In API Security Enforcer (ASE), you manage detected attacks through both allow list and deny list.
Client identifiers in deny list are blocked by ASE while those in the allow list are never blocked. You can also choose to block or allow a client identifier at API level by configuring the individual API JSON.
- Allow list
- List of safe IP addresses, cookies, OAuth2 Tokens, API keys, or usernames that will not be blocked by ASE.
- Deny list
- List of bad IP addresses, cookies, OAuth2 Tokens, API keys, or usernames that are always blocked by ASE.