Create Protected Application.

POST

/api/shape/bot/namespaces/{metadata.namespace}/protected_applications

const url = 'https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/shape/bot/namespaces/example/protected_applications';
const options = {
  method: 'POST',
  headers: {Authorization: '<Authorization>', 'Content-Type': 'application/json'},
  body: '{"metadata":{"annotations":{},"description":"example","disable":true,"labels":{},"name":"example","namespace":"example"},"spec":{"adobe_commerce_connector":{},"big_ip_iapp":{},"cloudflare":{"continue_mitigation_action_hdr":"example","disable_js_insert":{},"disable_mobile_sdk":{},"js_insertion_rules":{"exclude_list":[{"any_domain":{},"domain":{"exact_value":"example","regex_value":"example","suffix_value":"example"},"metadata":{"description":"example","name":"example"},"path":{"path":"example","prefix":"example","regex":"example"}}],"javascript_location":"JAVA_SCRIPT_LOCATION_UNDEFINED","js_download_path":"example","rules":[{"any_domain":{},"domain":{"exact_value":"example","regex_value":"example","suffix_value":"example"},"exact_path":"example","glob":"example","metadata":{"description":"example","name":"example"},"prefix":"example"}]},"loglevel":"LOG_UNDEFINED","manual_js_insert":{"js_download_path":"example"},"mobile_sdk_config":{"mobile_identifier":{"headers":[{"exact":"example","name":"example","regex":"example"}]}},"protected_endpoints":[{"any_domain":{},"domain":{"exact_value":"example","regex_value":"example","suffix_value":"example"},"http_methods":["METHOD_ANY"],"metadata":{"description":"example","name":"example"},"mobile_client":{"block":{"body":"example","content_type":"example","status":"EmptyStatusCode"},"continue":{"add_header":{},"no_header":{}}},"path":{"caseinsensitive":true,"path":"example"},"query":"example","web_client":{"block":{"body":"example","content_type":"example","status":"EmptyStatusCode"},"continue":{"add_header":{},"no_header":{}},"redirect":{"location":"example","status":"EmptyStatusCode"}},"web_mobile_client":{"block_mobile":{"body":"example","content_type":"example","status":"EmptyStatusCode"},"block_web":{"body":"example","content_type":"example","status":"EmptyStatusCode"},"continue_mobile":{"add_header":{},"no_header":{}},"continue_web":{"add_header":{},"no_header":{}},"redirect_web":{"location":"example","status":"EmptyStatusCode"}}}],"timeout":1,"trusted_clients":[{"http_header":{"headers":[{"exact":"example","name":"example","regex":"example"}]},"ip_prefix":"example","metadata":{"description":"example","name":"example"}}]},"cloudfront":{"aws_configuration_id_selector":{"ids":["example"]},"aws_configuration_tag_selector":{"tags":{}},"continue_mitigation_action_hdr":"example","data_sample":1,"disable_aws_configuration":{},"disable_js_insert":{},"disable_mobile_sdk":{},"js_insertion_rules":{"exclude_list":[{"any_domain":{},"domain":{"exact_value":"example","regex_value":"example","suffix_value":"example"},"metadata":{"description":"example","name":"example"},"path":{"path":"example","prefix":"example","regex":"example"}}],"javascript_location":"JAVA_SCRIPT_LOCATION_UNDEFINED","javascript_mode":"ASYNC_JS_NO_CACHING","js_download_path":"example","rules":[{"any_domain":{},"domain":{"exact_value":"example","regex_value":"example","suffix_value":"example"},"exact_path":"example","glob":"example","metadata":{"description":"example","name":"example"},"prefix":"example"}]},"loglevel":"LOG_UNDEFINED","manual_js_insert":{"javascript_mode":"ASYNC_JS_NO_CACHING","js_download_path":"example"},"mobile_sdk_config":{"mobile_identifier":{"headers":[{"exact":"example","name":"example","regex":"example"}]}},"protected_endpoints":[{"any_domain":{},"domain":{"exact_value":"example","regex_value":"example","suffix_value":"example"},"flow_label":{"account_management":{"create":{},"password_reset":{}},"authentication":{"login":{"disable_transaction_result":{},"transaction_result":{"failure_conditions":[{"name":"example","regex_values":["example"],"status":"EmptyStatusCode"}],"success_conditions":[{"name":"example","regex_values":["example"],"status":"EmptyStatusCode"}]}},"login_mfa":{},"login_partner":{},"logout":{},"token_refresh":{}},"financial_services":{"apply":{},"money_transfer":{}},"flight":{"checkin":{}},"profile_management":{"create":{},"update":{},"view":{}},"search":{"flight_search":{},"product_search":{},"reservation_search":{},"room_search":{}},"shopping_gift_cards":{"gift_card_make_purchase_with_gift_card":{},"gift_card_validation":{},"shop_add_to_cart":{},"shop_checkout":{},"shop_choose_seat":{},"shop_enter_drawing_submission":{},"shop_make_payment":{},"shop_order":{},"shop_price_inquiry":{},"shop_promo_code_validation":{},"shop_purchase_gift_card":{},"shop_update_quantity":{}}},"http_methods":["METHOD_ANY"],"metadata":{"description":"example","name":"example"},"mobile_client":{"block":{"body":"example","content_type":"example","status":"EmptyStatusCode"},"continue":{"add_header":{},"no_header":{}}},"path":"example","query":"example","undefined_flow_label":{},"web_client":{"block":{"body":"example","content_type":"example","status":"EmptyStatusCode"},"continue":{"add_header":{},"no_header":{}},"redirect":{"location":"example","status":"EmptyStatusCode"}},"web_mobile_client":{"block_mobile":{"body":"example","content_type":"example","status":"EmptyStatusCode"},"block_web":{"body":"example","content_type":"example","status":"EmptyStatusCode"},"continue_mobile":{"add_header":{},"no_header":{}},"continue_web":{"add_header":{},"no_header":{}},"redirect_web":{"location":"example","status":"EmptyStatusCode"}}}],"timeout":1,"trusted_clients":[{"http_header":{"headers":[{"exact":"example","name":"example","regex":"example"}]},"ip_prefix":"example","metadata":{"description":"example","name":"example"}}]},"custom_connector":{},"f5_big_ip":{},"region":"US","salesforce_commerce_connector":{}}}'
};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}

