--- title: REST API for inline and sideband ASE description: ASE REST API allows you to manage adding, removing, and modifying your backend servers. The REST API payload uses a JSON format. REST API also helps in integrating ASE with third-party products. The default port for ASE REST API is 8010. component: pingintelligence version: 5.1 page_id: pingintelligence:api_security_enforcer:pingintelligence_rest_api_inline_sideband_ase canonical_url: https://docs.pingidentity.com/pingintelligence/5.1/api_security_enforcer/pingintelligence_rest_api_inline_sideband_ase.html revdate: April 3, 2024 section_ids: common-request-headers: Common request headers create_api_post: Create API (POST) read_api_get: Read API (GET) list_api_get: List API (GET) update_api_put: Update API (PUT) delete-api-delete: Delete API (DELETE) create_server_post: Create server (POST) read_server_get: Read server (GET) delete_server_delete: Delete server (DELETE) read_cluster_get: Read cluster (GET) read_persistent_connection_get: Read persistent connections (GET) read_firewall_status_get: Read firewall status (GET) update_firewall_status_post: Update firewall status (POST) add_attack_blacklist_post: Add attack type to blacklist (POST) delete-attack-type-to-blacklist-delete: Delete attack type to blacklist (DELETE) clear_blacklist_delete: Clear the blacklist (DELETE) view_blacklist_get: View blacklist (GET) add_attack_whitelist_post: Add attack type to whitelist (POST) delete_attack_whitelist_delete: Delete attack type from the whitelist (DELETE) clear_whitelist_delete: Clear whitelist (DELETE) view_whitelist_post: View whitelist (POST) read_flow_control_get: Read flow control of an API (GET) update_flow_control_post: Update flow control for an API (POST) update_flow_control_server_post: Update flow control for a server of an API (POST) --- # REST API for inline and sideband ASE ASE REST API allows you to manage adding, removing, and modifying your backend servers. The REST API payload uses a JSON format. REST API also helps in integrating ASE with third-party products. The default port for ASE REST API is 8010. The following is a list of formats for ASE's REST APIs: * [**Create API (POST)**](#create_api_post) – Inline and sideband ASE * [**Read API (GET)**](#read_api_get) – Inline and sideband ASE * [**List API (GET)**](#list_api_get) – Inline and sideband ASE * [**Update API (PUT)**](#update_api_put) – Inline and sideband ASE * [**Create server (POST)**](#create_server_post) – Inline ASE * [**Read server (GET)**](#read_server_get) – Inline ASE * [**Delete server (DELETE)**](#delete_server_delete) – Inline ASE * [**Read cluster (GET)**](#read_cluster_get) – Inline ASE * [**Read persistent connections (GET)**](#read_persistent_connection_get) – Inline ASE * [**Read firewall status (GET)**](#read_firewall_status_get) – Inline and sideband ASE * [**Update firewall status (POST)**](#update_firewall_status_post) – Inline and sideband ASE * [**Add attack type to blacklist (POST)**](#add_attack_blacklist_post) – Inline and sideband ASE * [**Delete attack type from the whitelist (DELETE)**](#delete_attack_whitelist_delete) – Inline and sideband ASE * [**Clear the blacklist (DELETE)**](#clear_blacklist_delete) – Inline and sideband ASE * [**View blacklist (GET)**](#view_blacklist_get) – Inline and sideband ASE * [**Add attack type to whitelist (POST)**](#add_attack_whitelist_post) – Inline and sideband ASE * [**Delete attack type from the whitelist (DELETE)**](#delete_attack_whitelist_delete) – Inline and sideband ASE * [**Clear whitelist (DELETE)**](#clear_whitelist_delete) – Inline and sideband ASE * [**View whitelist (POST)**](#view_whitelist_post) – Inline and sideband ASE * [**Read flow control of an API (GET)**](#read_flow_control_get)– Inline ASE * [**Update flow control for an API (POST)**](#update_flow_control_post) – Inline ASE * [**Update flow control