Deleting individual client identifiers - PingIntelligence for APIs

Deleting individual client identifiers - PingIntelligence for APIs - 5.2

PingIntelligence

bundle

pingintelligence-52

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 5.2 (Latest)

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-52

pingintelligence

private

ContentType_ce

You can delete active client identifiers.

The API requires only the message body with a client identifier in their respective sections, to delete active client identifiers. The API checks if the client identifier is present in the blocklist or not before deleting. If you provide a client identifier which is not part of the blocklist, the API ignores such client identifiers.

Use the attacklist API with PUT method to delete the client identifiers:

URL: /v4/abs/attacklist
Method: PUT

Note:

You can provide only specific section of a client identifier in the message body. For example, if you only want to delete specific usernames, then provide only the username section in the message body. Make sure that the JSON file is well-formed.

The following is a sample message body for the attacklist API to delete client identifiers:

{
        "ips": [
            "192.168.4.10",
            "10.10.10.73",
            "10.1.1.4",
            "10.9.8.7"
        ],
        "cookies": {
            "PHPSESSIONID": [
            "Cookie1",
            "Cookie2"
            ],
        "JSESSIONID": [
            "Cookie3",
            "AnyCookie",
            "Cookie4"
            
        },
        "oauth_tokens": [
            "Token1",
            "Token2",
            "Token3"
        ],
        "api_keys": [
            "type2_api_key",
            "api_key_1",
            "api_key_2",
         ],
        "usernames": [
            "username1",
            "username2",
            "username3",
         ]
}

The following is a sample message body showing the client identifiers that were deleted:

{
  "message": "Success: The following attacks have been removed:",
  "date": "Thu Jun 09 03:39:12 UTC 2019",
  "attacklist": {
    "ips": [
            "192.168.4.10",
            "10.10.10.73",
            "10.1.1.4",
            "10.9.8.7"
    ],
    "cookies": {
      "PHPSESSIONID": [
            "Cookie1",
            "Cookie2"
      ],
      "JSESSIONID": [
            "Cookie3",
            "AnyCookie",
            "Cookie4"
      ]
    },
    "oauth_tokens": [
            "Token1",
            "Token2",
            "Token3"
    ],
    "api_keys": [
            "type2_api_key",
            "api_key_1",
            "api_key_2",
    ],
    "usernames": [
            "username1",
            "username2",
            "username3",
    ]
  }
}