curl --request POST \
  --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/shape/bot/namespaces/example/protected_applications \
  --header 'Authorization: <Authorization>' \
  --header 'Content-Type: application/json' \
  --data '{ "metadata": { "annotations": {}, "description": "example", "disable": true, "labels": {}, "name": "example", "namespace": "example" }, "spec": { "adobe_commerce_connector": {}, "big_ip_iapp": {}, "cloudflare": { "continue_mitigation_action_hdr": "example", "disable_js_insert": {}, "disable_mobile_sdk": {}, "js_insertion_rules": { "exclude_list": [ { "any_domain": {}, "domain": { "exact_value": "example", "regex_value": "example", "suffix_value": "example" }, "metadata": { "description": "example", "name": "example" }, "path": { "path": "example", "prefix": "example", "regex": "example" } } ], "javascript_location": "JAVA_SCRIPT_LOCATION_UNDEFINED", "js_download_path": "example", "rules": [ { "any_domain": {}, "domain": { "exact_value": "example", "regex_value": "example", "suffix_value": "example" }, "exact_path": "example", "glob": "example", "metadata": { "description": "example", "name": "example" }, "prefix": "example" } ] }, "loglevel": "LOG_UNDEFINED", "manual_js_insert": { "js_download_path": "example" }, "mobile_sdk_config": { "mobile_identifier": { "headers": [ { "exact": "example", "name": "example", "regex": "example" } ] } }, "protected_endpoints": [ { "any_domain": {}, "domain": { "exact_value": "example", "regex_value": "example", "suffix_value": "example" }, "http_methods": [ "METHOD_ANY" ], "metadata": { "description": "example", "name": "example" }, "mobile_client": { "block": { "body": "example", "content_type": "example", "status": "EmptyStatusCode" }, "continue": { "add_header": {}, "no_header": {} } }, "path": { "caseinsensitive": true, "path": "example" }, "query": "example", "web_client": { "block": { "body": "example", "content_type": "example", "status": "EmptyStatusCode" }, "continue": { "add_header": {}, "no_header": {} }, "redirect": { "location": "example", "status": "EmptyStatusCode" } }, "web_mobile_client": { "block_mobile": { "body": "example", "content_type": "example", "status": "EmptyStatusCode" }, "block_web": { "body": "example", "content_type": "example", "status": "EmptyStatusCode" }, "continue_mobile": { "add_header": {}, "no_header": {} }, "continue_web": { "add_header": {}, "no_header": {} }, "redirect_web": { "location": "example", "status": "EmptyStatusCode" } } } ], "timeout": 1, "trusted_clients": [ { "http_header": { "headers": [ { "exact": "example", "name": "example", "regex": "example" } ] }, "ip_prefix": "example", "metadata": { "description": "example", "name": "example" } } ] }, "cloudfront": { "aws_configuration_id_selector": { "ids": [ "example" ] }, "aws_configuration_tag_selector": { "tags": {} }, "continue_mitigation_action_hdr": "example", "data_sample": 1, "disable_aws_configuration": {}, "disable_js_insert": {}, "disable_mobile_sdk": {}, "js_insertion_rules": { "exclude_list": [ { "any_domain": {}, "domain": { "exact_value": "example", "regex_value": "example", "suffix_value": "example" }, "metadata": { "description": "example", "name": "example" }, "path": { "path": "example", "prefix": "example", "regex": "example" } } ], "javascript_location": "JAVA_SCRIPT_LOCATION_UNDEFINED", "javascript_mode": "ASYNC_JS_NO_CACHING", "js_download_path": "example", "rules": [ { "any_domain": {}, "domain": { "exact_value": "example", "regex_value": "example", "suffix_value": "example" }, "exact_path": "example", "glob": "example", "metadata": { "description": "example", "name": "example" }, "prefix": "example" } ] }, "loglevel": "LOG_UNDEFINED", "manual_js_insert": { "javascript_mode": "ASYNC_JS_NO_CACHING", "js_download_path": "example" }, "mobile_sdk_config": { "mobile_identifier": { "headers": [ { "exact": "example", "name": "example", "regex": "example" } ] } }, "protected_endpoints": [ { "any_domain": {}, "domain": { "exact_value": "example", "regex_value": "example", "suffix_value": "example" }, "flow_label": { "account_management": { "create": {}, "password_reset": {} }, "authentication": { "login": { "disable_transaction_result": {}, "transaction_result": { "failure_conditions": [ { "name": "example", "regex_values": [ "example" ], "status": "EmptyStatusCode" } ], "success_conditions": [ { "name": "example", "regex_values": [ "example" ], "status": "EmptyStatusCode" } ] } }, "login_mfa": {}, "login_partner": {}, "logout": {}, "token_refresh": {} }, "financial_services": { "apply": {}, "money_transfer": {} }, "flight": { "checkin": {} }, "profile_management": { "create": {}, "update": {}, "view": {} }, "search": { "flight_search": {}, "product_search": {}, "reservation_search": {}, "room_search": {} }, "shopping_gift_cards": { "gift_card_make_purchase_with_gift_card": {}, "gift_card_validation": {}, "shop_add_to_cart": {}, "shop_checkout": {}, "shop_choose_seat": {}, "shop_enter_drawing_submission": {}, "shop_make_payment": {}, "shop_order": {}, "shop_price_inquiry": {}, "shop_promo_code_validation": {}, "shop_purchase_gift_card": {}, "shop_update_quantity": {} } }, "http_methods": [ "METHOD_ANY" ], "metadata": { "description": "example", "name": "example" }, "mobile_client": { "block": { "body": "example", "content_type": "example", "status": "EmptyStatusCode" }, "continue": { "add_header": {}, "no_header": {} } }, "path": "example", "query": "example", "undefined_flow_label": {}, "web_client": { "block": { "body": "example", "content_type": "example", "status": "EmptyStatusCode" }, "continue": { "add_header": {}, "no_header": {} }, "redirect": { "location": "example", "status": "EmptyStatusCode" } }, "web_mobile_client": { "block_mobile": { "body": "example", "content_type": "example", "status": "EmptyStatusCode" }, "block_web": { "body": "example", "content_type": "example", "status": "EmptyStatusCode" }, "continue_mobile": { "add_header": {}, "no_header": {} }, "continue_web": { "add_header": {}, "no_header": {} }, "redirect_web": { "location": "example", "status": "EmptyStatusCode" } } } ], "timeout": 1, "trusted_clients": [ { "http_header": { "headers": [ { "exact": "example", "name": "example", "regex": "example" } ] }, "ip_prefix": "example", "metadata": { "description": "example", "name": "example" } } ] }, "custom_connector": {}, "f5_big_ip": {}, "region": "US", "salesforce_commerce_connector": {} } }'