for a server of an API (POST)**](#update_flow_control_server_post) – Inline ASE ## **Common request headers** | Header | Value | | ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------- | | `x-ase-access-key` | ``` admin ``` The default and only allowed access key is admin. | | `x-ase-secret-key` | ``` ``` The default secret key is admin. You can change the default secret key using the update\_passowrd command. | | `Accept` | `application/json` | ## **Create API (POST)** **Request** | | | | ------------------ | ------------------------------- | | `POST` | `/v4/ase/api?api_id=sample_api` | | `Content-Type` | `application/json` | | `x-ase-access-key` | `` | | `x-ase-secret-key` | `` | | `Accept` | `application/json` | **REST API request** ```json { "api_metadata": { "protocol": "http", "url": "/your_rest_api", "hostname": "*", "cookie": "", "cookie_idle_timeout": "200m", "logout_api_enabled": false, "cookie_persistence_enabled": false, "oauth2_access_token": false, "apikey_qs": "", "apikey_header": "", "login_url": "", "enable_blocking": true, "api_mapping": { "internal_url": "" }, "api_pattern_enforcement": { "protocol_allowed": "", "http_redirect": { "response_code": "", "response_def": "", "https_url": "" }, "methods_allowed": [], "content_type_allowed": "", "error_code": "401", "error_def": "Unauthorized", "error_message_body": "401 Unauthorized" }, "flow_control": { "client_spike_threshold": "0/second", "server_connection_queueing": false }, "api_memory_size": "128mb", "health_check": true, "health_check_interval": 60, "health_retry_count": 4, "health_url": "/health", "server_ssl": false, "servers": [ { "host": "127.0.0.1", "port": 8080, "server_spike_threshold": "0/second", "server_connection_quota": 0 }, { "host": "127.0.0.1", "port": 8081, "server_spike_threshold": "0/second", "server_connection_quota": 0 } ], "decoy_config": { "decoy_enabled": false, "response_code": 200, "response_def": "", "response_message": "", "decoy_subpaths": [] } } } ``` **WebSocket API request** ```json { "api_metadata": { "protocol": "ws", "url": "/your_websocket_api", "hostname": "*", "cookie": "", "cookie_idle_timeout": "200m", "logout_api_enabled": false, "cookie_persistence_enabled": false, "oauth2_access_token": false, "apikey_qs": "", "apikey_header": "", "login_url": "", "enable_blocking": true, "api_mapping": { "internal_url": "" }, "api_pattern_enforcement": { "protocol_allowed": "", "http_redirect": { "response_code": "", "response_def": "", "https_url": "" }, "methods_allowed": [], "content_type_allowed": "", "error_code": "401", "error_def": "Unauthorized", "error_message_body": "401 Unauthorized" }, "flow_control": { "client_spike_threshold": "0/second", "bytes_in_threshold": "0/second", "bytes_out_threshold": "0/second", "server_connection_queueing": false }, "api_memory_size": "128mb", "health_check": true, "health_check_interval": 60, "health_retry_count": 4, "health_url": "/health", "server_ssl": false, "servers": [ { "host": "127.0.0.1", "port": 8080, "server_connection_quota": 0 }, { "host": "127.0.0.1", "port": 8081, "server_connection_quota": 0 } ], "decoy_config": { "decoy_enabled": false, "response_code": 200, "response_def": "", "response_message": "", "decoy_subpaths": [] } } } ``` **Response** | **HTTP Code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | -------------------------------------------------------------------------------------------------------------------------- | | `200` | `success` | ```json {"status" : "success" , "status_message" : "success" } ``` | | `403` | `fail` | ```json {"status" :"api_already_exists" ,"status_message" :"api sample_api already exists"} ``` | | `403` | `fail` | ```json {"status" : "validation_error" , "status_message" : "` | | `x-ase-secret-key` | `` | | `Accept` | `application/json` | **Response** | **HTTP Code** | **Status** | **Content body (application/json)** | | ------------- | ----------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `200` | `success` | **REST API**```json { "api_metadata": { "protocol": "http", "url": "/your_rest_api", "hostname": "*", "cookie": "", "cookie_idle_timeout": "200m", "logout_api_enabled": false, "cookie_persistence_enabled": false, "oauth2_access_token": false, "apikey_qs": "", "apikey_header": "", "login_url": "", "enable_blocking": true, "api_mapping": { "internal_url": "" }, "api_pattern_enforcement": { "protocol_allowed": "", "http_redirect": { "response_code": "", "response_def": "", "https_url": "" }, "methods_allowed": [], "content_type_allowed": "", "error_code": "401", "error_def": "Unauthorized", "error_message_body": "401 Unauthorized" }, "flow_control": { "client_spike_threshold": "0/second", "server_connection_queueing": false }, "api_memory_size": "128mb", "health_check": true, "health_check_interval": 60, "health_retry_count": 4, "health_url": "/health", "server_ssl": false, "servers": [ { "host": "127.0.0.1", "port": 8080, "server_spike_threshold": "0/second", "server_connection_quota": 0 }, { "host": "127.0.0.1", "port": 8081, "server_spike_threshold": "0/second", "server_connection_quota": 0 } ], "decoy_config": { "decoy_enabled": false, "response_code": 200, "response_def": "", "response_message": "", "decoy_subpaths": [] } } } ```**WebSocket API**```json { "api_metadata": { "protocol": "ws", "url": "/your_websocket_api", "hostname": "*", "cookie": "", "cookie_idle_timeout": "200m", "logout_api_enabled": false, "cookie_persistence_enabled": false, "oauth2_access_token": false, "apikey_qs": "", "apikey_header": "", "login_url": "", "enable_blocking": true, "api_mapping": { "internal_url": "" }, "api_pattern_enforcement": { "protocol_allowed": "", "http_redirect": { "response_code": "", "response_def": "", "https_url": "" }, "methods_allowed": [], "content_type_allowed": "", "error_code": "401", "error_def": "Unauthorized", "error_message_body": "401 Unauthorized" }, "flow_control": { "client_spike_threshold": "0/second", "bytes_in_threshold": "0/second", "bytes_out_threshold": "0/second", "server_connection_queueing": false }, "api_memory_size": "128mb", "health_check": true, "health_check_interval": 60, "health_retry_count": 4, "health_url": "/health", "server_ssl": false, "servers": [ { "host": "127.0.0.1", "port": 8080, "server_connection_quota": 0 }, { "host": "127.0.0.1", "port": 8081, "server_connection_quota": 0 } ], "decoy_config": { "decoy_enabled": false, "response_code": 200, "response_def": "", "response_message": "", "decoy_subpaths": [] } } } ``` | | `404` | `not found` | ```json {"status" :"api_not_found" ,"status_message" :"api sample_api does not exist"} ``` | ## **List API (GET)** **Request** | | | | ------------------ | ------------------ | | `GET` | `/v4/ase/api` | | `x-ase-access-key` | `` | | `x-ase-secret-key` | `` | | `Accept` | `application/json` | **Response** | **HTTP Code** | **Status** | **Content body (application/json)** | | ------------- | ----------- | ---------------------------------------------------------------------------------------------------------- | | `200` | `success` | ```json { "api_count": "1", "api": [ { "api_id": "sample_api", "status": "loaded" } ] } ``` | | `404` | `not found` | ```json {"status" :"api_not_found" ,"status_message" :"api sample_api does not exist"} ``` | ## **Update API (PUT)** **Request** | | | | ------------------ | ------------------------------- | | `PUT` | `/v4/ase/api?api_id=sample_api` | | `Content-Type` | `application/json` | | `x-ase-access-key` | `` | | `x-ase-secret-key` | `` | | `Accept` | `application/json` | **REST API request** ```json { "api_metadata": { "protocol": "http", "url": "/your_rest_api", "hostname": "*", "cookie": "", "cookie_idle_timeout": "200m", "logout_api_enabled": false, "cookie_persistence_enabled": false, "oauth2_access_token": false, "apikey_qs": "", "apikey_header": "", "login_url": "", "enable_blocking": true, "api_mapping": { "internal_url": "" }, "api_pattern_enforcement": { "protocol_allowed": "", "http_redirect": { "response_code": "", "response_def": "", "https_url": "" }, "methods_allowed": [], "content_type_allowed": "", "error_code": "401", "error_def": "Unauthorized", "error_message_body": "401 Unauthorized" }, "flow_control": { "client_spike_threshold": "0/second", "server_connection_queueing": false }, "api_memory_size": "128mb", "health_check": true, "health_check_interval": 60, "health_retry_count": 4, "health_url": "/health", "server_ssl": false, "servers": [ { "host": "127.0.0.1", "port": 8080, "server_spike_threshold": "0/second", "server_connection_quota": 0 }, { "host": "127.0.0.1", "port": 8081, "server_spike_threshold": "0/second", "server_connection_quota": 0 } ], "decoy_config": { "decoy_enabled": false, "response_code": 200, "response_def": "", "response_message": "", "decoy_subpaths": [] } } } ``` **WebSocket API request** ```json { "api_metadata": { "protocol": "ws", "url": "/your_websocket_api", "hostname": "*", "cookie": "", "cookie_idle_timeout": "200m", "logout_api_enabled": false, "cookie_persistence_enabled": false, "oauth2_access_token": false, "apikey_qs": "", "apikey_header": "", "login_url": "", "enable_blocking": true, "api_mapping": { "internal_url": "" }, "api_pattern_enforcement": { "protocol_allowed": "", "http_redirect": { "response_code": "", "response_def": "", "https_url": "" }, "methods_allowed": [], "content_type_allowed": "", "error_code": "401", "error_def": "Unauthorized", "error_message_body": "401 Unauthorized" }, "flow_control": { "client_spike_threshold": "0/second", "bytes_in_threshold": "0/second", "bytes_out_threshold": "0/second", "server_connection_queueing": false }, "api_memory_size": "128mb", "health_check": true, "health_check_interval": 60, "health_retry_count": 4, "health_url": "/health", "server_ssl": false, "servers": [ { "host": "127.0.0.1", "port": 8080, "server_connection_quota": 0 }, { "host": "127.0.0.1", "port": 8081, "server_connection_quota": 0 } ], "decoy_config": { "decoy_enabled": false, "response_code": 200, "response_def": "", "response_message": "", "decoy_subpaths": [] } } } ``` **Response** | **HTTP Code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | ----------------------------------------------------------------------------------------------------------- | | `200` | `success` | ```json {"status" : "success" , "status_message" : "success" } ``` | | `404` | `fail` | ```json {"status" :"api_not_found" ,"status_message" :"api sample_api does not exist"} ``` | ## **Delete API (DELETE)** **Request** | | | | ------------------ | ------------------------------- | | `DELETE` | `/v4/ase/api?api_id=sample_api` | | `x-ase-access-key` | \ | | `x-ase-secret-key` | `` | | `Accept` | `application/json` | **Response** | **HTTP Code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | ----------------------------------------------------------------------------------------------------------- | | `200` | `success` | ```json {"status" : "success" , "status_message" : "success" } ``` | | `404` | `fail` | ```json {"status" :"api_not_found" ,"status_message" :"api sample_api does not exist"} ``` | ## **Create server (POST)** **Request** | | | | ------------------ | ----------------------------- | | `POST` | `/v4/ase/server?api_id=` | | `Content-Type` | `application/json` | | `x-ase-access-key` | `` | | `x-ase-secret-key` | `` | | `Accept` | `application/json` | **REST API request** ```json { "server": { "host": "192.168.1.100", "port": 8080, "server_spike_threshold": "1/second", "server_connection_quota": 100 } } WebSocket API Request { "server": { "host": "192.168.1.100", "port": 8080, "server_connection_quota": 100 } } ``` **Response** | **HTTP