loading

Aura LCDN Content Delivery API v1

Configure content for ingestion, caching, and delivery by an Aura LCDN.

Learn more:


Overview

This API allows the LCDN Operator or Content Provider to define which content will be ingested, cached, and delivered by an Aura LCDN.

Who should use this API

This API allows the CDN operator or content provider to manage their own content delivery options, including origin servers, CDN prefixes, URI Filters and TLS Profiles.

Get started

Before you use the Content Delivery API for the first time:

  • Contact your Akamai representative to enable it for your account.

  • A contentProviderId is given to the content provider.

  • The content provider must obtain an authorization token using one of the supported flows using the client_id/client_secret from the application created by the CDN operator.

  • Review Get started on tools that Akamai provides for all its APIs.

  • Before you begin any API operations, you must obtain and store the value of the content provider IDs (contentProviderId) that you need from the AMC GUI.

    To obtain content provider IDs, follow these instructions:

    1. Log in to the AMC GUI using an account with LCDN operator privileges.

      The default administrator account is co@domain-name, where domain-name specifies the domain assigned to the AMC. Use the password you configured when you installed and configured the AMC.

      The CDN Health dashboard opens.

    2. In the CDN Health dashboard, click Configure and under Content Delivery select Content Providers.

    3. In the Content Provider Management page, mouse over the name of a content provider to view the content provider ID.

    4. Store the value of the content provider IDs.

Resources

This section provides details on the API’s various operations. These are the resources reflected in the API’s URLs.

  • Content Provider: A Content Provider is an organization that has content it wants to deliver via the LCDN.

  • CDN prefix: A CDN prefix corresponds to the fully qualified domain name (FQDN) at the beginning of a URI, effectively carving out a region of the URI name space to which a set of rules and policies are applied.

  • Rule tree: A rule object is used to respond to different kinds of requests. A rule consists of a set of children which include criteria that identify which requests to process, and the behaviors to apply to those requests.

  • Origin: An origin server which contains content that the content provider wants to deliver over the LCDN.

  • TLS delivery Profile: A profile that specifies the security settings used for TLS connections from the HyperCache for secure content delivery.

  • TLS ingest profile: A profile that configures the ingest of content from an origin over HTTPS.

  • Shared secret set: Shared secret set objects contain secret pairs that are used for URI signing, which is used as an authorization method for content delivery.

  • Secrets: Unique key/index string pairs to be added as members of the secret set.

Note that you need to obtain a contentProviderId value before running any of the API’s operations. Refer to the Get started section for instructions.

API summary

Download the RAML descriptors for this API.

Operation Method Endpoint
Content Delivery  
List Content Providers GET /api/content-delivery/v1/content-providers
Get a Content Provider GET /api/content-delivery/v1/content-providers/{contentProviderId}
Create a New CDN prefix POST /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes
List CDN prefixes GET /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes
Update a CDN Prefix PUT /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}
Delete a CDN prefix DELETE /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}
Get a CDN prefix GET /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}
Update a rule tree PUT /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}/rules
Get a rule tree GET /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}/rules
Create a new origin POST /api/content-delivery/v1/content-providers/{contentProviderId}/origins
List origins GET /api/content-delivery/v1/content-providers/{contentProviderId}/origins
Update an origin PUT /api/content-delivery/v1/content-providers/{contentProviderId}/origins/{originId}
Delete an origin DELETE /api/content-delivery/v1/content-providers/{contentProviderId}/origins/{originId}
Get an origin GET /api/content-delivery/v1/content-providers/{contentProviderId}/origins/{originId}
Create a new TLS delivery profile POST /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles
List TLS delivery profiles GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles
Update a TLS delivery profile PUT /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}
Delete a TLS delivery profile DELETE /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}
Get a TLS delivery profile GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}
List CDN prefixes for a TLS delivery profile GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}/cdn-prefixes
Create a new TLS ingest profile POST /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles
List TLS ingest profiles GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles
Update a TLS ingest profile PUT /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}
Delete a TLS ingest profile DELETE /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}
Get a TLS ingest profile GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}
List origins for a TLS delivery profile GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}/origins
Create a new shared secret set POST /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets
List shared secret sets GET /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets
Delete a shared secret DELETE /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets/{sharedSecretSetId}
Get a shared secret set GET /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets/{sharedSecretSetId}
Update secrets PUT /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets/{sharedSecretSetId}/secrets
Get secrets GET /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets/{sharedSecretSetId}/secrets
Support resources  
List errors GET /api/content-delivery/errors

List Content Providers

This operation provides a list of Content Providers accessible to the principal. For Operators, all Content Providers in the system are returned. For Content Provider users, only the Content Providers that are associated with that user are returned. For Service Provider users, all Content Providers associated with that user and with that Service Provider are returned.

GET /api/content-delivery/v1/content-providers

Status 200 application/json

Download schema: content-provider.collection.schema.json

Response body:

{
    "contentProviders": [
        {
            "name": "Content Provider 1",
            "contentProviderId": 1
        },
        {
            "name": "Content Provider 2",
            "contentProviderId": 2
        },
        {
            "name": "Content Provider 3",
            "contentProviderId": 3
        }
    ],
    "page": {
        "pageNumber": 1,
        "pageSize": 100,
        "totalPages": 1,
        "totalResults": 3
    }
}

Get a Content Provider

This operation gets the specified Content Provider.

GET /api/content-delivery/v1/content-providers/{contentProviderId}

Sample: /api/content-delivery/v1/content-providers/4

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 4 Unique identifier for each Content Provider.

Status 200 application/json

Object type: ContentProvider

Download schema: content-provider.full.schema.json

Response body:

{
    "account": "account1",
    "name": "Content Provider 1",
    "enable": true,
    "contentProviderId": 1,
    "serviceProviderId": 2
}

Create a New CDN prefix

This operation creates a new CDN prefix. A CDN prefix is a defined hostname which is referenced by an end user’s request for content. This is accomplished using a DNS lookup directed to a node running the request router service. The request router then determines the HPC node best able to serve that particular end user’s request.

POST /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes

Sample: /api/content-delivery/v1/content-providers/3/cdn-prefixes

Content-Type: application/json

Object type: CdnPrefix

Download schema: cdn-prefix.create.schema.json

Request body:

{
    "prefix": "somewhere.com",
    "enable": true,
    "prefixPrioritization": "HIGH",
    "contentProviderId": 3
}
Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.

Status 201 application/json

Headers:

Location: https://akzz-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx.luna.akamaiapis.net/api/content-delivery/v1/content-providers/1/cdn-prefixes/1

Object type: CdnPrefix

Download schema: cdn-prefix.full.schema.json

Response body:

{
    "cdnPrefixId": 4,
    "prefix": "somewhere.com",
    "enable": true,
    "prefixPrioritization": "HIGH",
    "contentProviderId": 3
}
  1. Build a CdnPrefix POST object.

  2. POST the object to /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes.

  3. The response reflects the newly created CdnPrefix object.

  4. The response’s Location header provides a URL link to GET the new CDN prefix.

List CDN prefixes

This operation provides a list of the CDN prefixes owned by the content provider.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes

Sample: /api/content-delivery/v1/content-providers/3/cdn-prefixes

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.

Status 200 application/json

Object type: CdnPrefix

Download schema: cdn-prefix.collection.schema.json

Response body:

{
    "cdnPrefixes": [
        {
            "cdnPrefixId": 4,
            "prefix": "somewhere.com"
        }
    ],
    "page": {
        "pageNumber": 1,
        "pageSize": 100,
        "totalPages": 1,
        "totalResults": 1
    }
}

Update a CDN Prefix

This operation modifies an existing CDN prefix.

PUT /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}

Sample: /api/content-delivery/v1/content-providers/3/cdn-prefixes/4

Content-Type: application/json

Object type: CdnPrefix

Download schema: cdn-prefix.full.schema.json

Request body:

{
    "cdnPrefixId": 4,
    "prefix": "somewhere.com",
    "enable": true,
    "prefixPrioritization": "HIGH",
    "contentProviderId": 3
}
Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
cdnPrefixId Integer 4 Unique identifier for each CDN prefix.

Status 200 application/json

Object type: CdnPrefix

Download schema: cdn-prefix.full.schema.json

Response body:

{
    "cdnPrefixId": 4,
    "prefix": "somewhere.com",
    "enable": true,
    "prefixPrioritization": "HIGH",
    "contentProviderId": 3
}
  1. If you don’t have a cdnPrefixId value, run the List CDN prefixes operation and select one from the responses’s cdnPrefixes array.

  2. Run the Get a CDN prefix operation and store the response object.

  3. Update the CdnPrefix object.

  4. PUT the object back to the same URL as the GET operation: /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}.

  5. The response reflects the updated CdnPrefix object.

Delete a CDN prefix

This operation deletes a CDN prefix.

DELETE /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}

Sample: /api/content-delivery/v1/content-providers/3/cdn-prefixes/4

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
cdnPrefixId Integer 4 Unique identifier for each CDN prefix.

Status 204

  1. Run the List CDN prefixes operation and store the cdnPrefixId of the relevant CDN prefix from the response.

  2. Make a DELETE request to /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}.

Get a CDN prefix

This operation provides a list of the CDN prefixes.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}

Sample: /api/content-delivery/v1/content-providers/3/cdn-prefixes/4

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
cdnPrefixId Integer 4 Unique identifier for each CDN prefix.

Status 200 application/json

Object type: CdnPrefix

Download schema: cdn-prefix.full.schema.json

Response body:

{
    "cdnPrefixId": 4,
    "prefix": "somewhere.com",
    "enable": true,
    "prefixPrioritization": "HIGH",
    "contentProviderId": 3
}
  1. If you don’t have a cdnPrefixId value, run the List CDN prefixes operation and select one from the responses’s cdnPrefixes array.

  2. Make a GET request to /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}.

  3. The response is a CdnPrefix object.

Update a rule tree

This operation updates the rule behaviors for a CDN prefix.

PUT /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}/rules

Sample: /api/content-delivery/v1/content-providers/3/cdn-prefixes/4/rules

Content-Type: application/json

Object type: Rule

Download schema: rules.schema.json

Request body:

{
    "defaultBehaviors": [
        {
            "name": "originServer",
            "options": {
                "originId": 1
            }
        }
    ],
    "children": [
        {
            "name": "first filter",
            "criterion": {
                "name": "uriFilter",
                "options": {
                    "uriFilterType": "PREFIX_MATCH",
                    "uriFilterValue": "/objects"
                }
            },
            "behaviors": [
                {
                    "name": "ramOnlyCaching",
                    "options": {
                        "enable": true
                    }
                },
                {
                    "name": "fastcgiAuth",
                    "options": {
                        "enable": true,
                        "server": "auth.server:88",
                        "params": {
                            "foo": "bar"
                        },
                        "backupServers": [
                            "auth2.server:88"
                        ]
                    }
                },
                {
                    "name": "httpsDelivery",
                    "options": {
                        "value": "DISABLE"
                    }
                },
                {
                    "name": "excludedQueryArguments",
                    "options": {
                        "value": [
                            "arg1",
                            "arg2"
                        ]
                    }
                },
                {
                    "name": "externalOriginAuth",
                    "options": {
                        "service": "AMAZON_AWS_S3",
                        "accessKey": "...",
                        "secretKey": "...",
                        "signedHeaders": [
                            "H1"
                        ],
                        "region": "us-east-1"
                    }
                },
                {
                    "name": "lastMileAcceleration",
                    "options": {
                        "contentTypes": [
                            "application/type1",
                            "application/type2"
                        ],
                        "compressionLevel": 6,
                        "enable": true,
                        "uaRestrict": "^client100$"
                    }
                },
                {
                    "name": "limitRate",
                    "options": {
                        "bandwidth": 1000,
                        "unit": "MB_PER_SECOND"
                    }
                },
                {
                    "name": "uriSignature",
                    "options": {
                        "protectedPathPattern": "$some/protected/path",
                        "tokenEncoding": "BASE64",
                        "tokenParameter": "$signatureToken",
                        "sharedSecretSetId": 1,
                        "sharedSecretIndexParameter": "$myParam",
                        "algorithm": "MD5",
                        "inputParameterCapitalization": "NO_CHANGE",
                        "inputParameterPattern": "arg1",
                        "uriExpirationParameter": "$expires"
                    }
                },
                {
                    "name": "cors",
                    "options": {
                        "accessControlAllowHeaders": [
                            "X-Header1",
                            "X-Header2"
                        ],
                        "accessControlAllowOrigin": {
                            "allowAllOrigins": true
                        },
                        "accessControlAllowMethods": [
                            "GET",
                            "HEAD"
                        ],
                        "accessControlMaxAge": 3600,
                        "enablePreflight": true
                    }
                }
            ]
        }
    ]
}
Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
cdnPrefixId Integer 4 Unique identifier for each CDN prefix.

