---
title: Enabling API blocking in ASE
description: You can configure API Security Enforcer (ASE) to selectively block on a per application programming interface (API) basis by configuring an API JavaScript Object Notation (JSON) file parameter.
component: pingintelligence
version: 5.2
page_id: pingintelligence:pingintelligence_reference_guide:pingintelligence_enabling_api_blocking_ase
canonical_url: https://docs.pingidentity.com/pingintelligence/5.2/pingintelligence_reference_guide/pingintelligence_enabling_api_blocking_ase.html
revdate: April 3, 2024
section_ids:
  about-this-task: About this task
  steps: Steps
  example: Example:
---

# Enabling API blocking in ASE

You can configure API Security Enforcer (ASE) to selectively block on a per application programming interface (API) *(tooltip: \<div class="paragraph">
\<p>A specification of interactions available for building software to access an application or service.\</p>
\</div>)* basis by configuring an API JavaScript Object Notation (JSON) *(tooltip: \<div class="paragraph">
\<p>An open, lightweight data-interchange format that uses human-readable text to store and transmit data.\</p>
\</div>)* file parameter.

## About this task

To enable per API blocking for each API:

## Steps

* Set the `enable_blocking` parameter to `true` in the API JSON file.

  ### Example:

  ```
  api_metadata": {
   "protocol": "http",
   "url": "/",
   "hostname": "*",
   "cookie": "",
   "cookie_idle_timeout": "200m",
   "logout_api_enabled": false,
   "cookie_persistence_enabled": false,
   "oauth2_access_token": false,
   "apikey_qs": "",
   "apikey_header": "",
   "enable_blocking": true,
   "login_url": "",
   "api_mapping": {
   "internal_url": ""
   },
  ```

  |   |                                                                                                                                                                                                                                                                      |
  | - | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
  |   | If per API blocking is disabled, API Behavioral Security (ABS) still detects the suspected attacks for that specific API, however, ASE does not block them. ASE will continue to block the suspected attacks on other APIs with the `enable_blocking` set to `true`. |