Create applications protected by Bot Defense.

Examples of this operation.

Authorizations

ApiToken

Parameters

Path Parameters

metadata.namespace

required

string

Namespace This defines the workspace within which each the configuration object is to be created. Must be a DNS_LABEL format. For a namespace object itself, namespace value will be ""

Request Body^required

application/json

CreateRequest is used to create an instance of protected_application

This is the input message of the ‘Create’ RPC.

object

metadata

object

annotations

annotations

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects.

object

description

description

Human readable description for the object.

string

>= 21 characters <= 1200 characters

disable

disable

A value of true will administratively disable the object.

boolean format: boolean

labels

labels

Map of string keys and values that can be used to organize and categorize (scope and select) objects as chosen by the user. Values specified here will be used by selector expression.

object

name

name

This is the name of configuration object. It has to be unique within the namespace. It can only be specified during create API and cannot be changed during replace API. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 6 characters <= 1024 characters

namespace

namespace

This defines the workspace within which each the configuration object is to be created. Must be a DNS_LABEL format. For a namespace object itself, namespace value will be ""

string

>= 6 characters <= 1024 characters

spec

object

adobe_commerce_connector

object

big_ip_iapp

object

cloudflare

object

continue_mitigation_action_hdr

Continue Header name

A case-insensitive HTTP header name for Continue Mitigation Action when add header selected.

string

<= 256 characters

disable_js_insert

object

disable_mobile_sdk

object

js_insertion_rules

object

exclude_list

exclude_list

Optional JavaScript insertions exclude list of domain and path matchers.

Array<object>

<= 128 items

JavaScriptExclusionRule

Define JavaScript insertion exclusion rule.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

path

object

path

exact

Exclusive with [prefix regex] Exact path value to match.

string

<= 256 characters

prefix

prefix

Exclusive with [path regex] Path prefix to match (e.g. The value / will match on all paths)

string

<= 256 characters

regex

regex

Exclusive with [path prefix] Regular expression of path match (e.g. The value .* will match on all paths)

string

>= 1 characters <= 256 characters

javascript_location

string

default: JAVA_SCRIPT_LOCATION_UNDEFINED

Allowed values: JAVA_SCRIPT_LOCATION_UNDEFINED AFTER_HEAD AFTER_TITLE_END BEFORE_SCRIPT

js_download_path

js_download_path

Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.

If not specified, default to ‘/common.js’.

string

<= 1024 characters

rules

rules

Required list of pages to insert Bot Defense client JavaScript.

Required: YES.

Array<object>

>= 1 items <= 128 items

JavaScriptInsertionRule

This defines a rule for Bot Defense JavaScript insertion.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

exact_path

path

Exclusive with [glob prefix] Exact path value to match.

string

<= 256 characters

glob

glob

Exclusive with [exact_path prefix]

Accepts wildcards * to match multiple characters or ? To match a single character.

string

>= 1 characters <= 256 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

prefix

prefix

Exclusive with [exact_path glob] Path prefix to match (e.g. The value / will match on all paths)

string

<= 256 characters

loglevel

string

default: LOG_UNDEFINED

Allowed values: LOG_UNDEFINED LOG_ERROR LOG_WARNING LOG_INFO LOG_DEBUG

manual_js_insert

object

js_download_path

js_download_path

Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.

