients. |
|||
name |
Enumeration | ✓ | The name of the behavior, lastMileAcceleration in this case. |
options |
last |
✓ | This behavior’s set of configuration options. |
lastMileAcceleration.options: This behavior’s set of configuration options. |
|||
compressionLevel |
Integer | ○ | GZIP compression level, 6 by default. |
contentTypes |
Array | ○ | List of acceptable MIME-Types for which LMA is enabled. |
enable |
Boolean | ○ | Feature enable/disable, or null to inherit settings from the global HyperCache configuration. |
uaRestrict |
String | ○ | Regular expression match on the User-Agent header to disable LMA for particular clients. |
limitRate
Limit bandwidth per session, in bytes per second.
Download schema:
rules.schema.json
limitRate members
| Member | Type | Required | Description |
|---|---|---|---|
limitRate: Limit bandwidth per session, in bytes per second. |
|||
name |
Enumeration | ✓ | The name of the behavior, limitRate in this case. |
options |
limit |
✓ | This behavior’s set of configuration options. |
limitRate.options: This behavior’s set of configuration options. |
|||
bandwidth |
Integer | ✓ | The maximum bandwidth limit, as specified by the respective unit. |
unit |
Enumeration | ○ | Bandwidth unit, either the default BYTES_PER_SECOND, KB_PER_SECOND, or MB_PER_SECOND. |
originAffinityUri
Define URI used for origin server affinity. Used when HyperCaches in a site should use the same origin server.
Download schema:
rules.schema.json
originAffinityUri members
| Member | Type | Required | Description |
|---|---|---|---|
originAffinityUri: Define URI used for origin server affinity. Used when HyperCaches in a site should use the same origin server. |
|||
name |
Enumeration | ✓ | The name of the behavior, originAffinityUri in this case. |
options |
origin |
✓ | This behavior’s set of configuration options. |
originAffinityUri.options: This behavior’s set of configuration options. |
|||
value |
String | ✓ | A URI prefix pattern used to identify client requests to which the HPC applies origin affinity. |
originRangeRequest
To allow range requests from HyperCache to the origin server when ingesting content.
Download schema:
rules.schema.json
originRangeRequest members
| Member | Type | Required | Description |
|---|---|---|---|
originRangeRequest: To allow range requests from HyperCache to the origin server when ingesting content. |
|||
name |
Enumeration | ✓ | The name of the behavior, originRangeRequest in this case. |
options |
origin |
✓ | This behavior’s set of configuration options. |
originRangeRequest.options: This behavior’s set of configuration options. |
|||
enable |
Boolean | ✓ | When enabled, allows range requests to the origin. |
originServer
origin server used for ingesting content.
Download schema:
rules.schema.json
originServer members
| Member | Type | Required | Description |
|---|---|---|---|
originServer: origin server used for ingesting content. |
|||
name |
Enumeration | ✓ | The name of the behavior, originServer in this case. |
options |
origin |
✓ | This behavior’s set of configuration options. |
originServer.options: This behavior’s set of configuration options. |
|||
originId |
Integer | ✓ | A unique identifier for the Origin server. |
originServerUri
Define URI used for accessing origin server in case of a cache miss.
Download schema:
rules.schema.json
originServerUri members
| Member | Type | Required | Description |
|---|---|---|---|
originServerUri: Define URI used for accessing origin server in case of a cache miss. |
|||
name |
Enumeration | ✓ | The name of the behavior, originServerUri in this case. |
options |
origin |
✓ | This behavior’s set of configuration options. |
originServerUri.options: This behavior’s set of configuration options. |
|||
value |
String | ✓ | Specifies the URI used for accessing the origin server, for example /a/b/foo.ts. |
purgeKeyUri
URI pattern used to identify assets to be purged using the Purge API. By default this value is the same as cache key URI.
