PingIntelligence for APIs Dashboard provides the capability of interactive blacklist management. A blacklist is a list of client identifiers that were detected executing an attack. The dashboard enables you to unblock the blacklisted client identifiers or tune the threshold values for attack types. It supports the following client identifier types- IP address, Cookie, Token, API Key, and Username. You can view the top-500 entries on each blacklist from the dashboard.

Click on the count for any blacklist type, for example, IP Blacklist. The dashboard lists the blacklisted IP addresses along with the Detected date..

The following screenshot shows the expanded blacklist:

For each blacklisted IP address, you get the option to Unblock or Tune in the Action list. Clicking on either action redirects the dashboard to the Attack management application. Attack management allows you to run the operations for unblocking the client identifiers and tuning the threshold values.
Note: The Action list is available only for an Admin user. You need to have Admin user privileges to perform Unblock and Tune operations on a client identifier.

The following screen shot shows the Attack management UI.

The values in Client Identifier Type and Enter IP Address get auto-populated into the Attack management application from the dashboard. The AMT Action is auto-selected. Click Run to execute the operation. For more information on Attack management, see Tune thresholds and unblock clients.

Note: Dashboard does not populate the API key key-name in the Attack management application when the client identifier is API key. It only populates the API key value.