Code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | ----------------------------------------------------------------------------------------------------------------------- | | `200` | `success` | ```json {"status" : "success" , "status_message" : "success" } ``` | | `404` | `fail` | ```json {"status" :"api_not_found" ,"status_message" :"api sample_api does not exist"} ``` | | `403` | `fail` | ```json {"status" : "validation_error" , "status_message" : "detailed info about validation error"} ``` | | `403` | `fail` | ```json {"status" : "server_exists" , "status_message" :"server already exists"} ``` | ## **Read server (GET)** **Request** | | | | ------------------ | -------------------------------- | | `GET` | `/v4/ase/server?api_id=` | | `x-ase-access-key` | `` | | `x-ase-secret-key` | `` | | `Accept` | `application/json` | **Response** | **HTTP Code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `200` | `success` | **REST API**```json { "api_id" : "sample_api" "server_count" : 2, "server": [ { "host" : "192.168.1.100" "port" : 8080, "server_connection_quota": 1000, "server_spike_threshold": "10/second", "health_status" :"Up" }, { "host" : "192.168.1.100" "port" : 8081, server_connection_quota": 1000, "server_spike_threshold": "10/second", "health_status" :"Down" } ] } ```**WebSocket API**```json { "api_id" : "sample_api" "server_count" : 2, "server": [ { "host" : "192.168.1.100" "port" : 8080, "server_connection_quota": 1000, "health_status" :"Up" }, { "host" : "192.168.1.100" "port" : 8081, "server_connection_quota": 1000, "health_status" :"Down" } ] } ``` | | `404` | `fail` | ```json {"status" :"api_not_found" ,"status_message" :"api sample_api does not exist"} ``` | ## **Delete server (DELETE)** **Request** | | | | ------------------ | ----------------------------- | | `DELETE` | `/v4/ase/server?api_id=` | | `Content-Type` | `application/json` | | `x-ase-access-key` | `` | | `x-ase-secret-key` | `` | | `Accept` | `application/json` | ```json { "server": { "host" : "192.168.1.100", "port" : 8080 } } ``` **Response** | **HTTP Code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | ----------------------------------------------------------------------------------------------------------------------------- | | `200` | `success` | ```json {"status" : "success" , "status_message" : "success" } ``` | | `404` | `fail` | ```json {"status" :"api_not_found" ,"status_message" :"api sample_api does not exist"} ``` | | `404` | `fail` | ```json {"status" :"server_not_found" ,"status_message" :"server does not exist"} ``` | | `403` | `fail` | ```json {"status" : "validation_error" , "status_message" : "detailed info about json validation error"} ``` | ## **Read cluster (GET)** **Request** | | | | ------------------ | ------------------ | | `GET` | `/v4/ase/cluster` | | `x-ase-access-key` | `` | | `x-ase-secret-key` | `` | | `Accept` | `application/json` | **Response** | **HTTP Code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `200` | `success` | ```json { "cluster_id" : "test_cluster" "node_count" : 2 , "node": [ { "host" : "192.168.2.100" "port" : 8080 "uuid" : "1c359368-22b6-4713-a5be-15e5cbbddf7a" "status" :"active" }, { "host" : "192.168.2.101" "port" : 8080 "uuid" : "2d359368-20b6-4713-a5be-15e5cbbde8d" "status" :"inactive" } ] } ``` | | `404` | `fail` | ```json {"status" :"no_cluster_mode" ,"status_message" :"ase is not in cluster mode"} ``` | ## **Read persistent connections (GET)** **Request** | | | | ------------------ | -------------------------------------------- | | `GET` | `/v4/ase/persistentconnection?api_id=sample` | | `x-ase-access-key` | `` | | `x-ase-secret-key` | `` | | `Accept` | `application/json` | **Response** | **HTTP Code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | ------------------------------------------------------------------------------------------------------- | | `200` | `success` | ```json { "api_id" : "sample" "persistent_connection_count" : { "ws":1, "wss":0 } } ``` | | `404` | `fail` | ```json {"status" :"api_not_found" ,"status_message" :"api sample does not exist"} ``` | ## **Read firewall status (GET)** **Request** | | | | ------------------ | ------------------------------------ | | `GET` | `/v4/ase/firewall` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | **Response** | **HTTP code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | -------------------------------------------------------------- | | `200` | `success` | `\{``"status" :"enabled/disabled",``"status_message" :"Ok"``}` | ## **Update firewall status (POST)** **Request** | | | | ------------------ | ---------------------------------------- | | `POST` | `/v4/ase/firewall?status=enable/disable` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | **Response** | **HTTP Code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `200` | `success` | **If there is a status change**```json { "status" :"enabled/disabled", "status_message" :"Firewall is now enabled/disabled" } ```**If there is no change in status**```json { "status" :"enabled/disabled", "status_message" :"Firewall is already enabled/disabled" } ``` | | `403` | `fail` | ```json {"status" :"invalid_value" ,"status_message" :"query parameter status contains invalid value"} ``` | ## **Add attack type to blacklist (POST)** **Request** | | | | ------------------ | ---------------------------- | | `POST` | `/v4/ase/firewall/blacklist` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | ``` ===============for IP=============== { "type" : "ip", "value" : "1.1.1.1" } ===============for Token============= { "type" : "token", "value" : "sadjhasiufgkjdsbfkgfa" } =============for Cookie/api_key======= { "type" : "cookie/token/api_key", "name" : "JSESSIONID", "value" : "ljkhasioutfdqbjsfdmakhflia" } ``` **Response** | **Status code** | **Response body** | | --------------------------- | ----------------------------------------------------------------- | | `200 OK` | Cookie `JSESSIONID ljkhasioutfdqbjsfdmakhflia` added to blacklist | | `403 Forbidden` | Cookie `JSESSIONID ljkhasioutfdqbjsfdmakhflia` already exist | | `403 Forbidden` | `content-type header missing` | | `403 Forbidden` | `x-ase-access-key header missing` | | `403 Forbidden` | `x-ase-secret-key header missing` | | `403 Forbidden` | `authorization failure` | | `403 Forbidden` | `json parsing error` | | `500 Internal Server Error` | `unknown error` | ## **Delete attack type to blacklist (DELETE)** **Request** | | | | ------------------ | ------------------------------------ | | `DELETE` | `/v4/ase/firewall/blacklist` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | ``` ===============for IP=============== { "type" : "ip", "value" : "1.1.1.1" } ===============for Token============= { "type" : "token", "value" : "sadjhasiufgkjdsbfkgfa" } =============for Cookie/api_key======= { "type" : "cookie/token/api_key", "name" : "JSESSIONID", "value" : "ljkhasioutfdqbjsfdmakhflia" } ``` **Response** | **Status code** | **Response body** | | --------------------------- | --------------------------------------------------------------------- | | `200 OK` | Cookie `JSESSIONID ljkhasioutfdqbjsfdmakhflia` deleted from blacklist | | `403 Forbidden` | Cookie `JSESSIONID ljkhasioutfdqbjsfdmakhflia` already exist | | `403 Forbidden` | `content-type header missing` | | `403 Forbidden` | `x-ase-access-key header missing` | | `403 Forbidden` | `x-ase-secret-key header missing` | | `403 Forbidden` | `authorization failure` | | `403 Forbidden` | `json parsing error` | | `500 Internal Server Error` | `unknown error` | ## **Clear the blacklist (DELETE)** **Request** | | | | ------------------ | ------------------------------------ | | `DELETE` | `/v4/ase/firewall/blacklist?tag=all` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | **Response** | **Status