Status 200 application/json

Object type: Rule

Download schema: rules.schema.json

Response body:

{
    "defaultBehaviors": [
        {
            "name": "originServer",
            "options": {
                "originId": 1
            }
        }
    ],
    "children": [
        {
            "name": "first filter",
            "criterion": {
                "name": "uriFilter",
                "options": {
                    "uriFilterType": "PREFIX_MATCH",
                    "uriFilterValue": "/objects"
                }
            },
            "behaviors": [
                {
                    "name": "ramOnlyCaching",
                    "options": {
                        "enable": true
                    }
                },
                {
                    "name": "fastcgiAuth",
                    "options": {
                        "enable": true,
                        "server": "auth.server:88",
                        "params": {
                            "foo": "bar"
                        },
                        "backupServers": [
                            "auth2.server:88"
                        ]
                    }
                },
                {
                    "name": "httpsDelivery",
                    "options": {
                        "value": "DISABLE"
                    }
                },
                {
                    "name": "excludedQueryArguments",
                    "options": {
                        "value": [
                            "arg1",
                            "arg2"
                        ]
                    }
                },
                {
                    "name": "externalOriginAuth",
                    "options": {
                        "service": "AMAZON_AWS_S3",
                        "accessKey": "...",
                        "secretKey": "...",
                        "signedHeaders": [
                            "H1"
                        ],
                        "region": "us-east-1"
                    }
                },
                {
                    "name": "lastMileAcceleration",
                    "options": {
                        "contentTypes": [
                            "application/type1",
                            "application/type2"
                        ],
                        "compressionLevel": 6,
                        "enable": true,
                        "uaRestrict": "^client100$"
                    }
                },
                {
                    "name": "limitRate",
                    "options": {
                        "bandwidth": 1000,
                        "unit": "MB_PER_SECOND"
                    }
                },
                {
                    "name": "uriSignature",
                    "options": {
                        "protectedPathPattern": "$some/protected/path",
                        "tokenEncoding": "BASE64",
                        "tokenParameter": "$signatureToken",
                        "sharedSecretSetId": 1,
                        "sharedSecretIndexParameter": "$myParam",
                        "algorithm": "MD5",
                        "inputParameterCapitalization": "NO_CHANGE",
                        "inputParameterPattern": "arg1",
                        "uriExpirationParameter": "$expires"
                    }
                },
                {
                    "name": "cors",
                    "options": {
                        "accessControlAllowHeaders": [
                            "X-Header1",
                            "X-Header2"
                        ],
                        "accessControlAllowOrigin": {
                            "allowAllOrigins": true
                        },
                        "accessControlAllowMethods": [
                            "GET",
                            "HEAD"
                        ],
                        "accessControlMaxAge": 3600,
                        "enablePreflight": true
                    }
                }
            ]
        }
    ]
}
  1. If you don’t have a cdnPrefixId value, run the List CDN prefixes operation and select one from the responses’s cdnPrefixes array.

  2. Run the Get a rule tree operation and store the response object.

  3. Update the Rule object.

  4. PUT the object back to the same URL as the GET operation: /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}/rules.

  5. The response reflects the updated Rule object.

Get a rule tree

This operation displays the default rule behaviors for a CDN prefix.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}/rules

Sample: /api/content-delivery/v1/content-providers/3/cdn-prefixes/4/rules

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
cdnPrefixId Integer 4 Unique identifier for each CDN prefix.

Status 200 application/json

Object type: Rule

Download schema: rules.schema.json

Response body:

{
    "defaultBehaviors": [
        {
            "name": "originServer",
            "options": {
                "originId": 1
            }
        }
    ],
    "children": [
        {
            "name": "first filter",
            "criterion": {
                "name": "uriFilter",
                "options": {
                    "uriFilterType": "PREFIX_MATCH",
                    "uriFilterValue": "/objects"
                }
            },
            "behaviors": [
                {
                    "name": "ramOnlyCaching",
                    "options": {
                        "enable": true
                    }
                },
                {
                    "name": "fastcgiAuth",
                    "options": {
                        "enable": true,
                        "server": "auth.server:88",
                        "params": {
                            "foo": "bar"
                        },
                        "backupServers": [
                            "auth2.server:88"
                        ]
                    }
                },
                {
                    "name": "httpsDelivery",
                    "options": {
                        "value": "DISABLE"
                    }
                },
                {
                    "name": "excludedQueryArguments",
                    "options": {
                        "value": [
                            "arg1",
                            "arg2"
                        ]
                    }
                },
                {
                    "name": "externalOriginAuth",
                    "options": {
                        "service": "AMAZON_AWS_S3",
                        "accessKey": "...",
                        "secretKey": "...",
                        "signedHeaders": [
                            "H1"
                        ],
                        "region": "us-east-1"
                    }
                },
                {
                    "name": "lastMileAcceleration",
                    "options": {
                        "contentTypes": [
                            "application/type1",
                            "application/type2"
                        ],
                        "compressionLevel": 6,
                        "enable": true,
                        "uaRestrict": "^client100$"
                    }
                },
                {
                    "name": "limitRate",
                    "options": {
                        "bandwidth": 1000,
                        "unit": "MB_PER_SECOND"
                    }
                },
                {
                    "name": "uriSignature",
                    "options": {
                        "protectedPathPattern": "$some/protected/path",
                        "tokenEncoding": "BASE64",
                        "tokenParameter": "$signatureToken",
                        "sharedSecretSetId": 1,
                        "sharedSecretIndexParameter": "$myParam",
                        "algorithm": "MD5",
                        "inputParameterCapitalization": "NO_CHANGE",
                        "inputParameterPattern": "arg1",
                        "uriExpirationParameter": "$expires"
                    }
                },
                {
                    "name": "cors",
                    "options": {
                        "accessControlAllowHeaders": [
                            "X-Header1",
                            "X-Header2"
                        ],
                        "accessControlAllowOrigin": {
                            "allowAllOrigins": true
                        },
                        "accessControlAllowMethods": [
                            "GET",
                            "HEAD"
                        ],
                        "accessControlMaxAge": 3600,
                        "enablePreflight": true
                    }
                }
            ]
        }
    ]
}
  1. If you don’t have a cdnPrefixId value, run the List CDN prefixes operation and select one from the responses’s cdnPrefixes array.

  2. Make a GET request to /api/content-delivery/v1/content-providers/{contentProviderId}/cdn-prefixes/{cdnPrefixId}/rules.

  3. The response is a Rule object.

Create a new origin

This operation allows a service provider to register a new URL for each origin server that a content provider wants to add to the CDN.

POST /api/content-delivery/v1/content-providers/{contentProviderId}/origins

Sample: /api/content-delivery/v1/content-providers/3/origins

Content-Type: application/json

Object type: Origin

Download schema: origin.create.schema.json

Request body:

{
    "contentProviderId": 3,
    "hostname": "somewhere.com",
    "description": "Some place far away",
    "enable": true,
    "cachingType": "CONSERVATIVE",
    "interSiteProtocol": "HTTP",
    "intraSiteProtocol": "HTTP",
    "enableAuthenticatedContent": false,
    "enableSiteRedirects": false
}
Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.

Status 201 application/json

Headers:

Location: https://akzz-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx.luna.akamaiapis.net/api/content-delivery/v1/content-providers/1/origins/1

Object type: Origin

Download schema: origin.full.schema.json

Response body:

{
    "originId": 3,
    "contentProviderId": 3,
    "hostname": "somewhere.com",
    "description": "Some place far away",
    "enable": true,
    "cachingType": "CONSERVATIVE",
    "interSiteProtocol": "HTTP",
    "intraSiteProtocol": "HTTP",
    "enableAuthenticatedContent": false,
    "enableSiteRedirects": false
}
  1. Build an Origin request object.

  2. POST the object to /api/content-delivery/v1/content-providers/{contentProviderId}/origins.

  3. The response reflects the newly created Origin object.

  4. The response’s Location header provides a URL link to GET the new origin.

List origins

This operation displays the origins owned by the Content Provider specified by contentProviderId.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/origins

Sample: /api/content-delivery/v1/content-providers/3/origins

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.

Status 200 application/json

Object type: Origin

Download schema: origin.collection.schema.json

Response body:

{
    "origins": [
        {
            "originId": 3,
            "url": "somewhere.com"
        }
    ],
    "page": {
        "pageNumber": 1,
        "pageSize": 100,
        "totalPages": 1,
        "totalResults": 1
    }
}

Update an origin

This operation modifies the origin servers associated with a specified content provider.

PUT /api/content-delivery/v1/content-providers/{contentProviderId}/origins/{originId}

Sample: /api/content-delivery/v1/content-providers/3/origins/3

Content-Type: application/json

Object type: Origin

Download schema: origin.full.schema.json

Request body:

{
    "originId": 3,
    "contentProviderId": 3,
    "hostname": "somewhere.com",
    "description": "Some place far away",
    "enable": true,
    "cachingType": "CONSERVATIVE",
    "interSiteProtocol": "HTTP",
    "intraSiteProtocol": "HTTP",
    "enableAuthenticatedContent": false,
    "enableSiteRedirects": false
}
Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
originId Integer 3 Unique identifier for each origin.

Status 200 application/json

Object type: Origin

Download schema: origin.full.schema.json

Response body:

{
    "originId": 3,
    "contentProviderId": 3,
    "hostname": "somewhere.com",
    "description": "Some place far away",
    "enable": true,
    "cachingType": "CONSERVATIVE",
    "interSiteProtocol": "HTTP",
    "intraSiteProtocol": "HTTP",
    "enableAuthenticatedContent": false,
    "enableSiteRedirects": false
}
  1. If you don’t have an originId value, run the List origins operation and select one from the responses’s origins array.

  2. Run the Get an origin operation and store the response object.

  3. Update the Origin object.

  4. PUT the object back to the same URL as the GET operation: /api/content-delivery/v1/content-providers/{contentProviderId}/origins/{originId}.

  5. The response reflects the updated Origin object.

Delete an origin

This operation removes the association of an origin server from the specified content provider.

DELETE /api/content-delivery/v1/content-providers/{contentProviderId}/origins/{originId}

Sample: /api/content-delivery/v1/content-providers/3/origins/3

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
originId Integer 3 Unique identifier for each origin.

Status 204

  1. Run the List origins operation and store the originId of the relevant origin in the response.

  2. Make a DELETE request to delete the origin object from /api/content-delivery/v1/content-providers/{contentProviderId}/origins/{originId}.

Get an origin

This operation displays a list of origin servers associated with a specified content provider.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/origins/{originId}

Sample: /api/content-delivery/v1/content-providers/3/origins/3

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
originId Integer 3 Unique identifier for each origin.

Status 200 application/json

Object type: Origin

Download schema: origin.full.schema.json

Response body:

{
    "originId": 3,
    "contentProviderId": 3,
    "hostname": "somewhere.com",
    "description": "Some place far away",
    "enable": true,
    "cachingType": "CONSERVATIVE",
    "interSiteProtocol": "HTTP",
    "intraSiteProtocol": "HTTP",
    "enableAuthenticatedContent": false,
    "enableSiteRedirects": false
}
  1. If you don’t have an originId value, run the List origins operation and select one from the responses’s origins array.

  2. Make a GET request to /api/content-delivery/v1/content-providers/{contentProviderId}/origins/{originId}.

  3. The response is an Origin object.

Create a new TLS delivery profile

This operation creates a new content provider TLS delivery profile. The content provider TLS delivery profile specifies the security settings used for TLS connections when a content provider wants content delivered over HTTPS. This type of profile is created by the content provider, and its available for use by CDN prefixes owned by that content provider.

POST /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles

Sample: /api/content-delivery/v1/content-providers/3/tls-delivery-profiles

Content-Type: application/json

Object type: TlsDeliveryProfile

Download schema: tls-delivery-profile.create.schema.json

Request body:

{
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
    "tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
    "tlsCertificateDetails": {
        "fingerprints": {
            "sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
            "sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
        },
        "validity": {
            "notBefore": "2017-06-15T14:22:03.000+0000",
            "notAfter": "2044-10-30T14:22:03.000+0000"
        },
        "issuedTo": {
            "commonName": "JUnit Tests",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division",
            "serial": "10:00"
        },
        "issuedBy": {
            "commonName": "lcdn.docker.ca",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division"
        }
    },
    "caCertificateSecretId": 10,
    "tlsCertificateAndKeySecretId": 11
}
Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.

Status 201 application/json

Headers:

Location: https://akzz-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx.luna.akamaiapis.net/api/content-delivery/v1/content-providers/1/tls-delivery-profiles/1

Object type: TlsDeliveryProfile

Download schema: tls-delivery-profile.full.schema.json

Response body:

{
    "description": "",
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsDeliveryProfileId": 1,
    "tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
    "tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
    "tlsCertificateDetails": {
        "fingerprints": {
            "sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
            "sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
        },
        "validity": {
            "notBefore": "2017-06-15T14:22:03.000+0000",
            "notAfter": "2044-10-30T14:22:03.000+0000"
        },
        "issuedTo": {
            "commonName": "JUnit Tests",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division",
            "serial": "10:00"
        },
        "issuedBy": {
            "commonName": "lcdn.docker.ca",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division"
        }
    },
    "caCertificateSecretId": 10,
    "tlsCertificateAndKeySecretId": 11
}
  1. Build a TlsDeliveryProfile object.