If not specified, default to ‘/common.js’.

string

<= 1024 characters

mobile_sdk_config

object

mobile_identifier

object

headers

Mobile headers

A list of headers that can be used to identify mobile traffic.

Array<object>

<= 16 items

HeaderMatcherType

Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.

object

exact

exact

Exclusive with [regex] Header value to match exactly.

string

<= 256 characters

name

name

Name of the header Required: YES.

string

>= 1 characters <= 256 characters

regex

regex

Exclusive with [exact] Regex match of the header value in re2 format.

string

<= 256 characters

protected_endpoints

protected_endpoints

List of protected endpoints (max 128 items)

Required: YES.

Array<object>

>= 1 items <= 128 items

ProtectedEndpointType

Add the name and description for the protected endpoint.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

http_methods

HTTP Methods

List of HTTP methods.

Required: YES.

Array<string>

>= 1 items <= 4 items

Allowed values: METHOD_ANY METHOD_GET METHOD_POST METHOD_PUT METHOD_PATCH METHOD_DELETE METHOD_GET_DOCUMENT

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

mobile_client

object

block

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

Allowed values: EmptyStatusCode Continue OK Created Accepted NonAuthoritativeInformation NoContent ResetContent PartialContent MultiStatus AlreadyReported IMUsed MultipleChoices MovedPermanently Found SeeOther NotModified UseProxy TemporaryRedirect PermanentRedirect BadRequest Unauthorized PaymentRequired Forbidden NotFound MethodNotAllowed NotAcceptable ProxyAuthenticationRequired RequestTimeout Conflict Gone LengthRequired PreconditionFailed PayloadTooLarge URITooLong UnsupportedMediaType RangeNotSatisfiable ExpectationFailed MisdirectedRequest UnprocessableEntity Locked FailedDependency UpgradeRequired PreconditionRequired TooManyRequests RequestHeaderFieldsTooLarge InternalServerError NotImplemented BadGateway ServiceUnavailable GatewayTimeout HTTPVersionNotSupported VariantAlsoNegotiates InsufficientStorage LoopDetected NotExtended NetworkAuthenticationRequired

continue

object

add_header

object

no_header

object

path

object

caseinsensitive

Case insensitive

Should path be searched case insensitive;

boolean format: boolean

path

Path

URI Path Required: YES.

string

>= 1 characters <= 256 characters

query

Query

Enter a regular expression to match your query parameters of interest.

string

<= 256 characters

web_client

object

block

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

continue

object

add_header

object

no_header

object

redirect

object

location

URI

URI location for redirect reponse Required: YES.

string

>= 4 characters <= 512 characters

status

string

default: EmptyStatusCode

web_mobile_client

object

block_mobile

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

block_web

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

continue_mobile

object

add_header

object

no_header

object

continue_web

object

add_header

object

no_header

object

redirect_web

object

location

URI

URI location for redirect reponse Required: YES.

string

>= 4 characters <= 512 characters

status

string

default: EmptyStatusCode

timeout

timeout

The timeout for the inference check, in milliseconds.

integer format: int64

trusted_clients

Trusted Client Rules

Define your allowlists to skip Bot Defense inference processing.

Array<object>

<= 256 items

ClientBypassRule

Client source rule specifies the sources to be trusted.

object

http_header

object

headers

headers

List of HTTP header name and value pairs

Required: YES.

Array<object>

<= 16 items

HeaderMatcherType

Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.

object

exact

exact

Exclusive with [regex] Header value to match exactly.

string

<= 256 characters

name

name

Name of the header Required: YES.

string

>= 1 characters <= 256 characters

regex

regex

Exclusive with [exact] Regex match of the header value in re2 format.

string

<= 256 characters

ip_prefix

ip prefix

Exclusive with [http_header] IP prefix string.

string

<= 1024 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

cloudfront

object

aws_configuration_id_selector

object

ids

ids

Add AWS CloudFront distribution ID, e.g. ABCDEFGHI0JKLM Required: YES.

