API Security Enforcer (ASE) REST API allows you to add, remove, and modify your backend servers.
The REST API payload uses a JSON format. REST API also helps
integrate ASE with third-party products. The default port for ASE REST API is
8010
.
The following is a list of formats for ASE’s REST APIs:
- Create API (POST) – Inline and sideband ASE
- Read API (GET) – Inline and sideband ASE
- List API (GET) – Inline and sideband ASE
- Update API (PUT) – Inline and sideband ASE
- Create Server (POST) – Inline ASE
- Read Server (GET) – Inline ASE
- Delete Server (DELETE) – Inline ASE
- Read Cluster (GET) – Inline ASE
- Read Persistent Connections (GET) – Inline ASE
- Read Firewall Status (GET) – Inline and sideband ASE
- Update Firewall Status (POST) – Inline and sideband ASE
- Add Attack Type to Blacklist (POST) – Inline and sideband ASE
- Delete Attack Type from the Whitelist (DELETE) – Inline and sideband ASE
- Clear the Blacklist (DELETE) – Inline and sideband ASE
- View Blacklist (GET) – Inline and sideband ASE
- Add Attack Type to Whitelist (POST) – Inline and sideband ASE
- Delete Attack Type from the Whitelist (DELETE) – Inline and sideband ASE
- Clear Whitelist (DELETE) – Inline and sideband ASE
- View Whitelist (POST) – Inline and sideband ASE
- Read Flow Control of an API (GET) – Inline ASE
- Update Flow Control for an API (POST) – Inline ASE
- Update Flow Control for a Server of an API (POST) – Inline ASE
Common request headers
Header | Value |
---|---|
|
Note:
The default and only allowed access key is |
|
Note:
The default secret key is |
|
|
Create API (POST)
|
|
|
|
|
|
|
|
|
|
REST API request:
{
"api_metadata": {
"protocol": "http",
"url": "/your_rest_api",
"hostname": "*",
"cookie": "",
"cookie_idle_timeout": "200m",
"logout_api_enabled": false,
"cookie_persistence_enabled": false,
"oauth2_access_token": false,
"apikey_qs": "",
"apikey_header": "",
"login_url": "",
"enable_blocking": true,
"api_mapping": {
"internal_url": ""
},
"api_pattern_enforcement": {
"protocol_allowed": "",
"http_redirect": {
"response_code": "",
"response_def": "",
"https_url": ""
},
"methods_allowed": [],
"content_type_allowed": "",
"error_code": "401",
"error_def": "Unauthorized",
"error_message_body": "401 Unauthorized"
},
"flow_control": {
"client_spike_threshold": "0/second",
"server_connection_queueing": false
},
"api_memory_size": "128mb",
"health_check": true,
"health_check_interval": 60,
"health_retry_count": 4,
"health_url": "/health",
"server_ssl": false,
"servers": [
{
"host": "127.0.0.1",
"port": 8080,
"server_spike_threshold": "0/second",
"server_connection_quota": 0
},
{
"host": "127.0.0.1",
"port": 8081,
"server_spike_threshold": "0/second",
"server_connection_quota": 0
}
],
"decoy_config": {
"decoy_enabled": false,
"response_code": 200,
"response_def": "",
"response_message": "",
"decoy_subpaths": []
}
}
}
WebSocket API request:
{
"api_metadata": {
"protocol": "ws",
"url": "/your_websocket_api",
"hostname": "*",
"cookie": "",
"cookie_idle_timeout": "200m",
"logout_api_enabled": false,
"cookie_persistence_enabled": false,
"oauth2_access_token": false,
"apikey_qs": "",
"apikey_header": "",
"login_url": "",
"enable_blocking": true,
"api_mapping": {
"internal_url": ""
},
"api_pattern_enforcement": {
"protocol_allowed": "",
"http_redirect": {
"response_code": "",
"response_def": "",
"https_url": ""
},
"methods_allowed": [],
"content_type_allowed": "",
"error_code": "401",
"error_def": "Unauthorized",
"error_message_body": "401 Unauthorized"
},
"flow_control": {
"client_spike_threshold": "0/second",
"bytes_in_threshold": "0/second",
"bytes_out_threshold": "0/second",
"server_connection_queueing": false
},
"api_memory_size": "128mb",
"health_check": true,
"health_check_interval": 60,
"health_retry_count": 4,
"health_url": "/health",