code** | **Response body** | | --------------------------- | --------------------------------- | | `200 OK` | `Blacklist cleared` | | `403 Forbidden` | `content-type header missing` | | `403 Forbidden` | `x-ase-access-key header missing` | | `403 Forbidden` | `x-ase-secret-key header missing` | | `403 Forbidden` | `authorization failure` | | `500 Internal Server Error` | `unknown error` | ## **View blacklist (GET)** **Request** | | | | ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------- | | `GET` | `/v4/ase/firewall/blacklist?tag=` | | `Tags` | `tag=all (default is all)`- `all` - `manual` - `abs_generated` - `invalid_content_type` - `invalid_method` - `invalid_protocol` - `decoy` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | **Response** | **Status code** | **Response body** | | --------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `200 OK` | ```json { "manual_blacklist" : [ { "type" : "cookie", "name" : "JSESSIONID", "value" : "ljkhasiosalia", }, { "type" : "ip", "value" : "1.1.1.1", } ], "abs_generated_blacklist" : [ { "type" : "cookie", "name" : "JSESSIONID", "value" : "ljkhasisadosalia", }, { "type" : "ip", "value" : "1.1.1.2", } ] } ``` | | `403 Forbidden` | Cookie `JSESSIONID ljkhasioutfdqbjsfdmakhflia` already exist | | `403 Forbidden` | `content-type header missing` | | `403 Forbidden` | `x-ase-access-key header missing` | | `403 Forbidden` | `x-ase-secret-key header missing` | | `403 Forbidden` | `authorization failure` | | `500 Internal Server Error` | `unknown error` | ## **Add attack type to whitelist (POST)** **Request** | | | | ------------------ | ---------------------------- | | `POST` | `/v4/ase/firewall/whitelist` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | ``` ===============for IP=============== { "type" : "ip", "value" : "1.1.1.1" } ===============for Token============= { "type" : "token", "value" : "sadjhasiufgkjdsbfkgfa" } =============for Cookie/api_key======= { "type" : "cookie/token/api_key", "name" : "JSESSIONID", "value" : "ljkhasioutfdqbjsfdmakhflia" } ``` **Response** | **Status code** | **Response body** | | --------------------------- | ----------------------------------------------------------------- | | `200 OK` | Cookie `JSESSIONID ljkhasioutfdqbjsfdmakhflia` added to whitelist | | `403 Forbidden` | Cookie `JSESSIONID ljkhasioutfdqbjsfdmakhflia` already exist | | `403 Forbidden` | `content-type header missing` | | `403 Forbidden` | `x-ase-access-key header missing` | | `403 Forbidden` | `x-ase-secret-key header missing` | | `403 Forbidden` | `authorization failure` | | `403 Forbidden` | `json parsing error` | | `500 Internal Server Error` | `unknown error` | ## **Delete attack type from the whitelist (DELETE)** **Request** | | | | ------------------ | ---------------------------- | | `DELETE` | `/v4/ase/firewall/whitelist` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | ``` ===============for IP=============== { "type" : "ip", "value" : "1.1.1.1" } ===============for Token============= { "type" : "token", "value" : "sadjhasiufgkjdsbfkgfa" } =============for Cookie/api_key======= { "type" : "cookie/token/api_key", "name" : "JSESSIONID", "value" : "ljkhasioutfdqbjsfdmakhflia" } ``` **Response** | **Status code** | **Response body** | | --------------------------- | ----------------------------------------------------------------- | | `200 OK` | Cookie `JSESSIONID ljkhasioutfdqbjsfdmakhflia` added to whitelist | | `403 Forbidden` | Cookie `JSESSIONID ljkhasioutfdqbjsfdmakhflia` already exist | | `403 Forbidden` | `content-type header missing` | | `403 Forbidden` | `x-ase-access-key header missing` | | `403 Forbidden` | `x-ase-secret-key header missing` | | `403 Forbidden` | `authorization failure` | | `403 Forbidden` | `json parsing error` | | `500 Internal Server Error` | `unknown error` | ## **Clear