  2. POST the object to /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles.

  3. The response reflects the newly created TlsDeliveryProfile object.

  4. The response’s Location header provides a URL link to GET the new TLS delivery profile.

List TLS delivery profiles

This operation lists the TLS delivery profiles owned by the specified content provider.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles

Sample: /api/content-delivery/v1/content-providers/3/tls-delivery-profiles

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.

Status 200 application/json

Object type: TlsDeliveryProfile

Download schema: tls-delivery-profile.collection.schema.json

Response body:

{
    "tlsDeliveryProfiles": [
        {
            "name": "test",
            "tlsDeliveryProfileId": 1
        }
    ]
}

Update a TLS delivery profile

After you create a content provider TLS delivery profile, you can use this operation to modify the profile parameters for the specified content provider.

PUT /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}

Sample: /api/content-delivery/v1/content-providers/3/tls-delivery-profiles/1

Content-Type: application/json

Object type: TlsDeliveryProfile

Download schema: tls-delivery-profile.full.schema.json

Request body:

{
    "description": "",
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsDeliveryProfileId": 1,
    "tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
    "tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
    "tlsCertificateDetails": {
        "fingerprints": {
            "sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
            "sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
        },
        "validity": {
            "notBefore": "2017-06-15T14:22:03.000+0000",
            "notAfter": "2044-10-30T14:22:03.000+0000"
        },
        "issuedTo": {
            "commonName": "JUnit Tests",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division",
            "serial": "10:00"
        },
        "issuedBy": {
            "commonName": "lcdn.docker.ca",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division"
        }
    },
    "caCertificateSecretId": 10,
    "tlsCertificateAndKeySecretId": 11
}
Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
tlsDeliveryProfileId Integer 1 Unique identifier for each TLS delivery profile.

Status 200 application/json

Object type: TlsDeliveryProfile

Download schema: tls-delivery-profile.full.schema.json

Response body:

{
    "description": "",
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsDeliveryProfileId": 1,
    "tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
    "tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
    "tlsCertificateDetails": {
        "fingerprints": {
            "sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
            "sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
        },
        "validity": {
            "notBefore": "2017-06-15T14:22:03.000+0000",
            "notAfter": "2044-10-30T14:22:03.000+0000"
        },
        "issuedTo": {
            "commonName": "JUnit Tests",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division",
            "serial": "10:00"
        },
        "issuedBy": {
            "commonName": "lcdn.docker.ca",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division"
        }
    },
    "caCertificateSecretId": 10,
    "tlsCertificateAndKeySecretId": 11
}
  1. If you don’t have a tlsDeliveryProfileId value, run the List TLS delivery profiles operation and select one from the responses’s tlsDeliveryProfiles array.

  2. Run the Get a TLS delivery profile operation and store the response object.

  3. Update the TlsDeliveryProfile object.

  4. PUT the object back to the same URL as the GET operation: /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}.

  5. The response reflects the updated TlsDeliveryProfile object.

Delete a TLS delivery profile

This operation deletes a TLS delivery profile for the specified content provider.

DELETE /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}

Sample: /api/content-delivery/v1/content-providers/3/tls-delivery-profiles/1

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
tlsDeliveryProfileId Integer 1 Unique identifier for each TLS delivery profile.

Status 204

  1. Run the List TLS delivery profiles operation and store the tlsDeliveryProfileId of the relevant TLS delivery profile from the response.

  2. Make a DELETE request to /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}.

Get a TLS delivery profile

This operation gets the specified TLS delivery profile for the specified content provider.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}

Sample: /api/content-delivery/v1/content-providers/3/tls-delivery-profiles/1

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
tlsDeliveryProfileId Integer 1 Unique identifier for each TLS delivery profile.

Status 200 application/json

Object type: TlsDeliveryProfile

Download schema: tls-delivery-profile.full.schema.json

Response body:

{
    "description": "",
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsDeliveryProfileId": 1,
    "tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
    "tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
    "tlsCertificateDetails": {
        "fingerprints": {
            "sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
            "sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
        },
        "validity": {
            "notBefore": "2017-06-15T14:22:03.000+0000",
            "notAfter": "2044-10-30T14:22:03.000+0000"
        },
        "issuedTo": {
            "commonName": "JUnit Tests",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division",
            "serial": "10:00"
        },
        "issuedBy": {
            "commonName": "lcdn.docker.ca",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division"
        }
    },
    "caCertificateSecretId": 10,
    "tlsCertificateAndKeySecretId": 11
}
  1. If you don’t have a tlsDeliveryProfileId value, run the List TLS delivery profiles operation and select one from the responses’s tlsDeliveryProfiles array.

  2. Make a GET request to /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}.

  3. The response is a TlsDeliveryProfile object.

List CDN prefixes for a TLS delivery profile

This operation displays the list of CDN prefixes for the specified TLS delivery profile.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}/cdn-prefixes

Sample: /api/content-delivery/v1/content-providers/3/tls-delivery-profiles/1/cdn-prefixes

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
tlsDeliveryProfileId Integer 1 Unique identifier for each TLS delivery profile.

Status 200 application/json

Object type: CdnPrefix

Download schema: cdn-prefix.collection.schema.json

Response body:

{
    "cdnPrefixes": [
        {
            "cdnPrefixId": 4,
            "prefix": "somewhere.com"
        }
    ],
    "page": {
        "pageNumber": 1,
        "pageSize": 100,
        "totalPages": 1,
        "totalResults": 1
    }
}
  1. If you don’t have a tlsDeliveryProfileId value, run the List TLS delivery profiles operation and select one from the responses’s tlsDeliveryProfiles array.

  2. Make a GET request to /api/content-delivery/v1/content-providers/{contentProviderId}/tls-delivery-profiles/{tlsDeliveryProfileId}/cdn-prefixes.

  3. The response is a CdnPrefix object.

Create a new TLS ingest profile

This operation creates a TLS ingest profile. To configure the ingest of content from an origin over HTTPS, a content provider must first create a TLS ingest profile and bind the profile to the origin. The HyperCache uses the TLS parameters specified in the TLS ingest profile to ingest content from the origin. A TLS ingest profile can be bound to one or more origins, and can only be deleted if it is not bound to an origin.

POST /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles

Sample: /api/content-delivery/v1/content-providers/3/tls-ingest-profiles

Content-Type: application/json

Object type: TlsIngestProfile

Download schema: tls-ingest-profile.create.schema.json

Request body:

{
    "description": "",
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsProtocols": [
        "TLSV1",
        "TLSV1_2",
        "TLSV1_1"
    ],
    "ciphers": "HIGH:!aNULL:!MD5"
}
Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.

Status 201 application/json

Headers:

Location: https://akzz-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx.luna.akamaiapis.net/api/content-delivery/v1/content-providers/1/tls-ingest-profiles/1

Object type: TlsIngestProfile

Download schema: tls-ingest-profile.full.schema.json

Response body:

{
    "description": "",
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsIngestProfileId": 1,
    "tlsProtocols": [
        "TLSV1",
        "TLSV1_2",
        "TLSV1_1"
    ],
    "ciphers": "HIGH:!aNULL:!MD5"
}
  1. Build a TlsIngestProfile object.

  2. POST the object to /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles.

  3. The response reflects the newly created TlsIngestProfile object.

  4. The response’s Location header provides a URL link to GET the new TLS ingest profile.

List TLS ingest profiles

This operation displays the list of TLS ingest profiles owned by the specified content provider.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles

Sample: /api/content-delivery/v1/content-providers/3/tls-ingest-profiles

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.

Status 200 application/json

Object type: TlsIngestProfile

Download schema: tls-ingest-profile.collection.schema.json

Response body:

{
    "tlsIngestProfiles": [
        {
            "name": "test",
            "tlsIngestProfileId": 1
        }
    ]
}

Update a TLS ingest profile

After you create a TLS ingest profile, you can modify its attributes using this operation.

PUT /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}

Sample: /api/content-delivery/v1/content-providers/3/tls-ingest-profiles/1

Content-Type: application/json

Object type: TlsIngestProfile

Download schema: tls-ingest-profile.full.schema.json

Request body:

{
    "description": "",
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsIngestProfileId": 1,
    "tlsProtocols": [
        "TLSV1",
        "TLSV1_2",
        "TLSV1_1"
    ],
    "ciphers": "HIGH:!aNULL:!MD5"
}
Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
tlsIngestProfileId Integer 1 Unique identifier for each TLS ingest profile.

Status 200 application/json

Object type: TlsIngestProfile

Download schema: tls-ingest-profile.full.schema.json

Response body:

{
    "description": "",
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsIngestProfileId": 1,
    "tlsProtocols": [
        "TLSV1",
        "TLSV1_2",
        "TLSV1_1"
    ],
    "ciphers": "HIGH:!aNULL:!MD5"
}
  1. If you don’t have a tlsIngestProfileId value, run the List TLS ingest profiles operation and select one from the responses’s tlsIngestProfiles array.

  2. Run the Get a TLS ingest profile and store the response object.

  3. Update the TlsIngestProfile object.

  4. PUT the object back to the same URL as the GET operation: /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}.

  5. The response reflects the updated TlsIngestProfile object.

Delete a TLS ingest profile

This operation deletes a TLS ingest profile for the specified content provider. A TLS ingest profile can be bound to one or more origins, and can only be deleted if it is not bound to an origin.

DELETE /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}

Sample: /api/content-delivery/v1/content-providers/3/tls-ingest-profiles/1

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
tlsIngestProfileId Integer 1 Unique identifier for each TLS ingest profile.

Status 204

  1. Run the List TLS ingest profiles operation and store the tlsIngestProfileId of the relevant TLS ingest profile from the response.

  2. Make a DELETE request to /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}.

Get a TLS ingest profile

This operation gets details about a specified TLS ingest profile.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}

Sample: /api/content-delivery/v1/content-providers/3/tls-ingest-profiles/1

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
tlsIngestProfileId Integer 1 Unique identifier for each TLS ingest profile.

Status 200 application/json

Object type: TlsIngestProfile

Download schema: tls-ingest-profile.full.schema.json

Response body:

{
    "description": "",
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsIngestProfileId": 1,
    "tlsProtocols": [
        "TLSV1",
        "TLSV1_2",
        "TLSV1_1"
    ],
    "ciphers": "HIGH:!aNULL:!MD5"
}
  1. If you don’t have a tlsIngestProfileId value, run the List TLS ingest profiles operation and select one from the responses’s tlsIngestProfiles array.

  2. Make a GET request to /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}.

  3. The response is a TlsIngestProfile object.

List origins for a TLS delivery profile

This operation lists the origins associated with a specified TLS delivery profile.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}/origins

Sample: /api/content-delivery/v1/content-providers/3/tls-ingest-profiles/1/origins

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
tlsIngestProfileId Integer 1 Unique identifier for each TLS ingest profile.

Status 200 application/json

Object type: Origin

Download schema: origin.collection.schema.json

Response body:

{
    "origins": [
        {
            "originId": 3,
            "url": "somewhere.com"
        }
    ],
    "page": {
        "pageNumber": 1,
        "pageSize": 100,
        "totalPages": 1,
        "totalResults": 1
    }
}
  1. If you don’t have a tlsIngestProfileId value, run the List TLS ingest profiles operation and select one from the responses’s tlsIngestProfiles array.

  2. Make a GET request to /api/content-delivery/v1/content-providers/{contentProviderId}/tls-ingest-profiles/{tlsIngestProfileId}/origins.

  3. The response lists a set of Origin objects.

Create a new shared secret set

This operation creates a new shared secret set for the specified content provider.

POST /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets

Sample: /api/content-delivery/v1/content-providers/3/shared-secret-sets

Content-Type: application/json

Object type: SharedSecretSet

Download schema: shared-secret-set.create.schema.json

Request body:

{
    "name": "secret-set1"
}
Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.

Status 201 application/json

Headers:

Location: https://akzz-xxxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxx.luna.akamaiapis.net/api/content-delivery/v1/content-providers/1/shared-secret-sets/1

Object type: SharedSecretSet

Download schema: shared-secret-set.full.schema.json

Response body:

{
    "sharedSecretSetId": 3,
    "name": "secret-set1"
}
  1. Build a SharedSecretSet POST object.

  2. POST the object to /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secrets-sets.

  3. The response reflects the newly created SharedSecretSet object.

  4. The response’s Location header provides a URL link to GET the new shared secret set.

List shared secret sets

This operation lists all shared secrets sets for a specified content provider.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets

Sample: /api/content-delivery/v1/content-providers/3/shared-secret-sets

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.