"server_ssl": false,
"servers": [
{
"host": "127.0.0.1",
"port": 8080,
"server_connection_quota": 0
},
{
"host": "127.0.0.1",
"port": 8081,
"server_connection_quota": 0
}
],
"decoy_config": {
"decoy_enabled": false,
"response_code": 200,
"response_def": "",
"response_message": "",
"decoy_subpaths": []
}
}
}
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
|
|
|
|
|
|
|
Read API (GET)
|
|
|
|
|
|
|
|
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
REST API:
WebSocket API:
|
|
|
|
List API (GET)
|
|
|
|
|
|
|
|
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
|
|
|
|
Update API (PUT)
|
|
|
|
|
|
|
|
|
|
REST API request:
{
"api_metadata": {
"protocol": "http",
"url": "/your_rest_api",
"hostname": "*",
"cookie": "",
"cookie_idle_timeout": "200m",
"logout_api_enabled": false,
"cookie_persistence_enabled": false,
"oauth2_access_token": false,
"apikey_qs": "",
"apikey_header": "",
"login_url": "",
"enable_blocking": true,
"api_mapping": {
"internal_url": ""
},
"api_pattern_enforcement": {
"protocol_allowed": "",
"http_redirect": {
"response_code": "",
"response_def": "",
"https_url": ""
},
"methods_allowed": [],
"content_type_allowed": "",
"error_code": "401",
"error_def": "Unauthorized",
"error_message_body": "401 Unauthorized"
},
"flow_control": {
"client_spike_threshold": "0/second",
"server_connection_queueing": false
},
"api_memory_size": "128mb",
"health_check": true,
"health_check_interval": 60,
"health_retry_count": 4,
"health_url": "/health",
"server_ssl": false,
"servers": [
{
"host": "127.0.0.1",
"port": 8080,
"server_spike_threshold": "0/second",
"server_connection_quota": 0
},
{
"host": "127.0.0.1",
"port": 8081,
"server_spike_threshold": "0/second",
"server_connection_quota": 0
}
],
"decoy_config": {
"decoy_enabled": false,
"response_code": 200,
"response_def": "",
"response_message": "",
"decoy_subpaths": []
}
}
}
WebSocket API request:
{
"api_metadata": {
"protocol": "ws",
"url": "/your_websocket_api",
"hostname": "*",
"cookie": "",
"cookie_idle_timeout": "200m",
"logout_api_enabled": false,
"cookie_persistence_enabled": false,
"oauth2_access_token": false,
"apikey_qs": "",
"apikey_header": "",
"login_url": "",
"enable_blocking": true,
"api_mapping": {
"internal_url": ""
},
"api_pattern_enforcement": {
"protocol_allowed": "",
"http_redirect": {
"response_code": "",
"response_def": "",
"https_url": ""
},
"methods_allowed": [],
"content_type_allowed": "",
"error_code": "401",
"error_def": "Unauthorized",
"error_message_body": "401 Unauthorized"
},
"flow_control": {
"client_spike_threshold": "0/second",
"bytes_in_threshold": "0/second",
"bytes_out_threshold": "0/second",
"server_connection_queueing": false
},
"api_memory_size": "128mb",
"health_check": true,
"health_check_interval": 60,
"health_retry_count": 4,
"health_url": "/health",
"server_ssl": false,
"servers": [
{
"host": "127.0.0.1",
"port": 8080,
"server_connection_quota": 0
},
{
"host": "127.0.0.1",
"port": 8081,
"server_connection_quota": 0
}
],
"decoy_config": {
"decoy_enabled": false,
"response_code": 200,
"response_def": "",
"response_message": "",
"decoy_subpaths": []
}
}
}
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
success
|
|
|
|
|
Delete API (DELETE)
|
|
|
|
|
|
|
|
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
|
|
|
|
Create server (POST)
|
|
|
|
|
|
|
|
|
|
REST API request:
{
"server":
{
"host": "192.168.1.100",
"port": 8080,
"server_spike_threshold": "1/second",
"server_connection_quota": 100
}
}
WebSocket API Request
{
"server":
{
"host": "192.168.1.100",
"port": 8080,
"server_connection_quota": 100
}
}
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
Read server (GET)
|
|
|
|
|
|
|
|
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
REST API:
WebSocket API:
|
|
|
|
Delete server (DELETE)
|
|
|
|
|
|
|
|
|
|
{
