AnsweredAssumed Answered

API Definition for API Protection

Question asked by hayato fukuda on Apr 21, 2017
Latest reply on Apr 24, 2017 by Will Austin

Hi all.

 

I'm trying to use API Protection which is new function for KSD 5.0, but I can not understand its input field and its function.

(I read KSD User Guide and blog https://community.akamai.com/docs/DOC-6995-kona-site-defender-api-protection, but I could not define my API)

 

If there is API on web site, and its endpoint is below.

URL: www[.]example[.]com/?rest_route=/wp/v2/pages/{id}

Method: GET ( deny other method )

 

Then, what's parameter should I define?

I'm testing parameter below, but it did not seem to work.

( Response POST method, and through invalid id. For example, www[.]example[.]com/?rest_route=/wp/v2/pages/foobar)

 

  • API Endpoint
  1. API Name: example api1
  2. Hostname: www[.]example[.]com
  3. Base Path: (empty)
  4. Category: example
  5. API Key Location: Header, Header Name: Authorization
  6. Allow request body constraints & resources defined below to be enforced as whitelists in Kona Site Defender Policy: NO

 

  • API Resource
  1. Resource Name:post
  2. Resource Path:/
  3. Method: GET(check)
  4. rest_route=/wp/v2/posts/
  5. Query String
  6. Number
  7. Range/Length
  8. No

Outcomes