Array<string>

>= 1 items <= 16 items

aws_configuration_tag_selector

object

tags

tags

List contains the Cloudfront distribution selection by tags key is a AWS tag name, and the value is regular expression to match Required: YES.

object

continue_mitigation_action_hdr

Continue Header name

A case-insensitive HTTP header name for Continue Mitigation Action when add header selected.

string

<= 256 characters

data_sample

DataSample

Limit on amount of request-body data (other than F5 telemetry) to send for analysis (limit 1,048,576 == 1 MiByte)

integer format: int64

disable_aws_configuration

object

disable_js_insert

object

disable_mobile_sdk

object

js_insertion_rules

object

exclude_list

exclude_list

Optional JavaScript insertions exclude list of domain and path matchers.

Array<object>

<= 128 items

JavaScriptExclusionRule

Define JavaScript insertion exclusion rule.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

path

object

path

exact

Exclusive with [prefix regex] Exact path value to match.

string

<= 256 characters

prefix

prefix

Exclusive with [path regex] Path prefix to match (e.g. The value / will match on all paths)

string

<= 256 characters

regex

regex

Exclusive with [path prefix] Regular expression of path match (e.g. The value .* will match on all paths)

string

>= 1 characters <= 256 characters

javascript_location

string

default: JAVA_SCRIPT_LOCATION_UNDEFINED

Allowed values: JAVA_SCRIPT_LOCATION_UNDEFINED AFTER_HEAD AFTER_TITLE_END BEFORE_SCRIPT

javascript_mode

string

default: ASYNC_JS_NO_CACHING

Allowed values: ASYNC_JS_NO_CACHING ASYNC_JS_CACHING SYNC_JS_NO_CACHING SYNC_JS_CACHING

js_download_path

js_download_path

Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.

If not specified, default to ‘/common.js’.

string

<= 1024 characters

rules

rules

Required list of pages to insert Bot Defense client JavaScript.

Required: YES.

Array<object>

>= 1 items <= 128 items

JavaScriptInsertionRule

This defines a rule for Bot Defense JavaScript insertion.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

exact_path

path

Exclusive with [glob prefix] Exact path value to match.

string

<= 256 characters

glob

glob

Exclusive with [exact_path prefix]

Accepts wildcards * to match multiple characters or ? To match a single character.

string

>= 1 characters <= 256 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

prefix

prefix

Exclusive with [exact_path glob] Path prefix to match (e.g. The value / will match on all paths)

string

<= 256 characters

loglevel

string

default: LOG_UNDEFINED

Allowed values: LOG_UNDEFINED LOG_ERROR LOG_WARNING LOG_INFO LOG_DEBUG

manual_js_insert

object

javascript_mode

string

default: ASYNC_JS_NO_CACHING

Allowed values: ASYNC_JS_NO_CACHING ASYNC_JS_CACHING SYNC_JS_NO_CACHING SYNC_JS_CACHING

js_download_path

js_download_path

Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.

If not specified, default to ‘/common.js’.

string

<= 1024 characters

mobile_sdk_config

object

mobile_identifier

object

headers

Mobile headers

A list of headers that can be used to identify mobile traffic.

Array<object>

<= 16 items

HeaderMatcherType

Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.

object

exact

exact

Exclusive with [regex] Header value to match exactly.

string

<= 256 characters

name

name

Name of the header Required: YES.

string

>= 1 characters <= 256 characters

regex

regex

Exclusive with [exact] Regex match of the header value in re2 format.

string

<= 256 characters

protected_endpoints

protected_endpoints

List of protected endpoints (max 128 items)

Required: YES.

Array<object>

>= 1 items <= 128 items

ProtectedEndpointType

Add the name and description for the protected endpoint.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

flow_label

object

account_management

object

create

object

password_reset

object

authentication

object

login

object

disable_transaction_result

object

transaction_result

object

failure_conditions

Failure Conditions

Failure Conditions.