Status 200 application/json

Object type: SharedSecretSet

Download schema: shared-secret-set.collection.schema.json

Response body:

{
    "sharedSecretSets": [
        {
            "sharedSecretSetId": 3,
            "name": "secret-set1"
        }
    ],
    "page": {
        "pageNumber": 1,
        "pageSize": 100,
        "totalPages": 1,
        "totalResults": 1
    }
}

Delete a shared secret

This operation deletes a shared secret set for a specified content provider.

DELETE /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets/{sharedSecretSetId}

Sample: /api/content-delivery/v1/content-providers/3/shared-secret-sets/1

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
sharedSecretSetId Integer 1 Unique identifier for each shared secret set.

Status 204

  1. Run the List shared secret sets operation and store the sharedSecretId of the relevant shared secret set in the response.

  2. Make a DELETE request to delete the shared secret set object from /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secrets-sets/{sharedSecretSetId}.

Get a shared secret set

This operation gets the details about a shared secret set for a specified content provider.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets/{sharedSecretSetId}

Sample: /api/content-delivery/v1/content-providers/3/shared-secret-sets/1

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
sharedSecretSetId Integer 1 Unique identifier for each shared secret set.

Status 200 application/json

Object type: SharedSecretSet

Download schema: shared-secret-set.full.schema.json

Response body:

{
    "sharedSecretSetId": 3,
    "name": "secret-set1"
}
  1. If you don’t have a sharedSecretSetId value, run the List shared secret sets operation and select one from the responses’s sharedSecretSets array.

  2. Make a GET request to /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secrets-sets/{sharedSecretSetId}.

  3. The response is a SharedSecretSet object.

Update secrets

This operations updates the details of a Shared Secret Set for a specified Content Provider.

PUT /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets/{sharedSecretSetId}/secrets

Sample: /api/content-delivery/v1/content-providers/3/shared-secret-sets/1/secrets

Content-Type: application/json

Object type: Secrets

Download schema: shared-secret-set-secrets.schema.json

Request body:

{
    "secrets": {
        "secret1": "sshh!",
        "secret2": "psst!"
    }
}
Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
sharedSecretSetId Integer 1 Unique identifier for each shared secret set.

Status 200 application/json

Object type: Secrets

Download schema: shared-secret-set-secrets.schema.json

Response body:

{
    "secrets": {
        "secret1": "sshh!",
        "secret2": "psst!"
    }
}
  1. If you don’t have a sharedSecretSetId value, run the List shared secret sets operation and select one from the responses’s sharedSecretSets array.

  2. Run the Get secrets operation and store the response object.

  3. Update the Secrets object.

  4. PUT the object back to the same URL as the GET operation: /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secrets-sets/{sharedSecretSetId}/secrets.

  5. The response reflects the updated Secrets object.

Get secrets

This operations gets the details of a shared secret set for a specified content provider.

GET /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secret-sets/{sharedSecretSetId}/secrets

Sample: /api/content-delivery/v1/content-providers/3/shared-secret-sets/1/secrets

Parameter Type Sample Description
URL path parameters
contentProviderId Integer 3 Unique identifier for each content provider.
sharedSecretSetId Integer 1 Unique identifier for each shared secret set.

Status 200 application/json

Object type: Secrets

Download schema: shared-secret-set-secrets.schema.json

Response body:

{
    "secrets": {
        "secret1": "sshh!",
        "secret2": "psst!"
    }
}
  1. If you don’t have a sharedSecretSetId value, run the List shared secret sets operation and select one from the responses’s sharedSecretSets array.

  2. Make a GET request to /api/content-delivery/v1/content-providers/{contentProviderId}/shared-secrets-sets/{sharedSecretSetId}/secrets.

  3. The response is a Secrets object.

List errors

Retrieve a listing of this API’s HTML-formatted error codes.

GET /api/content-delivery/errors

Status 200 text/html

Response body:

OrderedDict([(u'html', OrderedDict([(u'head', OrderedDict([(u'title', u'Content-delivery API Errors')])), (u'body', OrderedDict([(u'h1', u'Content-delivery API Error Descriptions'), (u'a', [OrderedDict([(u'@name', u'core.internal-error-exception'), (u'h3', u'core.internal-error-exception')]), OrderedDict([(u'@name', u'core.unauthorized'), (u'h3', u'core.unauthorized')]), OrderedDict([(u'@name', u'core.bad-request'), (u'h3', u'core.bad-request')]), OrderedDict([(u'@name', u'core.constraint-violation'), (u'h3', u'core.constraint-violation')]), OrderedDict([(u'@name', u'core.not-null-violation'), (u'h3', u'core.not-null-violation')]), OrderedDict([(u'@name', u'core.null-violation'), (u'h3', u'core.null-violation')]), OrderedDict([(u'@name', u'core.size-violation'), (u'h3', u'core.size-violation')]), OrderedDict([(u'@name', u'core.max-violation'), (u'h3', u'core.max-violation')]), OrderedDict([(u'@name', u'core.min-violation'), (u'h3', u'core.min-violation')]), OrderedDict([(u'@name', u'core.pattern-violation'), (u'h3', u'core.pattern-violation')]), OrderedDict([(u'@name', u'core.entity-not-found'), (u'h3', u'core.entity-not-found')]), OrderedDict([(u'@name', u'core.entity-general-conflict'), (u'h3', u'core.entity-general-conflict')]), OrderedDict([(u'@name', u'core.hostname-violation'), (u'h3', u'core.hostname-violation')]), OrderedDict([(u'@name', u'core.ipv4-address-violation'), (u'h3', u'core.ipv4-address-violation')]), OrderedDict([(u'@name', u'core.ipv6-address-violation'), (u'h3', u'core.ipv6-address-violation')]), OrderedDict([(u'@name', u'core.mac-address-violation'), (u'h3', u'core.mac-address-violation')]), OrderedDict([(u'@name', u'core.non-existent-reference'), (u'h3', u'core.non-existent-reference')]), OrderedDict([(u'@name', u'core.entity-referenced-conflict'), (u'h3', u'core.entity-referenced-conflict')]), OrderedDict([(u'@name', u'core.entity-property-conflict'), (u'h3', u'core.entity-property-conflict')]), OrderedDict([(u'@name', u'core.invalid-parameter-violation'), (u'h3', u'core.invalid-parameter-violation')]), OrderedDict([(u'@name', u'core.access-denied'), (u'h3', u'core.access-denied')]), OrderedDict([(u'@name', u'core.illegal-operation'), (u'h3', u'core.illegal-operation')]), OrderedDict([(u'@name', u'core.json-parse-error'), (u'h3', u'core.json-parse-error')]), OrderedDict([(u'@name', u'core.json-mapping-error'), (u'h3', u'core.json-mapping-error')]), OrderedDict([(u'@name', u'core.path-param-entity-field-mismatch'), (u'h3', u'core.path-param-entity-field-mismatch')]), OrderedDict([(u'@name', u'core.invalid-path-param'), (u'h3', u'core.invalid-path-param')]), OrderedDict([(u'@name', u'core.assert-condition-violation'), (u'h3', u'core.assert-condition-violation')]), OrderedDict([(u'@name', u'core.readonly-property-violation'), (u'h3', u'core.readonly-property-violation')]), OrderedDict([(u'@name', u'core.invalid-search-field-error'), (u'h3', u'core.invalid-search-field-error')]), OrderedDict([(u'@name', u'core.invalid-search-value-error'), (u'h3', u'core.invalid-search-value-error')]), OrderedDict([(u'@name', u'core.invalid-search-expression-error'), (u'h3', u'core.invalid-search-expression-error')]), OrderedDict([(u'@name', u'core.illegal-reference'), (u'h3', u'core.illegal-reference')]), OrderedDict([(u'@name', u'core.entity-already-referenced'), (u'h3', u'core.entity-already-referenced')]), OrderedDict([(u'@name', u'core.entity-optimistic-concurrency-failure'), (u'h3', u'core.entity-optimistic-concurrency-failure')]), OrderedDict([(u'@name', u'core.method-not-allowed-error'), (u'h3', u'core.method-not-allowed-error')]), OrderedDict([(u'@name', u'core.resource-not-found-error'), (u'h3', u'core.resource-not-found-error')]), OrderedDict([(u'@name', u'core.unsupported-media-type-error'), (u'h3', u'core.unsupported-media-type-error')]), OrderedDict([(u'@name', u'core.general-client-error'), (u'h3', u'core.general-client-error')]), OrderedDict([(u'@name', u'core.service-unavailable-error'), (u'h3', u'core.service-unavailable-error')]), OrderedDict([(u'@name', u'content-delivery.client-auth-without-certs-violation'), (u'h3', u'content-delivery.client-auth-without-certs-violation')]), OrderedDict([(u'@name', u'content-delivery.tls-certificate-chain-violation'), (u'h3', u'content-delivery.tls-certificate-chain-violation')]), OrderedDict([(u'@name', u'content-delivery.tls-certificate-violation'), (u'h3', u'content-delivery.tls-certificate-violation')]), OrderedDict([(u'@name', u'content-delivery.tls-protocol-incompatible-ciphers-violation'), (u'h3', u'content-delivery.tls-protocol-incompatible-ciphers-violation')]), OrderedDict([(u'@name', u'content-delivery.ca-properties-violation'), (u'h3', u'content-delivery.ca-properties-violation')]), OrderedDict([(u'@name', u'content-delivery.tls-buffer-size-violation'), (u'h3', u'content-delivery.tls-buffer-size-violation')]), OrderedDict([(u'@name', u'content-delivery.origin-edge-params-violation'), (u'h3', u'content-delivery.origin-edge-params-violation')]), OrderedDict([(u'@name', u'content-delivery.origin-fast-reroute-params-violation'), (u'h3', u'content-delivery.origin-fast-reroute-params-violation')]), OrderedDict([(u'@name', u'content-delivery.invalid-healthcheck-url-violation'), (u'h3', u'content-delivery.invalid-healthcheck-url-violation')]), OrderedDict([(u'@name', u'content-delivery.invalid-shared-secret-map'), (u'h3', u'content-delivery.invalid-shared-secret-map')]), OrderedDict([(u'@name', u'content-delivery.http-response-code-violation'), (u'h3', u'content-delivery.http-response-code-violation')]), OrderedDict([(u'@name', u'content-delivery.rules.dscp-value-violation'), (u'h3', u'content-delivery.rules.dscp-value-violation')]), OrderedDict([(u'@name', u'content-delivery.rules.duplicate-behavior-violation'), (u'h3', u'content-delivery.rules.duplicate-behavior-violation')]), OrderedDict([(u'@name', u'content-delivery.rules.fastcgi-invalid-param-map'), (u'h3', u'content-delivery.rules.fastcgi-invalid-param-map')]), OrderedDict([(u'@name', u'content-delivery.rules.uri-signature-protect-subfiles-filter-type-setting-violation'), (u'h3', u'content-delivery.rules.uri-signature-protect-subfiles-filter-type-setting-violation')]), OrderedDict([(u'@name', u'content-delivery.rules.uri-signature-protect-subfiles-protected-path-setting-violation'), (u'h3', u'content-delivery.rules.uri-signature-protect-subfiles-protected-path-setting-violation')])]), ('#text', u"An internal error has occurred during processing.  Internal errors are not expected during normal system operation.  Please contact the system administrator for more information\n\n\nThe request did not contain valid authorization.  Obtain a valid authorization token from the authorization server and retry the request.\n\n\nA bad request was received by the system.  The intent of the request could not be understood.  Please inspect the requested operation and ensure it is properly formed\n\n\nThe request received by the system contained more or more constraint violations.  More detail about each violation should be included in the error response.  Please check the error description for each respective error to learn more about each constraint violation.\n\n\nA required property was missing from the request.  For many required properties, the system is able to determine a reasonable default.  However, not all properties have defaults, and thus must be specified.  Please retry the request with the property specified.\n\n\nA property required to not be specified for a request was present.  Please retry the request withouth the property.\n\n\nA property was specified with a value that was outside the valid range for the property.  The error message will often include the allowable minimum and maximum values.  Please retry the request with a valid value.\n\n\nA property was specified with a value larger than it's allowable maximum.  Please check the documentation for the range of allowable values for this property\n\n\nA property was specified with a value smaller than it's allowable minimum.  Please check the documentation for the range of allowable values for this property\n\n\nA property value did not match the required pattern.  Please check the documentation for this entity for rules about property naming.\n\n\nThe requested entity could not be found.\n\n\nA non-specific conflict error occurred.\n\n\nThe provided hostname was not properly formed.\n\n\nThe provided IPv4 address was not a well-formed address.\n\n\nThe provided IPv6 address was not a well-formed address.\n\n\nThe provided MAC address was not a well-formed address\n\n\nThe request referred to an instance of another entity that could not be found.  Please check the configuration and locate the correct instance.\n\n\nAn operation was attempted on an entity that is referenced by other entities.  This would cause a problem, for example, if the request was attempting to delete such an entity.\n\n\nAn attempt was made to set a property of an entity, but doing so would result in an invalid configuration.  For example, an entity class might require unique values for some properties.  If an entity with the given value already exists, then the system cannot accept the request.\n\n\nA field was passed in a request that did not meet formatting constraints.  Please check the field and retry the request.\n\n\nThe request attempted to access a resource on which the principal does not have authority.\n\n\nThe requested operation is illegal\n\n\nThe received payload could not be parsed\n\n\nThe received payload was structurally valid, but could not be processed or mapped onto internal data types.  Check the content of the message for field type mismatches.\n\n\nA parameter of the URI represents a field that is also specified in the request entity body.  When specified in the body, the values of the URI parameter and entity field must match for the request to be consistent.\n\n\nA path parameter specified in the request URI did not meet expectations.\n\n\nThe provided value doesn't meet a predetermined condition (true/false).\n\n\nAn attempt was made to modify a property that is read-only.  Entity updates that specify the property must have a value matching the current value.\n\n\nA search filter was presented that contained an unknown or unsearchable field in the query expression.\n\n\nA search filter was presented that contained an invalid value for a field\n\n\nA search filter was presented that was not syntactically correct.\n\n\nAn attempt was made to refer to one entity from another, but this operation was not deemed legal\n\n\nAn attempt was made to refer to an entity that is already referred to, where only a single reference is allowed\n\n\nAn attempt was made to optimistically update an entity, but the update was not made successfully.\n\n\nThe requested resource does not support the presented HTTP method\n\n\nA resource was requested that does not exist.  Please check documentation for supported resource paths.\n\n\nThe request did not successfully complete content-type negotiation, as an unsupported content-type was presented.\n\n\nA non-specific client side error occurred\n\n\nService is temporarily unavailable\n\n\n\nClient auth was enabled in the request, but the certificate/key was not provided.\n\n\nA valid PEM formatted X.509 certificate chain with matching key is required.  The system was unable to parse and determine validity of the provided values.\n\n\nA valid PEM formatted X.509 certificate is required.  The system was unable to parse and determine validity of the provided values.\n\n\nA TLS protocol was specified to be used with incompatible ciphers.\n\n\nCertificate Authority related properties are not consistent.\n\n\nInvalid TLS Buffer Size.  Supported sizes include 4, 16, and 32.\n\n\nThe edge parameters set on an origin are not consistent.  For example, when setting the edge type to AEX, the edge hostname must be set to valid Akamai edge hostname.\n\n\nThe fast reroute parameters set on an origin are not consistent.\n\n\nAn invalid healthcheck URL was proposed.\n\n\nShared secret map must be valid.  Keys must be non-null and non-empty.\n\n\nAn invalid HTTP response code was provided.  A valid HTTP response code can be a single value (such as 200), or in some cases, a range is allowed (such as 200-202).  When using a range, the starting value must be before then ending value.\n\n\n\nMust provide valid DSCP value\n\n\nA request was presented that contained duplicate element types for either defaultBehaviors or childBehaviors.\n\n\nFastCGI param map must be valid.  Keys must be non-null and non-empty.\n\n\nUriSignature protectSubFiles cannot be enabled when the UriFilterType on the rule is neither REGULAR_EXPRESSION_MATCH nor CASE_INSENSITIVE_REGULAR_EXPRESSION_MATCH\n\n\nUriSignature protectSubFiles cannot be enabled unless protectedPathPattern is specified")]))]))])

