Enabling API blocking in ASE - PingIntelligence for APIs - 5.2

PingIntelligence

bundle: pingintelligence-52
ft:publication_title: PingIntelligence
Product_Version_ce: PingIntelligence for APIs 5.2 (Latest)
category: APISecurity; AdvancedAPICybersecurity; Capability; Environment; OS; Product; apisecurity; capability; linux; pi-52; pingintelligence; private
ContentType_ce

You can configure API Security Enforcer (ASE) to selectively block on a per API basis by configuring an API JSON file parameter.

To enable per API blocking for each API:

Set the enable_blocking parameter to true in the API JSON file.
```
api_metadata": {
 "protocol": "http",
 "url": "/",
 "hostname": "*",
 "cookie": "",
 "cookie_idle_timeout": "200m",
 "logout_api_enabled": false,
 "cookie_persistence_enabled": false,
 "oauth2_access_token": false,
 "apikey_qs": "",
 "apikey_header": "",
 "enable_blocking": true,
 "login_url": "",
 "api_mapping": {
 "internal_url": ""
 },
```
Note:
If per API blocking is disabled, API Behavioral Security (ABS) still detects the suspected attacks for that specific API, however, ASE does not block them. ASE will continue to block the suspected attacks on other APIs with the enable_blocking set to true.