Download schema:
rules.schema.json
purgeKeyUri members
| Member | Type | Required | Description |
|---|---|---|---|
purgeKeyUri: URI pattern used to identify assets to be purged using the Purge API. By default this value is the same as cache key URI. |
|||
name |
Enumeration | ✓ | The name of the behavior, purgeKeyUri in this case. |
options |
purge |
✓ | This behavior’s set of configuration options. |
purgeKeyUri.options: This behavior’s set of configuration options. |
|||
value |
String | ✓ | An alternative object name (URI) to purge the object, in case the default value is not sufficient. |
ramOnlyCaching
Enables or disables caching of specific types of content to RAM only memory.
Download schema:
rules.schema.json
ramOnlyCaching members
| Member | Type | Required | Description |
|---|---|---|---|
ramOnlyCaching: Enables or disables caching of specific types of content to RAM only memory. |
|||
name |
Enumeration | ✓ | The name of the behavior, ramOnlyCaching in this case. |
options |
ram |
✓ | This behavior’s set of configuration options. |
ramOnlyCaching.options: This behavior’s set of configuration options. |
|||
enable |
Boolean | ✓ | When enabled, all content matching the URI Filter is cached only in RAM. |
siteRedirectMode
Enables site redirect mode for HyperCache to redirect requests to optimal sites if needed.
Download schema:
rules.schema.json
siteRedirectMode members
| Member | Type | Required | Description |
|---|---|---|---|
siteRedirectMode: Enables site redirect mode for HyperCache to redirect requests to optimal sites if needed. |
|||
name |
Enumeration | ✓ | The name of the behavior, siteRedirectMode in this case. |
options |
site |
✓ | This behavior’s set of configuration options. |
siteRedirectMode.options: This behavior’s set of configuration options. |
|||
enable |
Boolean | ✓ | Enables site redirects. |
siteRedirectType
Site redirect type for HyperCache to make redirect decisions based on client IP or site information.
Download schema:
rules.schema.json
siteRedirectType members
| Member | Type | Required | Description |
|---|---|---|---|
siteRedirectType: Site redirect type for HyperCache to make redirect decisions based on client IP or site information. |
|||
name |
Enumeration | ✓ | The name of the behavior, siteRedirectType in this case. |
options |
site |
✓ | This behavior’s set of configuration options. |
siteRedirectType.options: This behavior’s set of configuration options. |
|||
value |
Enumeration | ✓ | Whether to look at CLIENT_IP or SITE information when redirecting requests. |
storagePartition
Specifies HyperCache partitions to reserve hard disk space for certain content types.
Download schema:
rules.schema.json
storagePartition members
| Member | Type | Required | Description |
|---|---|---|---|
storagePartition: Specifies HyperCache partitions to reserve hard disk space for certain content types. |
|||
name |
Enumeration | ✓ | The name of the behavior, storagePartition in this case. |
options |
storage |
✓ | This behavior’s set of configuration options. |
storagePartition.options: This behavior’s set of configuration options. |
|||
storage |
Integer | ✓ | A unique identifier for the Storage partition. |
uriSignature
The URI signature pattern provides a mechanism to express URI signing parameters and mechanisms to be enforced across an entire CDN prefix, or for a narrower subset of a CDN prefix identified by a particular URI pattern.