Data

This section describes the Content Delivery API’s data objects that the API exposes.

Download the JSON schemas for this API.

The data schema tables below list membership requirements as follows:

Member is required in requests, or always present in responses, even if its value is empty or null.
Member is optional, and may be omitted in some cases.

ContentProvider

A Content Provider is an organization that has content it wants to deliver via the LCDN.

Download schema: content-provider.full.schema.json

Sample GET:

{
    "account": "account1",
    "name": "Content Provider 1",
    "enable": true,
    "contentProviderId": 1,
    "serviceProviderId": 2
}

ContentProvider members

Member Type Required Description
ContentProvider: A Content Provider is an organization that has content it wants to deliver via the LCDN.
account String A unique, lowercase, alphanumeric ID for the Content Provider.
contentProviderId Integer Read-only. A unique identifier for the Content Provider.
enable Boolean Enable this Content Provider. The default is true. Set false to disable it.
name String A unique name to identify the Content Provider.
serviceProviderId Integer ID of the Service Provider associated with this Content Provider.

CdnPrefix

A CDN prefix corresponds to the fully qualified domain name (FQDN) at the beginning of a URI, effectively carving out a region of the URI name space to which a set of rules and policies are applied.

Download schema: cdn-prefix.full.schema.json

Sample GET:

{
    "cdnPrefixId": 4,
    "prefix": "somewhere.com",
    "enable": true,
    "prefixPrioritization": "HIGH",
    "contentProviderId": 3
}

CdnPrefix members

Member Type Required Description
CdnPrefix: A CDN prefix corresponds to the fully qualified domain name (FQDN) at the beginning of a URI, effectively carving out a region of the URI name space to which a set of rules and policies are applied.
accessMapId Integer Identifies the access map associated with this CDN prefix.
cdnPrefixId Integer Read-only. A unique identifier for the CDN prefix.
contentProviderId Integer Read-only. Identifies the content provider that owns this CDN prefix.
dnsTtl Integer DNS response time-to-live (TTL) value for this CDN prefix, in seconds. Note that setting this field is only recommended for CDN operators.
enable Boolean Enables the CDN to use this CDN prefix, true by default.
ipAddressTagId Integer Identifies the IP address tag associated with this CDN prefix.
prefix String The CDN prefix registered on behalf of the content provider. For example, cdn.example.com.
prefixPrioritization Enumeration Prefix prioritization helps manage peak period resources by prioritizing requests for content from specific content providers. Priorities are LOW, MEDIUM, or HIGH.
siteMapId Integer Identifies the site map associated with this CDN prefix. Note that setting this field is only recommended for CDN operators.

Origin

Origin update.

Download schema: origin.full.schema.json

Sample GET response:

{
    "originId": 3,
    "contentProviderId": 3,
    "hostname": "somewhere.com",
    "description": "Some place far away",
    "enable": true,
    "cachingType": "CONSERVATIVE",
    "interSiteProtocol": "HTTP",
    "intraSiteProtocol": "HTTP",
    "enableAuthenticatedContent": false,
    "enableSiteRedirects": false
}

Origin members

Member Type Required Description
Origin: Origin update.
cacheableErrorResponseCodes Array A list of HTTP status codes that the HPC caches. Each item is either a single code or a range of codes. The following status codes are not allowed, either in single code, or as part of a range: 200, 203, 206, 300, 301, 410, 416.
cacheKeyOriginHostnameOriginId Integer Use this field only if you are configuring multiple origin servers that have identical content. This field maps multiple incoming URLs, each requesting the same content from different origins identified by the hostname field above, to a single origin server identified by this cacheKeyOriginHostnameOriginId field. Doing so enables HyperCaches to conserve cache space and reduces ingest bandwidth.
cachingType Enumeration Determines whether to validate requests for cached content with the origin server. With default OPTIMISTIC caching, the HyperCache serves cached content without validating the content with the origin server, unless the content is expired. With CONSERVATIVE caching, every cache request is validated with the origin server by sending an HTTP HEAD request. If the content is stale, the HyperCache node gets the new content from the origin server. The old content ages out of the cache.
contentProviderId Integer Read-only. Identifies the content provider object.
dynamicHierarchy Origin.dynamicHierarchy Configure a HyperCache node that is the endpoint of an origin path (a root HyperCache) to monitor the health of the origin server by sending a GET request for a specific URL.
edgeHostname String Hostname of the AEX origin server.
edgeHostType Enumeration Indicates whether the origin server is an AEX (Aura Edge eXchange) server or the default HTTP.
enable Boolean Enables the CDN to deliver content from this origin server, true by default.
enableAuthenticatedContent Boolean Causes the HyperCache to send a HEAD request to the origin server for each client request. If the response is a status code of 2XX, the content is served to the client. Otherwise, the origin’s status code is returned. This typically occurs when the origin server authenticates the client request using a cookie, token, or other means. Default is false.
enableSiteRedirects Boolean Determines whether or not HyperCache redirects a client to a better site based on the rules in the site map. Enabling this to true allows the HyperCache to adhere to the LCDN site map configured using the request router service. If set to false, cache miss client requests to a CDN prefix that uses this origin server as a default result in a HyperCache request for the content directly to the origin server.
errorCacheMaxAge Integer The maximum amount of time the HTTP status codes is cached by the HPC.
fastReroute Origin.fastReroute Enables a HyperCache node to detect failed or slow connections to a specific origin IP address, or between Sites, and to send a second request to an alternate origin IP (or site) if the first request is delayed. If a successful response is received from either origin IP (or site), the first response is used to fulfill a client’s request. The second response, if received, is ignored. If no connection to either destination is established, or if no response is received within the configured origin timeout value, the requests to the origin (or site) are retried four times before a 504 is returned to the client. This method helps ensure rapid recovery in case a temporary network problem results in loss of the initial request or response.
hostname String Hostname of the origin server.
interSiteProtocol Enumeration The protocol used to transport this origin’s content between Sites in the LCDN, either HTTP or HTTPS.
intraSiteProtocol Enumeration The protocol used to transport this origin’s content between nodes within a site in the LCDN, either HTTP or HTTPS.
originId Integer Read-only. Identifies the Origin object.
originTimeout Integer Origin idle connection timeout in seconds, specifies the length of time the HPC waits for a response to a request from an origin. If no response is received from an origin server within the configured timeout value, four additional attempts are made to the same origin server. If no response is received for the final request within the configured timeout, then that connection is terminated, and a 504 response is sent to the requesting client.
resolvableHostnames Array A list of virtual hosts, origin servers with resolvable hostnames.
storagePartitionId Integer Identifies the storage partition object.
tlsIngestProfileId Integer Identifies the TLS ingest profile object.
Origin.dynamicHierarchy: Configure a HyperCache node that is the endpoint of an origin path (a root HyperCache) to monitor the health of the origin server by sending a GET request for a specific URL.
healthCheckInterval Integer A numeric value that represents the number of seconds between successive HTTP GET health check requests. The minimum acceptable value is 1, and the default is 2.
healthCheckUrl String URL used by health check request to determine the health of the origin server. The HyperCache periodically sends an HTTP GET request for this URL to check the health of the origin server. Any response received is interpreted as a healthy origin, including error responses.
healthCheckValidResponseCodes String Matches a single response code, or a range of codes.
Origin.fastReroute: Enables a HyperCache node to detect failed or slow connections to a specific origin IP address, or between Sites, and to send a second request to an alternate origin IP (or site) if the first request is delayed. If a successful response is received from either origin IP (or site), the first response is used to fulfill a client’s request. The second response, if received, is ignored. If no connection to either destination is established, or if no response is received within the configured origin timeout value, the requests to the origin (or site) are retried four times before a 504 is returned to the client. This method helps ensure rapid recovery in case a temporary network problem results in loss of the initial request or response.
enable Boolean Enables Fast Reroute functionality.
intraCdnTimeout Number Used by the HyperCache when it makes a request to an origin through a parent site or a peer node within the same site. It specifies the number of seconds you want the HyperCache in one site to wait before sending the second request to an alternate site. The number of seconds configured can be expressed to the nearest thousandth of a second, for example: 4, 3.0, 1.05, 2.005. Note that the configured value for this field must be at least 0.5 seconds greater than the originTimeout.
originTimeout Number Value used by the HyperCache when it makes a request directly to the origin server. It specifies the number of seconds you want the HyperCache to wait before sending the second request to an alternate origin IP address. The number of seconds configured can be expressed to the nearest thousandth of a second, for example: 4, 3.0, 1.05, 2.005. Note that the configured value for this field must be at least 0.5 seconds less than the intraCdnTimeout.

TlsDeliveryProfile

TLS delivery Profile object schema definition.

