Managing the ASE allow list - PingIntelligence for APIs

Managing the ASE allow list - PingIntelligence for APIs - 5.2

PingIntelligence

bundle

pingintelligence-52

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 5.2 (Latest)

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-52

pingintelligence

private

ContentType_ce

To manage API Security Enforcer (ASE) operations for OAuth2 tokens, cookies, IP addresses, username, and API keys on an allow list.

To manage the ASE allow list:

To add an IP address to an allow list, run the add_whitelist command with the ip option:

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin add_whitelist ip 10.10.10.10
ip 10.10.10.10 added to whitelist

To add a cookie to an allow list, run the add_whitelist command with the cookie option:

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin add_whitelist cookie JSESSIONID cookie_1.4
cookie JSESSIONID cookie_1.4 added to whitelist

To add a token to an allow list, run the add_whitelist with the token option:


/opt/pingidentity/ase/bin/cli.sh -u admin -p admin add_whitelist token token1.4
token token1.4 added to whitelist

To add an API key to an allow list, run the add_whitelist command with the api_key option:


/opt/pingidentity/ase/bin/cli.sh -u admin -p admin add_whitelist api_key X-API-KEY key_1.4
api_key X-API-KEY key_1.4 added to whitelist

To add a username to an allow list, run the add_whitelist command with the username option:

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin add_whitelist username user1
username user1 added to whitelist

To view an allow list, run the view_whitelist command:

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin view_whitelist
Whitelist
1) type : ip, value : 1.1.1.1
2) type : cookie, name : JSESSIONID, value : cookie_1.1
3) type : token, value : token1.3
4) type : api_key, name : X-API-KEY, value : key_1.4

To delete an entry from an allow list, run the delete_whitelist command:

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin delete_whitelist ip 4.4.4.4
ip 4.4.4.4 deleted from whitelist

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin delete_whitelist cookie JSESSIONID cookie_1.1
cookie JSESSIONID cookie_1.1 deleted from whitelist

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin delete_whitelist token token1.1
token token1.1 deleted from whitelist

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin delete_whitelist api_key X-API-KEY key_1.4
api_key X-API-KEY key_1.4 deleted from whitelist

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin delete_whitelist username user1
username user1 deleted from whitelist

To clear the allow list, run the clear_whitelist command:

/opt/pingidentity/ase/bin/cli.sh -u admin -p admin clear_whitelist
This will delete all whitelist Attacks, Are you sure (y/n) : y
Whitelist cleared