Download schema:
rules.schema.json
uriSignature members
| Member | Type | Required | Description |
|---|---|---|---|
uriSignature: The URI signature pattern provides a mechanism to express URI signing parameters and mechanisms to be enforced across an entire CDN prefix, or for a narrower subset of a CDN prefix identified by a particular URI pattern. |
|||
name |
Enumeration | ✓ | The name of the behavior, uriSignature in this case. |
options |
uri |
✓ | This behavior’s set of configuration options. |
uriSignature.options: This behavior’s set of configuration options. |
|||
algorithm |
Enumeration | ✓ | Signature calculation algorithm, either HMAC_MD5, HMAC_SHA1, MD5, or SHA1. |
input |
Enumeration | ○ | Specifies the capitalization used for transforming the input parameter before signature calculation. Either LOWERCASE, UPPERCASE, or NO_CHANGE. |
input |
String | ✓ | Specifies the set of input parameters and their order. The input parameter pattern can use parts of the incoming request, for example: $url_signature_shared_secret,#uri?sid=$arg_sid&e=$arg_e. To represent an expiration as a query argument, or with a cookie incoming URL, use $uri_sign_expire. |
protected |
String | ○ | The name of the capture path in the URI filter above used as a cookie path string to define the protected file names or path. |
protected |
Boolean | ○ | Use cookies derived from master query arguments to protect files matching URI filter with no query arguments, such as child .m3u8 and .ts. |
shared |
String | ✓ | The name of the request parameter which contains the index for the shared secret. |
shared |
Integer | ✓ | URI signature shared secret set to be used for validating the URI. |
tokenEncoding |
Enumeration | ✓ | The encoding used for the token parameter, either BASE64, HEX, or URL_SAFE_BASE64. |
tokenParameter |
String | ✓ | The name of the request parameter which contains the signature token. |
uri |
String | ✓ | The name of the request parameter which contains the expiration time for the URI being examined. |
udpSyslogAccessLog
Parameters associated with UDP Syslog access log feature.
Download schema:
rules.schema.json
udpSyslogAccessLog members
| Member | Type | Required | Description |
|---|---|---|---|
udpSyslogAccessLog: Parameters associated with UDP Syslog access log feature. |
|||
name |
Enumeration | ✓ | The name of the behavior, udpSyslogAccessLog in this case. |
options |
udp |
✓ | This behavior’s set of configuration options. |
udpSyslogAccessLog.options: This behavior’s set of configuration options. |
|||
defaultLogFormat |
String | ✓ | The name of the log format to use as the default. The log formats are defined by the operator. |
facility |
Enumeration | ○ | The syslog facility to use when transmitting logs. Possible values: LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7, KERN, USER, MAIL, DAEMON, AUTH, INTERN, LPR, NEWS, UUCP, CLOCK, AUTHPRIV, FTP, NTP, AUDIT, ALERT, CRON. Default value: LOCAL7. |
servers |
udp |
○ | Server object to send logs to. |
severity |
Enumeration | ○ | The syslog severity to use when transmitting logs. Possible values: DEBUG, INFO, NOTICE, WARNING, ERROR, CRITICAL, ALERT, EMERGENCY. Default value: INFO. |
udpSyslogAccessLog.options.servers[]: Server object to send logs to. |
|||
logFormat |
String | ○ | The name of the log format to use as the default. The log formats are defined by the operator. |
server |
String | ✓ | Server:<port> of syslog server. |
criterion
An object that specifies URI filters to match.
Download schema:
rules.schema.json
criterion members
| Member | Type | Required | Description |
|---|---|---|---|
criterion: An object that specifies URI filters to match. |
|||
name |
Enumeration | ✓ | The name of the criterion, uriFilter in this case. |
options |
criterion. |
✓ | This criterion’s set of configuration options. |
criterion.options: This criterion’s set of configuration options. |
|||
uriFilterType |
Enumeration | ✓ | The type of the filter to match URIs, either EXACT_MATCH, PREFIX_MATCH, REGULAR_EXPRESSION_MATCH, or CASE_INSENSITIVE_REGULAR_EXPRESSION_MATCH. |
uriFilterValue |
String | ✓ | Value of the filter used to match incoming URIs. |
Errors
This section provides details on the data object that reflects the API’s common response to error cases, and lists the API’s range of response status codes for both error and success cases.
Error responses
In case of errors, the API returns an HTTP Problem Details JSON object with the application/problem+json media type.
HTTP status codes
This section lists the full range of response codes the API may generate.
| Code | Description |
|---|---|
| 200 | The operation was successful. |
| 201 | Resource successfully created. |
| 204 | Successfully processed request. |
| 400 | Bad request. |
| 401 | Authentication failure. |
| 403 | Access is forbidden. |
| 404 | Resource not found. |
| 405 | Method not supported. |
| 409 | Conflict with current state of resource. |
| 415 | Unsupported media type. |
| 500 | Internal server error. |