Download schema: tls-delivery-profile.full.schema.json

Sample GET response:

{
    "description": "",
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsDeliveryProfileId": 1,
    "tlsCertificate": "-----BEGIN CERTIFICATE-----\nMIIGTjCCBDagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgbExCzAJBgNVBAYTAlVT\nMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRcwFQYDVQQDDA5sY2RuLmRvY2tlci5jYTEgMB4GCSqGSIb3DQEJ\nARYRbm9ib2R5QGFrYW1haS5jb20wHhcNMTcwNjE1MTQyMjAzWhcNNDQxMDMwMTQy\nMjAzWjCBmTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1BMSIwIAYDVQQKDBlBa2Ft\nYWkgVGVjaG5vbG9naWVzLCBJbmMuMSIwIAYDVQQLDBlDYXJyaWVyIFByb2R1Y3Rz\nIERpdmlzaW9uMRQwEgYDVQQDDAtKVW5pdCBUZXN0czEfMB0GCSqGSIb3DQEJARYQ\nanVuaXRAYWthbWFpLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALXVfrXTzUhFY9RVNPP7ghE/qngf5xhzvlHQav9x6vUkHSbcvBr8tpuV3fjdMua7\ntNgH8AL/B3h8boD4kZZWDGlz7HmA2AH1Lvq3FBY6jY3VusbfK+X3VOZ7cmecYv9l\n9Rpk20vZrWXI8WnPlYrhmC639GhQ4ZPJy69XQD28dvXGw7usCbs3BZdqi4A2CiNG\nmFiTZyFBh1V4WSkWsaah2MA3XDlx/cxl1wC8bIMm8pQE1cWGzF2R6MOJqy4CMWxi\nVkBomGEOq/7rkuiXBlDQZ/E5M3vEM44BjH0sUrF9xydWvtW856blrosoevD3sOt1\novDgZzXFCABnACzVe/iMYS8CAwEAAaOCAYQwggGAMAkGA1UdEwQCMAAwEQYJYIZI\nAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBT\nZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFIub/DhaKcLxfbxpTcw8YdiT5O9H\nMIHmBgNVHSMEgd4wgduAFATfWUDHxy1CWxSHYJLxJqDiHhI2oYG3pIG0MIGxMQsw\nCQYDVQQGEwJVUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEiMCAG\nA1UECgwZQWthbWFpIFRlY2hub2xvZ2llcywgSW5jLjEiMCAGA1UECwwZQ2Fycmll\nciBQcm9kdWN0cyBEaXZpc2lvbjEXMBUGA1UEAwwObGNkbi5kb2NrZXIuY2ExIDAe\nBgkqhkiG9w0BCQEWEW5vYm9keUBha2FtYWkuY29tggkAz0/BS2yHqvAwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IC\nAQDAqO8TYIYmPmtlkctmdYpAjyHrezyOvQqISI1puzUZiv45r1RLJdnx61hCeZXr\naIYgtsPco7yzZP1kmpb1VifJuVzX84MqoJlmIJsSlR7n3cu64qUe0eSs3ZnkFw1d\nWWz0UzWeMYU9f4hf9QPiFV15VjwpWOpwOeuBOoX1eIEQbd8dpIh05TgU6UV6cyTR\nLPImlFhqEKb5uQPUMf4jjnbgiMI+DRWiCElYJ1l3wS1xbVaqaQQaCmsPfvKQ9oIe\nO/HeEpdFtT6pgMaPB7cnxHnMArVGaWLeApnuIvSvbziLU2pA2IUIvktINoSbXMiN\nP/5IDt3CBLs7bMpeUTclo7W58H5m1UEGmfTjl4HmSEIuyXBREx49S8dvgrijvLsS\nGBAeV2JYovAgn0Jz2vD7zWD8QoacOsiu7UUnnBWhY+Lb2xB4w2tfCAfkzhfOt4Cr\nu6iSHiyQH0MwZXFSkfGtEMG40MW/UTWbBbYqCML3YDR3Ncbj8toiyWKTkkDBL6LJ\nlNfRWm955Q85bcrBseAY94wyCsnv9JhLvIq/RrLZqjv/8GOol/P0kzL1TIFBbP6G\nI576UQ9nrWO+oFcC9CYq9OnMKDYuwQ6a1/d1i8dhj3HwPakrS8hLGe5PgNM983f8\n3VfxMEPxHp0J3lYQDslGHURspHGRVRRvaUZeLvk8lmnf1g==\n-----END CERTIFICATE-----\n",
    "tlsCertificateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAtdV+tdPNSEVj1FU08/uCET+qeB/nGHO+UdBq/3Hq9SQdJty8\nGvy2m5Xd+N0y5ru02AfwAv8HeHxugPiRllYMaXPseYDYAfUu+rcUFjqNjdW6xt8r\n5fdU5ntyZ5xi/2X1GmTbS9mtZcjxac+ViuGYLrf0aFDhk8nLr1dAPbx29cbDu6wJ\nuzcFl2qLgDYKI0aYWJNnIUGHVXhZKRaxpqHYwDdcOXH9zGXXALxsgybylATVxYbM\nXZHow4mrLgIxbGJWQGiYYQ6r/uuS6JcGUNBn8Tkze8QzjgGMfSxSsX3HJ1a+1bzn\npuWuiyh68Pew63Wi8OBnNcUIAGcALNV7+IxhLwIDAQABAoIBAF/tJ5GpES1FXisQ\nYIUudCnBWp9QxUvDE+55c1kbsgZtbOupm5rpIzTlVVsK5uWOtRMa7OXHwRsxGeL0\nP2n+L0Iao/Bdppcxz/z4RKKNdUwUKxrrdW82khWdnndGq3ttQGcSOhbD2ZRO8/0M\nRComZXCQH2JA+SBMXyY7c2qeWGvD8oeCFVW+NLTBe3SZBvEzYz4ZvFOG/jTX9P79\noCvgPIoCneu9W3c1ZbizOzQsV7OW6qBmuqwoJHRZ+8mYXCrPEx7SUyzp4/TYcF+d\nn+MDfNxVvLxkh4dpKsa/icsw1JJTxDq9TBw44lHtnfNpi1OWBh027p6KnjWPU0Aa\n+y/SdLECgYEA37XRzMG31+Na0LqSzQm/szA62bG/EYzD7fuybmu6r0Hr2hy4yPlB\nAwbycqAevCKF3r7/z2eJJegC0/l+7YQI5Zt098lCbFBd7WBHS2zf/nH7+KL6rdfG\nHlcKMR6g3h7n3A7Z5UnqO1Xw0gvi/UchLrYh6T9N8WazJAp1F9ForZUCgYEA0BRU\nuv+4SvVd7vFhGxyemcygrt1Sb+QshPPTPv+a/00bN5s9ksweOzFFQp4KieBwZDdI\nXlZYQBeO9HDbitkWTCBm7cRwQ8dH9kyhxknX3Cm6iL1//0NXF30HdNpiiDCEosjF\nXtkLCim2IL/xsC7fBbeHvr2Lth6hRNJv08aaerMCgYEAuMogpikyajNUVex3zMSL\nxEFHq4EGmkGTqqZpaoq0Z4ZlgwKMpP43dH+tj3+yQ6ekuy08c59Li7NNermx3hJd\nowQ5p2Bo7L2qCKWp3qTtlemjwGsn9Key8GbndVGegjw3O/BMjvjycdb4mRjWhG7X\n+xTZiCkRgiFaQqAcvvLsq80CgYEAmSiN4YL+tPX8aTd0wY8EUrKjB3NTDZcHCemq\n8TEVdpvbz8dNwDLMgcdXcpx/p1Lzh2CFvSKTHMH6cIRtpLr7xZcIDDVOaSVTG8D2\nRsztvVlduu65Ozvm7BwUk/d3FUWZK3TaimD51kYzj9GY5ZTqhfu8SDKelrPfAphe\nxaPm6y8CgYEApoObwhaX4d2NChFSAvaVNmyt5huXdIQ6JBzW/zFlgxA6f24H4Wxg\nw65RHeXr3m84HuHt+hl5pZS0dxDKQrCjxwY88xJP8MY1+eaMzZvDTCjInWUzHBD0\nvXEjh6gigJXD30VXF5GxO0gmkm5OcgmhOKGOq0gTRrSVmRrwNHCnE+E=\n-----END RSA PRIVATE KEY-----",
    "tlsCertificateDetails": {
        "fingerprints": {
            "sha1Fingerprint": "DD:44:7A:D5:B3:DE:D3:C5:3B:CD:DC:72:21:D2:E7:42:C7:C4:0E:75",
            "sha256Fingerprint": "78:12:89:CC:AF:A4:25:12:4E:E9:B5:DF:D5:F3:95:67:18:46:5A:9E:1E:60:AF:AF:AE:5E:3A:7C:F4:E6:92:82"
        },
        "validity": {
            "notBefore": "2017-06-15T14:22:03.000+0000",
            "notAfter": "2044-10-30T14:22:03.000+0000"
        },
        "issuedTo": {
            "commonName": "JUnit Tests",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division",
            "serial": "10:00"
        },
        "issuedBy": {
            "commonName": "lcdn.docker.ca",
            "organization": "Akamai Technologies\\, Inc.",
            "organizationalUnit": "Carrier Products Division"
        }
    },
    "caCertificateSecretId": 10,
    "tlsCertificateAndKeySecretId": 11
}

TlsDeliveryProfile members

Member Type Required Description
TlsDeliveryProfile: TLS delivery Profile object schema definition.
caCertificate String An OpenSSL PEM-formatted Certificate Authority (CA) certificate used to verify client certificates.
caCertificateDetails Certificate Read-only. A view of Certificate Authority (CA) certificate details.
caCertificateSecretId Integer Id of the secret from the secret-management API referencing the CA certificate.
ciphers String An OpenSSL style ciphers string.
contentProviderId Integer Read-only. Identifies content provider which owns the TLS delivery profile.
crl String Certificate Revocation List. An OpenSSL PEM-formatted list of revoked client certificates.
crlDetails Certificate Read-only. A view of the CRL (Certificate Revocation List) details.
description String A description of the TLS delivery profile.
ecdhCurve Enumeration Elliptic Curve Diffie-Hellman (ECDH) protocol. Specifies a curve for ECDHE ciphers.
enableClientAuth Boolean Allows you to enable or disable client authorization. When client authorization is enabled, the HyperCache authenticates client certificates using the CA certificate for each TLS connection.
name String The name of the TLS delivery profile.
tlsBufferSize Integer Enumeration Sets the size of the TLS buffer used for sending data (KB).
tlsCertificate String An OpenSSL PEM-formatted TLS certificate used by an HyperCache node as a server certificate.
tlsCertificateAndKeySecretId Integer Id of the secret from the secret-management API referencing the TLS certificate and private key.
tlsCertificateDetails Certificate Read-only. A view of TLS certificate details.
tlsCertificateKey String An OpenSSL PEM-formatted private key associated with the TLS certificate.
tlsDeliveryProfileId Integer Read-only. Primary ID for the TLS delivery profile object. Must be set on updates, must not be set for creates.
tlsVerificationDepth Integer Sets the verification depth in the client certificates chain.

TlsIngestProfile

TLS ingest profile object schema definition.

Download schema: tls-ingest-profile.full.schema.json

Sample GET response:

{
    "description": "",
    "name": "test",
    "contentProviderId": 3,
    "enableClientAuth": false,
    "tlsIngestProfileId": 1,
    "tlsProtocols": [
        "TLSV1",
        "TLSV1_2",
        "TLSV1_1"
    ],
    "ciphers": "HIGH:!aNULL:!MD5"
}

TlsIngestProfile members

Member Type Required Description
TlsIngestProfile: TLS ingest profile object schema definition.
caCertificate String An OpenSSL PEM-formatted Certificate Authority (CA) certificate used to verify origin server certificates.
caCertificateDetails Certificate Read-only. A view of Certificate Authority (CA) certificate details.
ciphers String An OpenSSL style ciphers string.
clientTlsCertificate String An OpenSSL PEM-formatted TLS ingest certificate used by a HyperCache node as a client certificate.
clientTlsCertificateDetails Certificate Read-only. A view of the TLS ingest client certificate details.
clientTlsCertificateKey String An OpenSSL PEM-formatted private key associated with the TLS ingest client certificate.
contentProviderId Integer Read-only. Identifies content provider which owns the TLS ingest profile.
crl String Certificate Revocation List. An OpenSSL PEM-formatted list of revoked server certificates.
crlDetails Certificate Read-only. A view of the CRL (Certificate Revocation List) details.
description String A description of the TLS ingest profile.
enableClientAuth Boolean Allows you to enable or disable client authorization. When client authorization is enabled, the HyperCache transmits the TLS ingest client certificate to the origin server for authentication, required if the origin server authenticates clients.
name String The name of the TLS ingest profile.
tlsIngestProfileId Integer Read-only. Primary ID for the TLS ingest object. Must be set on updates, must not be set for creates.
tlsProtocols Enumeration TLS protocols supported, either TLSV1, TLSV1_1 or TLSV1_2. Defaults to TLSV1, TLSV1_1, TLSV1_2. The use of SSLV2 or SSLV3 are discouraged for security reasons.

Certificate

Summary information of a digital X.509 Certificate.