whitelist (DELETE)** **Request** | | | | ------------------ | ------------------------------------ | | `DELETE` | `/v4/ase/firewall/whitelist?tag=all` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | **Response** | **Status code** | **Response body** | | --------------------------- | --------------------------------- | | `200 OK` | `Whitelist cleared` | | `403 Forbidden` | `content-type header missing` | | `403 Forbidden` | `x-ase-access-key header missing` | | `403 Forbidden` | `x-ase-secret-key header missing` | | `403 Forbidden` | `authorization failure` | | `500 Internal Server Error` | `unknown error` | ## **View whitelist (POST)** **Request** | | | | ------------------ | ---------------------------- | | `GET` | `/v4/ase/firewall/whitelist` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | **Response** | **Status code** | **Response body** | | --------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `200 OK` | ```json { "whitelist" : [ { "type" : "cookie", "name" : "JSESSIONID", "value" : "ljkhasiosalia", }, { "type" : "ip", "value" : "1.1.1.1", } ] } ``` | | `403 Forbidden` | `content-type header missing` | | `403 Forbidden` | `x-ase-access-key header missing` | | `403 Forbidden` | `x-ase-secret-key header missing` | | `403 Forbidden` | `authorization failure` | | `500 Internal Server Error` | `unknown error` | ## **Read flow control of an API (GET)** **Request** | | | | ------------------ | ------------------------------------------------ | | `GET` | `/v4/ase/firewall/flowcontrol?api_id=` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | **Response** | **HTTP code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `200` | `success` | **Flow control for REST API**```json { "api_id": "api_name" "flow_control": { "client_spike_threshold": "0/second", "server_connection_queueing": false } } ```**Flow control for WebSocket API**```json { "api_id": "api_name" "flow_control": { "client_spike_threshold": "100/second", "bytes_in_threshold": "10/second", "bytes_out_threshold": "10/second", "server_connection_queueing": false } } ``` | | `403` | `fail` | ```json {"status" : "validation_error" , "status_message" : "` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | ``` ``` | | `Accept` | `application/json` | **REST APIs** ```json { "flow_control": { "client_spike_threshold": "0/second" } } ``` **WebSocket APIs** ```json { "flow_control": { "client_spike_threshold": "10/second", "bytes_in_threshold": "10/second", "bytes_out_threshold": "10/second" } } ``` **Response** | **HTTP code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `200` | `success` | **Flow control for REST APIs**```json { "api_id": "api_name" "flow_control": { "client_spike_threshold": "0/second", "server_connection_queueing": false } } ```**Flow control for WebSocket APIs**```json { "api_id": "api_name" "flow_control": { "client_spike_threshold": "0/second", "bytes_in_threshold": "10/second", "bytes_out_threshold": "10/second", "server_connection_queueing": false }} ``` | | `403` | `fail` | ```json {"status" : "validation_error" , "status_message" : "` | | `x-ase-access-key` | ``` ``` | | `x-ase-secret-key` | `<` | | `Accept` | `application/json` | **REST APIs** ```json { "server": { "host": "127.0.0.2", "port": 8080, "server_connection_quota": 1000, "server_spike_threshold": "10/second" } } ``` **WebSocket APIs** ```json { "server": { "host": "127.0.0.2", "port": 8080, "server_connection_quota": 100000 } } ``` **Response** | **HTTP code** | **Status** | **Content body (application/json)** | | ------------- | ---------- | -------------------------------------------------------------------------------------------------------------------------- | | `200` | `success` | ```json { "status": "success", "status_message": "server updated successfully" } ``` | | `403` | `fail` | ```json {"status" : "validation_error" , "status_message" : "