To manage API Security Enforcer (ASE) operations for OAuth2 tokens, cookies, IP addresses, username, and API keys on an allow list.
To manage the ASE allow list:
-
To add an IP address to an allow list, run the add_whitelist
command with the ip option:
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin add_whitelist ip 10.10.10.10 ip 10.10.10.10 added to whitelist
-
To add a cookie to an allow list, run the add_whitelist command
with the cookie option:
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin add_whitelist cookie JSESSIONID cookie_1.4 cookie JSESSIONID cookie_1.4 added to whitelist
-
To add a token to an allow list, run the add_whitelist with the
token option:
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin add_whitelist token token1.4 token token1.4 added to whitelist
- To add an API key to an allow list, run the add_whitelist command with the
api_key option:
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin add_whitelist api_key X-API-KEY key_1.4 api_key X-API-KEY key_1.4 added to whitelist
-
To add a username to an allow list, run the add_whitelist
command with the username option:
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin add_whitelist username user1 username user1 added to whitelist
-
To view an allow list, run the view_whitelist command:
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin view_whitelist Whitelist 1) type : ip, value : 1.1.1.1 2) type : cookie, name : JSESSIONID, value : cookie_1.1 3) type : token, value : token1.3 4) type : api_key, name : X-API-KEY, value : key_1.4
-
To delete an entry from an allow list, run the delete_whitelist
command:
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin delete_whitelist ip 4.4.4.4 ip 4.4.4.4 deleted from whitelist /opt/pingidentity/ase/bin/cli.sh -u admin -p admin delete_whitelist cookie JSESSIONID cookie_1.1 cookie JSESSIONID cookie_1.1 deleted from whitelist /opt/pingidentity/ase/bin/cli.sh -u admin -p admin delete_whitelist token token1.1 token token1.1 deleted from whitelist /opt/pingidentity/ase/bin/cli.sh -u admin -p admin delete_whitelist api_key X-API-KEY key_1.4 api_key X-API-KEY key_1.4 deleted from whitelist /opt/pingidentity/ase/bin/cli.sh -u admin -p admin delete_whitelist username user1 username user1 deleted from whitelist
-
To clear the allow list, run the clear_whitelist command:
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin clear_whitelist This will delete all whitelist Attacks, Are you sure (y/n) : y Whitelist cleared