Download schema: common-definitions.json

Certificate members

Member Type Required Description
Certificate: Summary information of a digital X.509 Certificate.
fingerprints Certificate.fingerprints An abbreviated form of the public key of the certificate.
issuedBy Certificate.issuedBy A distinguished name (DN) that identifies the certificate authorizer.
issuedTo Certificate.issuedTo A distinguished name (DN) that identifies the certificate owner.
validity Certificate.validity The validity time period of the certificate.
Certificate.fingerprints: An abbreviated form of the public key of the certificate.
sha1Fingerprint String The fingerprint of the certificate using the SHA1 algorithm.
sha256Fingerprint String The fingerprint of the certificate using the SHA256 algorithm.
Certificate.issuedBy: A distinguished name (DN) that identifies the certificate authorizer.
commonName String The entity (user/web server/domain/hostname) associated with the certificate authorizer.
organization String The organization of the certificate authorizer.
organizationalUnit String The organizational unit of the certificate issuer.
Certificate.issuedTo: A distinguished name (DN) that identifies the certificate owner.
commonName String A common name (CN) that identifies the host and domain name associated with the certificate.
organization String The organization of the certificate owner.
organizationalUnit String The organizational unit of the certificate owner.
serial String A serial number that uniquely identifies the certificate.
Certificate.validity: The validity time period of the certificate.
notAfter String The time and date on which the certificate is no longer valid.
notBefore String The time and date on which the certificate is valid.

SharedSecretSet

Shared secret set object schema definition. Shared secrets are used for URI signing, which is used as an authorization method for content delivery.

Download schema: shared-secret-set.full.schema.json

Sample GET response:

{
    "sharedSecretSetId": 3,
    "name": "secret-set1"
}

SharedSecretSet members

Member Type Required Description
SharedSecretSet: Shared secret set object schema definition. Shared secrets are used for URI signing, which is used as an authorization method for content delivery.
contentProviderId Integer Read-only. Identifies the content provider which owns the shared secret set.
name String Read-only. The name of the shared secret set. The name can include alphanumeric characters, dashes, underscores, dots, and backslashes, but must start with a letter. Once set, the name of the shared secret set cannot be updated.
sharedSecretSetId Integer Read-only. Primary ID for the shared secret set object. Must be set on updates, must not be set for creates.

Secrets

Shared secret set secrets object definition.

Download schema: shared-secret-set-secrets.schema.json

Sample GET response:

{
    "secrets": {
        "secret1": "sshh!",
        "secret2": "psst!"
    }
}

Secrets members

Member Type Required Description
Secrets: Shared secret set secrets object definition.
secrets Object One or more unique key/index string pairs to be added as members of the secret set.

Rule

A rule object which is used to respond to different kinds of requests. A rule consists of criteria that identify which requests to process, and the behaviors to apply to those requests.

Download schema: rules.schema.json

Sample GET response:

{
    "defaultBehaviors": [
        {
            "name": "originServer",
            "options": {
                "originId": 1
            }
        }
    ],
    "children": [
        {
            "name": "first filter",
            "criterion": {
                "name": "uriFilter",
                "options": {
                    "uriFilterType": "PREFIX_MATCH",
                    "uriFilterValue": "/objects"
                }
            },
            "behaviors": [
                {
                    "name": "ramOnlyCaching",
                    "options": {
                        "enable": true
                    }
                },
                {
                    "name": "fastcgiAuth",
                    "options": {
                        "enable": true,
                        "server": "auth.server:88",
                        "params": {
                            "foo": "bar"
                        },
                        "backupServers": [
                            "auth2.server:88"
                        ]
                    }
                },
                {
                    "name": "httpsDelivery",
                    "options": {
                        "value": "DISABLE"
                    }
                },
                {
                    "name": "excludedQueryArguments",
                    "options": {
                        "value": [
                            "arg1",
                            "arg2"
                        ]
                    }
                },
                {
                    "name": "externalOriginAuth",
                    "options": {
                        "service": "AMAZON_AWS_S3",
                        "accessKey": "...",
                        "secretKey": "...",
                        "signedHeaders": [
                            "H1"
                        ],
                        "region": "us-east-1"
                    }
                },
                {
                    "name": "lastMileAcceleration",
                    "options": {
                        "contentTypes": [
                            "application/type1",
                            "application/type2"
                        ],
                        "compressionLevel": 6,
                        "enable": true,
                        "uaRestrict": "^client100$"
                    }
                },
                {
                    "name": "limitRate",
                    "options": {
                        "bandwidth": 1000,
                        "unit": "MB_PER_SECOND"
                    }
                },
                {
                    "name": "uriSignature",
                    "options": {
                        "protectedPathPattern": "$some/protected/path",
                        "tokenEncoding": "BASE64",
                        "tokenParameter": "$signatureToken",
                        "sharedSecretSetId": 1,
                        "sharedSecretIndexParameter": "$myParam",
                        "algorithm": "MD5",
                        "inputParameterCapitalization": "NO_CHANGE",
                        "inputParameterPattern": "arg1",
                        "uriExpirationParameter": "$expires"
                    }
                },
                {
                    "name": "cors",
                    "options": {
                        "accessControlAllowHeaders": [
                            "X-Header1",
                            "X-Header2"
                        ],
                        "accessControlAllowOrigin": {
                            "allowAllOrigins": true
                        },
                        "accessControlAllowMethods": [
                            "GET",
                            "HEAD"
                        ],
                        "accessControlMaxAge": 3600,
                        "enablePreflight": true
                    }
                }
            ]
        }
    ]
}

Rule members

Member Type Required Description
Rule: A rule object which is used to respond to different kinds of requests. A rule consists of criteria that identify which requests to process, and the behaviors to apply to those requests.
children Rule Array A list of child rules. Each child rule object consists of its name, the criterion to match URIs, and a list of behaviors that act upon that criterion.
defaultBehaviors Behavior Array A set of features (behaviors) for the top-level (default) rule. These default behaviors are applied to all requests.

Behavior

You can place behaviors throughout your Rule tree. The top-level rule’s defaultBehaviors support any of the following behaviors:

Within child rules (children), a criterion member specifies a criterion test, based on which subsequent behaviors execute. These can include any of the default set above, to conditionally override default settings, or any of the following additional behaviors:

cacheControlOverride

Ignore Cache-Control, overriding Cache-Control at the HyperCache with the provided value when caching contents. This override value does not modify any received Cache-Control headers or insert any missing Cache-Control headers. Origin headers remain intact when sent to the client.

Download schema: rules.schema.json

cacheControlOverride members

Member Type Required Description
cacheControlOverride: Ignore Cache-Control, overriding Cache-Control at the HyperCache with the provided value when caching contents. This override value does not modify any received Cache-Control headers or insert any missing Cache-Control headers. Origin headers remain intact when sent to the client.
name Enumeration The name of the behavior, cacheControlOverride in this case.
options cacheControlOverride.options This behavior’s set of configuration options.
cacheControlOverride.options: This behavior’s set of configuration options.
value String The value of the Cache-Control header to be used on HTTP responses coming from the origin server.

cacheKeyUri

URI pattern used by HyperCache for generating a cache key.

Download schema: rules.schema.json

cacheKeyUri members

Member Type Required Description
cacheKeyUri: URI pattern used by HyperCache for generating a cache key.
name Enumeration The name of the behavior, cacheKeyUri in this case.
options cacheKeyUri.options This behavior’s set of configuration options.
cacheKeyUri.options: This behavior’s set of configuration options.
value String The cache key URI pattern without query parameters. By default, all incoming query parameters are added to the cache key URI. By default, this value is also used for the purge key URI.

chunkSize

Chunk size for the asset, used for tuning the HyperCache internal chunk size.

Download schema: rules.schema.json

chunkSize members

Member Type Required Description
chunkSize: Chunk size for the asset, used for tuning the HyperCache internal chunk size.
name Enumeration The name of the behavior, chunkSize in this case.
options chunkSize.options This behavior’s set of configuration options.
chunkSize.options: This behavior’s set of configuration options.
value Integer Size of the chunk for this content, in bytes.

cors

Configuration of Cross-Origin Resource Sharing (CORS) response headers at the HyperCache for this rule.

Download schema: rules.schema.json

cors members

Member Type Required Description
cors: Configuration of Cross-Origin Resource Sharing (CORS) response headers at the HyperCache for this rule.
name Enumeration The name of the behavior, cors in this case.
options cors.options This behavior’s set of configuration options.
cors.options: This behavior’s set of configuration options.
accessControlAllowCredentials Boolean Access-Control-Allow-Credentials header value.
accessControlAllowHeaders Array Access-Control-Allow-Headers header value.
accessControlAllowMethods Array Access-Control-Allow-Methods method list. Enter a list of allowed methods or leave empty to use value of Access-Control-Request-Method header.
accessControlAllowOrigin Object Access-Control-Allow-Origin header source. Enter one of allowRequestHttpOrigin (allow access from any origin listed in the request Origin header), allowAllOrigins (true implies *), or allowOrigins (list of allowed origins) as an option.
accessControlExposeHeaders Array Access-Control-Expose-Headers header value.
accessControlMaxAge Integer Access-Control-Max-Age header value. Enter number of seconds for which client may cache preflight response or leave empty to use default of one day.
enablePreflight Boolean Enables preflight requests.

defaultHttpDelivery

Default setting for HTTP Delivery.

Download schema: rules.schema.json

defaultHttpDelivery members

Member Type Required Description
defaultHttpDelivery: Default setting for HTTP Delivery.
name Enumeration The name of the behavior, httpDelivery in this case.
options defaultHttpDelivery.options This behavior’s set of configuration options.
defaultHttpDelivery.options: This behavior’s set of configuration options.
enable Boolean Enables default HTTP Delivery for this prefix.

defaultHttp2Delivery

Default setting for HTTP2 Delivery.

Download schema: rules.schema.json

defaultHttp2Delivery members

Member Type Required Description
defaultHttp2Delivery: Default setting for HTTP2 Delivery.
name Enumeration The name of the behavior, http2Delivery in this case.
options defaultHttp2Delivery.options This behavior’s set of configuration options.
defaultHttp2Delivery.options: This behavior’s set of configuration options.
enable Boolean Enables default HTTP2 Delivery for this prefix.

defaultHttpsDelivery

Default setting for HTTPS Delivery.

Download schema: rules.schema.json

defaultHttpsDelivery members

Member Type Required Description
defaultHttpsDelivery: Default setting for HTTPS Delivery.
name Enumeration The name of the behavior, httpsDelivery in this case.
options defaultHttpsDelivery.options This behavior’s set of configuration options.
defaultHttpsDelivery.options: This behavior’s set of configuration options.
enable Boolean Enables default HTTPS Delivery for this prefix.
tlsDeliveryProfileId Integer A unique identifier for the TLS delivery profile.

dscp

DiffServ byte field in the outgoing IP packets, typically used to prioritize, or generally schedule, traffic in an IP routed network.

Download schema: rules.schema.json

dscp members

Member Type Required Description
dscp: DiffServ byte field in the outgoing IP packets, typically used to prioritize, or generally schedule, traffic in an IP routed network.
name Enumeration The name of the behavior, dscp in this case.
options dscp.options This behavior’s set of configuration options.
dscp.options: This behavior’s set of configuration options.
value Integer DiffServ byte field, including the last two ECN bits. When configuring this field, the ECN bits must be set to 0 (zero), and only the upper 6 bits should be set.

excludedQueryArguments

List of query arguments that should not be part of the cache key URI.

Download schema: rules.schema.json

excludedQueryArguments members

Member Type Required Description
excludedQueryArguments: List of query arguments that should not be part of the cache key URI.
name Enumeration The name of the behavior, excludedQueryArguments in this case.
options excludedQueryArguments.options This behavior’s set of configuration options.
excludedQueryArguments.options: This behavior’s set of configuration options.
value Array Query argument to exclude.

externalOriginAuth

Parameters associated with authentication with external origin server.

Download schema: rules.schema.json

externalOriginAuth members

Member Type Required Description
externalOriginAuth: Parameters associated with authentication with external origin server.
name Enumeration The name of the behavior, externalOriginAuth in this case.
options externalOriginAuth.options This behavior’s set of configuration options.
externalOriginAuth.options: This behavior’s set of configuration options.
accessKey String External Oorigin access key ID.
region String External origin service region, such as us-east-1 and eu-central-1.
secretKey String External origin secret access key.
service Enumeration External origin service. The only available service is AMAZON_AWS_S3.
signedHeaders Array List of request headers included in authorization signature.

fastcgiAuth

Parameters associated with FastCGI Authentication.

Download schema: rules.schema.json

fastcgiAuth members

Member Type Required Description
fastcgiAuth: Parameters associated with FastCGI Authentication.
name Enumeration The name of the behavior, fastcgiAuth in this case.
options fastcgiAuth.options This behavior’s set of configuration options.
fastcgiAuth.options: This behavior’s set of configuration options.
backupServers Array Servers in hostname:port format, so the maximum length is 262, 256 of which is for the hostname.
enable Boolean Enables FastCGI Authentication.
params Object FastCGI parameters in map form.
role Enumeration Role set for the FastCGI Server, either AUTHORIZER or RESPONDER.
server String Destination FastCGI server server:port, maximum length is 262, 256 of which is for the hostname.

followRedirect

Control the behavior of the HyperCache when it receives a 302 Redirect from the Origin.