“server”:
{
"host" : “192.168.1.100”,
"port" : 8080
}
}
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
Read cluster (GET)
|
|
|
|
|
|
|
|
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
|
|
|
|
Read persistent connections (GET)
|
|
|
|
|
|
|
|
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
|
|
|
|
Read firewall status (GET)
|
|
|
|
|
|
|
|
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
|
Update firewall status (POST)
|
|
|
|
|
|
|
|
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
If there is a status change:
If there is no change in status:
|
|
|
|
Add attack type to deny list (POST)
|
|
|
|
|
|
|
|
===============for IP===============
{
"type" : "ip",
"value" : "1.1.1.1"
}
===============for Token=============
{
"type" : "token",
"value" : "sadjhasiufgkjdsbfkgfa"
}
=============for Cookie/api_key=======
{
"type" : "cookie/token/api_key",
"name" : "JSESSIONID",
"value" : "ljkhasioutfdqbjsfdmakhflia"
}
Status code | Response body |
---|---|
|
Cookie |
|
Cookie |
|
|
|
|
|
|
|
|
|
|
|
|
Delete attack type to deny list (DELETE)
|
|
|
|
|
|
|
|
===============for IP===============
{
"type" : "ip",
"value" : "1.1.1.1"
}
===============for Token=============
{
"type" : "token",
"value" : "sadjhasiufgkjdsbfkgfa"
}
=============for Cookie/api_key=======
{
"type" : "cookie/token/api_key",
"name" : "JSESSIONID",
"value" : "ljkhasioutfdqbjsfdmakhflia"
}
Status code | Response body |
---|---|
|
Cookie |
|
Cookie |
|
|
|
|
|
|
|
|
|
|
|
|
Clear the deny list (DELETE)
|
|
|
|
|
|
|
|
Status code | Response body |
---|---|
|
|
|
|
|
|
|
|
|
|
|
|
View deny list (GET)
|
|
|
Note:
Default is
|
|
|
|
|
|
|
Status code | Response body |
---|---|
|
|
|
Cookie |
|
|
|
|
|
|
|
|
|
|
Add attack type to allow list (POST)
|
|
|
|
|
|
|
|
===============for IP===============
{
"type" : "ip",
"value" : "1.1.1.1"
}
===============for Token=============
{
"type" : "token",
"value" : "sadjhasiufgkjdsbfkgfa"
}
=============for Cookie/api_key=======
{
"type" : "cookie/token/api_key",
"name" : "JSESSIONID",
"value" : "ljkhasioutfdqbjsfdmakhflia"
}
Status code | Response body |
---|---|
|
Cookie |
|
Cookie |
|
|
|
|
|
|
|
|
|
|
|
|
Delete attack type from the allow list (DELETE)
|
|
|
|
|
|
|
|
===============for IP===============
{
"type" : "ip",
"value" : "1.1.1.1"
}
===============for Token=============
{
"type" : "token",
"value" : "sadjhasiufgkjdsbfkgfa"
}
=============for Cookie/api_key=======
{
"type" : "cookie/token/api_key",
"name" : "JSESSIONID",
"value" : "ljkhasioutfdqbjsfdmakhflia"
}
Status code | Response body |
---|---|
|
Cookie |
|
Cookie |
|
|
|
|
|
|
|
|
|
|
|
|
Clear allow list (DELETE)
|
|
|
|
|
|
|
|
Status code | Response body |
---|---|
|
|
|
|
|
|
|
|
|
|
|
|
View allow list (POST)
|
|
|
|
|
|
|
|
Status code | Response body |
---|---|
|
|
|
|
|
|
|
|
|
|
|
|
Read flow control of an API (GET)
|
|
|
|
|
|
|
|
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
Flow control for REST API:
Flow control for WebSocket API:
|
|
|
|
|
|
|
Update flow control for an API (POST)
|
|
|
|
|
|
|
|
REST APIs:
{ "flow_control": {
"client_spike_threshold": "0/second"
}
}
WebSocket APIs
{ "flow_control": {
"client_spike_threshold": "10/second",
"bytes_in_threshold": "10/second",
"bytes_out_threshold": "10/second"
}
}
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
Flow control for REST APIs:
Flow control for WebSocket APIs:
|
|
|
|
|
|
|
Update flow control for a server of an API (POST)
|
|
|
|
|
|
|
|
REST APIs:
{
"server":
{
"host": "127.0.0.2",
"port": 8080,
"server_connection_quota": 1000,
"server_spike_threshold": "10/second"
}
}
WebSocket APIs:
{
"server":
{
"host": "127.0.0.2",
"port": 8080,
"server_connection_quota": 100000
}
}
HTTP Code | Status | Content body (application/JSON) |
---|---|---|
|
|
|
|
|
|
|
|
|