---
title: Viewing deception APIs
description: View the deception APIs.
component: pingintelligence
version: 5.2
page_id: pingintelligence:installing_pingintelligence_for_apis:pingintelligence_view_deception_apis
canonical_url: https://docs.pingidentity.com/pingintelligence/5.2/installing_pingintelligence_for_apis/pingintelligence_view_deception_apis.html
revdate: April 3, 2024
section_ids:
  about-this-task: About this task
  steps: Steps
  example: Example:
---

# Viewing deception APIs

View the deception APIs.

## About this task

The deception application programming interface (API) *(tooltip: \<div class="paragraph">
\<p>A specification of interactions available for building software to access an application or service.\</p>
\</div>)* is part of the Docker setup. The deception command completes the following steps:

* Enables API Security Enforcer (ASE) detected attacks.

* Fetches the list of configured APIs from ASE.

* Sends traffic to the decoy API and receives a `200 OK` response.

* Sends traffic to a regular API (for example, shopapi). The connection is blocked because any client that previously accessed a decoy API is not allowed access to production APIs.

|   |                                                              |
| - | ------------------------------------------------------------ |
|   | API deception works only for inline Docker evaluation setup. |

## Steps

* Run the following script to test API deception:

  ```
  root@vortex-108:/opt/pingidentity/docker-poc$sudo./bin/start.sh deception
  ```

  ### Example:

  ```
  Enabling enable_ase_detected_attack on ASE...
  Press any key to continue
  ASE Detected Attack is now enabled
  Fetching the list of APIs from ASE
  Press any key to continue
  decoy ( loaded ), http, decoy: out-context, client_spike_threshold: 0/second, server_connection_queueing: disabled
  shop-books ( loaded ), http, client_spike_threshold: 300/second, server_connection_queueing: disabled
  shop-electronics ( loaded ), http, decoy: in-context, client_spike_threshold: 700/second, server_connection_queueing: enabled
  shop ( loaded ), http, decoy: in-context, client_spike_threshold: 300/second, server_connection_queueing: disabled
  Sending traffic to "decoy API" with client IP 10.10.10.10...
  Press any key to continue
  curl -v http://localhost:8000/decoy/myhome -H "X-Forwarded-For: 10.10.10.10"
  * Trying 127.0.0.1...
  * Connected to localhost (127.0.0.1) port 8000 (#0)
  > GET /decoy/myhome HTTP/1.1
  > Host: localhost:8000
  > User-Agent: curl/7.47.0
  > Accept: /
  > X-Forwarded-For: 10.10.10.10
  >
  < HTTP/1.1 200 OK
  < Server: ASE
  < Content-Length: 2
  < Connection: close
  <
  * Closing connection 0
  OK
  Accessing regular API using client IP 10.10.10.10...
  Press any key to continue
  curl -v http://localhost:8000/shopapi/login -H "Host: shopapi" -H "Content-Type: application/text" -H "X-Forwarded-For: 10.10.10.10" -d 'user=root'
  * Trying 127.0.0.1...
  * Connected to localhost (127.0.0.1) port 8000 (#0)
  > POST /shopapi/login HTTP/1.1
  > Host: shopapi
  > User-Agent: curl/7.47.0
  > Accept: /
  > Content-Type: application/text
  > X-Forwarded-For: 10.10.10.10
  > Content-Length: 9
  >
  * upload completely sent off: 9 out of 9 bytes
  < HTTP/1.1 401 Unauthorized
  < Server: ASE
  < Connection: close
  < content-length: 19
  <
  * Closing connection 0
  Error: Unauthorized
  Error: Unauthorized
  ```