Download schema: rules.schema.json

followRedirect members

Member Type Required Description
followRedirect: Control the behavior of the HyperCache when it receives a 302 Redirect from the Origin.
name Enumeration The name of the behavior, followRedirect in this case.
options followRedirect.options This behavior’s set of configuration options.
followRedirect.options: This behavior’s set of configuration options.
enable Boolean When enabled, pass on HTTP 302 redirects to the client.

frontEndCache

Enable or disable caching of specific types of content to front-end memory. This stores entire objects in HPC nodes, not chunks.

Download schema: rules.schema.json

frontEndCache members

Member Type Required Description
frontEndCache: Enable or disable caching of specific types of content to front-end memory. This stores entire objects in HPC nodes, not chunks.
name Enumeration The name of the behavior, frontEndCache in this case.
options frontEndCache.options This behavior’s set of configuration options.
frontEndCache.options: This behavior’s set of configuration options.
enable Boolean When enabled, all content matching the URI Filter is cached only in front-end memory.

http2Delivery

Override default setting for HTTP2 delivery.

Download schema: rules.schema.json

http2Delivery members

Member Type Required Description
http2Delivery: Override default setting for HTTP2 delivery.
name Enumeration The name of the behavior, http2Delivery in this case.
options http2Delivery.options This behavior’s set of configuration options.
http2Delivery.options: This behavior’s set of configuration options.
value Enumeration Override value. If DEFAULT, the HTTP2 Delivery value is inherited from the default behavior. If DISABLE, the value is overridden to be false.

httpDelivery

Override default setting for HTTP delivery.

Download schema: rules.schema.json

httpDelivery members

Member Type Required Description
httpDelivery: Override default setting for HTTP delivery.
name Enumeration The name of the behavior, httpDelivery in this case.
options httpDelivery.options This behavior’s set of configuration options.
httpDelivery.options: This behavior’s set of configuration options.
value Enumeration Override value. If DEFAULT, the HTTP Delivery value is inherited from the default behavior. If DISABLE, the value is overridden to be false.

httpsDelivery

Override default setting for HTTPS delivery.

Download schema: rules.schema.json

httpsDelivery members

Member Type Required Description
httpsDelivery: Override default setting for HTTPS delivery.
name Enumeration The name of the behavior, httpsDelivery in this case.
options httpsDelivery.options This behavior’s set of configuration options.
httpsDelivery.options: This behavior’s set of configuration options.
value Enumeration Override value. If DEFAULT, the HTTPS Delivery value is inherited from the default behavior. If DISABLE, the value is overridden to be false.

lastMileAcceleration

Compress contents using GZIP before sending them out from edge HyperCaches to supported clients.

Download schema: rules.schema.json

lastMileAcceleration members

Member Type Required Description
lastMileAcceleration: Compress contents using GZIP before sending them out from edge HyperCaches to supported clients.
name Enumeration The name of the behavior, lastMileAcceleration in this case.
options lastMileAcceleration.options This behavior’s set of configuration options.
lastMileAcceleration.options: This behavior’s set of configuration options.
compressionLevel Integer GZIP compression level, 6 by default.
contentTypes Array List of acceptable MIME-Types for which LMA is enabled.
enable Boolean Feature enable/disable, or null to inherit settings from the global HyperCache configuration.
uaRestrict String Regular expression match on the User-Agent header to disable LMA for particular clients.

limitRate

Limit bandwidth per session, in bytes per second.

Download schema: rules.schema.json

limitRate members

Member Type Required Description
limitRate: Limit bandwidth per session, in bytes per second.
name Enumeration The name of the behavior, limitRate in this case.
options limitRate.options This behavior’s set of configuration options.
limitRate.options: This behavior’s set of configuration options.
bandwidth Integer The maximum bandwidth limit, as specified by the respective unit.
unit Enumeration Bandwidth unit, either the default BYTES_PER_SECOND, KB_PER_SECOND, or MB_PER_SECOND.

originAffinityUri

Define URI used for origin server affinity. Used when HyperCaches in a site should use the same origin server.

Download schema: rules.schema.json

originAffinityUri members

Member Type Required Description
originAffinityUri: Define URI used for origin server affinity. Used when HyperCaches in a site should use the same origin server.
name Enumeration The name of the behavior, originAffinityUri in this case.
options originAffinityUri.options This behavior’s set of configuration options.
originAffinityUri.options: This behavior’s set of configuration options.
value String A URI prefix pattern used to identify client requests to which the HPC applies origin affinity.

originRangeRequest

To allow range requests from HyperCache to the origin server when ingesting content.

Download schema: rules.schema.json

originRangeRequest members

Member Type Required Description
originRangeRequest: To allow range requests from HyperCache to the origin server when ingesting content.
name Enumeration The name of the behavior, originRangeRequest in this case.
options originRangeRequest.options This behavior’s set of configuration options.
originRangeRequest.options: This behavior’s set of configuration options.
enable Boolean When enabled, allows range requests to the origin.

originServer

origin server used for ingesting content.

Download schema: rules.schema.json

originServer members

Member Type Required Description
originServer: origin server used for ingesting content.
name Enumeration The name of the behavior, originServer in this case.
options originServer.options This behavior’s set of configuration options.
originServer.options: This behavior’s set of configuration options.
originId Integer A unique identifier for the Origin server.

originServerUri

Define URI used for accessing origin server in case of a cache miss.

Download schema: rules.schema.json

originServerUri members

Member Type Required Description
originServerUri: Define URI used for accessing origin server in case of a cache miss.
name Enumeration The name of the behavior, originServerUri in this case.
options originServerUri.options This behavior’s set of configuration options.
originServerUri.options: This behavior’s set of configuration options.
value String Specifies the URI used for accessing the origin server, for example /a/b/foo.ts.

purgeKeyUri

URI pattern used to identify assets to be purged using the Purge API. By default this value is the same as cache key URI.

Download schema: rules.schema.json

purgeKeyUri members

Member Type Required Description
purgeKeyUri: URI pattern used to identify assets to be purged using the Purge API. By default this value is the same as cache key URI.
name Enumeration The name of the behavior, purgeKeyUri in this case.
options purgeKeyUri.options This behavior’s set of configuration options.
purgeKeyUri.options: This behavior’s set of configuration options.
value String An alternative object name (URI) to purge the object, in case the default value is not sufficient.

ramOnlyCaching

Enables or disables caching of specific types of content to RAM only memory.

Download schema: rules.schema.json

ramOnlyCaching members

Member Type Required Description
ramOnlyCaching: Enables or disables caching of specific types of content to RAM only memory.
name Enumeration The name of the behavior, ramOnlyCaching in this case.
options ramOnlyCaching.options This behavior’s set of configuration options.
ramOnlyCaching.options: This behavior’s set of configuration options.
enable Boolean When enabled, all content matching the URI Filter is cached only in RAM.

siteRedirectMode

Enables site redirect mode for HyperCache to redirect requests to optimal sites if needed.

Download schema: rules.schema.json

siteRedirectMode members

Member Type Required Description
siteRedirectMode: Enables site redirect mode for HyperCache to redirect requests to optimal sites if needed.
name Enumeration The name of the behavior, siteRedirectMode in this case.
options siteRedirectMode.options This behavior’s set of configuration options.
siteRedirectMode.options: This behavior’s set of configuration options.
enable Boolean Enables site redirects.

siteRedirectType

Site redirect type for HyperCache to make redirect decisions based on client IP or site information.

Download schema: rules.schema.json

siteRedirectType members

Member Type Required Description
siteRedirectType: Site redirect type for HyperCache to make redirect decisions based on client IP or site information.
name Enumeration The name of the behavior, siteRedirectType in this case.
options siteRedirectType.options This behavior’s set of configuration options.
siteRedirectType.options: This behavior’s set of configuration options.
value Enumeration Whether to look at CLIENT_IP or SITE information when redirecting requests.

storagePartition

Specifies HyperCache partitions to reserve hard disk space for certain content types.

Download schema: rules.schema.json

storagePartition members

Member Type Required Description
storagePartition: Specifies HyperCache partitions to reserve hard disk space for certain content types.
name Enumeration The name of the behavior, storagePartition in this case.
options storagePartition.options This behavior’s set of configuration options.
storagePartition.options: This behavior’s set of configuration options.
storagePartitionId Integer A unique identifier for the Storage partition.

uriSignature

The URI signature pattern provides a mechanism to express URI signing parameters and mechanisms to be enforced across an entire CDN prefix, or for a narrower subset of a CDN prefix identified by a particular URI pattern.

Download schema: rules.schema.json

uriSignature members

Member Type Required Description
uriSignature: The URI signature pattern provides a mechanism to express URI signing parameters and mechanisms to be enforced across an entire CDN prefix, or for a narrower subset of a CDN prefix identified by a particular URI pattern.
name Enumeration The name of the behavior, uriSignature in this case.
options uriSignature.options This behavior’s set of configuration options.
uriSignature.options: This behavior’s set of configuration options.
algorithm Enumeration Signature calculation algorithm, either HMAC_MD5, HMAC_SHA1, MD5, or SHA1.
inputParameterCapitalization Enumeration Specifies the capitalization used for transforming the input parameter before signature calculation. Either LOWERCASE, UPPERCASE, or NO_CHANGE.
inputParameterPattern String Specifies the set of input parameters and their order. The input parameter pattern can use parts of the incoming request, for example: $url_signature_shared_secret,#uri?sid=$arg_sid&e=$arg_e. To represent an expiration as a query argument, or with a cookie incoming URL, use $uri_sign_expire.
protectedPathPattern String The name of the capture path in the URI filter above used as a cookie path string to define the protected file names or path.
protectedSubFiles Boolean Use cookies derived from master query arguments to protect files matching URI filter with no query arguments, such as child .m3u8 and .ts.
sharedSecretIndexParameter String The name of the request parameter which contains the index for the shared secret.
sharedSecretSetId Integer URI signature shared secret set to be used for validating the URI.
tokenEncoding Enumeration The encoding used for the token parameter, either BASE64, HEX, or URL_SAFE_BASE64.
tokenParameter String The name of the request parameter which contains the signature token.
uriExpirationParameter String The name of the request parameter which contains the expiration time for the URI being examined.

udpSyslogAccessLog

Parameters associated with UDP Syslog access log feature.

Download schema: rules.schema.json

udpSyslogAccessLog members

Member Type Required Description
udpSyslogAccessLog: Parameters associated with UDP Syslog access log feature.
name Enumeration The name of the behavior, udpSyslogAccessLog in this case.
options udpSyslogAccessLog.options This behavior’s set of configuration options.
udpSyslogAccessLog.options: This behavior’s set of configuration options.
defaultLogFormat String The name of the log format to use as the default. The log formats are defined by the operator.
facility Enumeration The syslog facility to use when transmitting logs. Possible values: LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7, KERN, USER, MAIL, DAEMON, AUTH, INTERN, LPR, NEWS, UUCP, CLOCK, AUTHPRIV, FTP, NTP, AUDIT, ALERT, CRON. Default value: LOCAL7.
servers udpSyslogAccessLog.options.servers[] Server object to send logs to.
severity Enumeration The syslog severity to use when transmitting logs. Possible values: DEBUG, INFO, NOTICE, WARNING, ERROR, CRITICAL, ALERT, EMERGENCY. Default value: INFO.
udpSyslogAccessLog.options.servers[]: Server object to send logs to.
logFormat String The name of the log format to use as the default. The log formats are defined by the operator.
server String Server:<port> of syslog server.

criterion

An object that specifies URI filters to match.

Download schema: rules.schema.json

criterion members

Member Type Required Description
criterion: An object that specifies URI filters to match.
name Enumeration The name of the criterion, uriFilter in this case.
options criterion.options This criterion’s set of configuration options.
criterion.options: This criterion’s set of configuration options.
uriFilterType Enumeration The type of the filter to match URIs, either EXACT_MATCH, PREFIX_MATCH, REGULAR_EXPRESSION_MATCH, or CASE_INSENSITIVE_REGULAR_EXPRESSION_MATCH.
uriFilterValue String Value of the filter used to match incoming URIs.

Errors

This section provides details on the data object that reflects the API’s common response to error cases, and lists the API’s range of response status codes for both error and success cases.

Error responses

In case of errors, the API returns an HTTP Problem Details JSON object with the application/problem+json media type.

HTTP status codes

This section lists the full range of response codes the API may generate.

Code Description
200 The operation was successful.
201 Resource successfully created.
204 Successfully processed request.
400 Bad request.
401 Authentication failure.
403 Access is forbidden.
404 Resource not found.
405 Method not supported.
409 Conflict with current state of resource.
415 Unsupported media type.
500 Internal server error.

Last modified: 7/22/2019