Array<object>

<= 3 items

BotDefenseTransactionResultCondition

Bot Defense Transaction Result Condition.

object

name

name

A case-insensitive HTTP header name.

string

>= 6 characters <= 256 characters

regex_values

regex values

A list of regular expressions to match the input against.

Array<string>

<= 16 items

status

string

default: EmptyStatusCode

success_conditions

Success Conditions

Success Conditions.

Array<object>

<= 3 items

BotDefenseTransactionResultCondition

Bot Defense Transaction Result Condition.

object

name

name

A case-insensitive HTTP header name.

string

>= 6 characters <= 256 characters

regex_values

regex values

A list of regular expressions to match the input against.

Array<string>

<= 16 items

status

string

default: EmptyStatusCode

login_mfa

object

login_partner

object

logout

object

token_refresh

object

financial_services

object

apply

object

money_transfer

object

flight

object

checkin

object

profile_management

object

create

object

update

object

view

object

search

object

flight_search

object

product_search

object

reservation_search

object

room_search

object

shopping_gift_cards

object

gift_card_make_purchase_with_gift_card

object

gift_card_validation

object

shop_add_to_cart

object

shop_checkout

object

shop_choose_seat

object

shop_enter_drawing_submission

object

shop_make_payment

object

shop_order

object

shop_price_inquiry

object

shop_promo_code_validation

object

shop_purchase_gift_card

object

shop_update_quantity

object

http_methods

HTTP Methods

List of HTTP methods.

Required: YES.

Array<string>

>= 1 items <= 4 items

Allowed values: METHOD_ANY METHOD_GET METHOD_POST METHOD_PUT METHOD_PATCH METHOD_DELETE METHOD_GET_DOCUMENT

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

mobile_client

object

block

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

continue

object

add_header

object

no_header

object

path

Path

Accepts wildcards * to match multiple characters or ? To match a single character Required: YES.

string

>= 1 characters <= 256 characters

query

Query

Enter a regular expression to match your query parameters of interest.

string

<= 256 characters

undefined_flow_label

object

web_client

object

block

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

continue

object

add_header

object

no_header

object

redirect

object

location

URI

URI location for redirect reponse Required: YES.

string

>= 4 characters <= 512 characters

status

string

default: EmptyStatusCode

web_mobile_client

object

block_mobile

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

block_web

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

continue_mobile

object

add_header

object

no_header

object

continue_web

object

add_header

object

no_header

object

redirect_web

object

location

URI

URI location for redirect reponse Required: YES.

string

>= 4 characters <= 512 characters

status

string

default: EmptyStatusCode

timeout

timeout

The timeout for the inference check, in milliseconds.

integer format: int64

trusted_clients

Trusted Client Rules

Define your allowlists to skip Bot Defense inference processing.

Array<object>

<= 256 items

ClientBypassRule

Client source rule specifies the sources to be trusted.

object

http_header

object

headers

headers

List of HTTP header name and value pairs

Required: YES.

Array<object>

<= 16 items

HeaderMatcherType

Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.

object

exact

exact

Exclusive with [regex] Header value to match exactly.

string

<= 256 characters

name

name

Name of the header Required: YES.

string

>= 1 characters <= 256 characters

regex

regex

Exclusive with [exact] Regex match of the header value in re2 format.

string

<= 256 characters

ip_prefix

ip prefix

Exclusive with [http_header] IP prefix string.

string

<= 1024 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

custom_connector

object

f5_big_ip

object

region

string

default: US

Allowed values: US EU ASIA CA

salesforce_commerce_connector

object

Responses

200

A successful response.

application/json

object

metadata

object

annotations

annotations

object

description

description

Human readable description for the object.

string

>= 21 characters <= 1200 characters

disable

disable

A value of true will administratively disable the object.

boolean format: boolean

labels

labels

Map of string keys and values that can be used to organize and categorize (scope and select) objects as chosen by the user. Values specified here will be used by selector expression.

object

name

name

string

>= 6 characters <= 1024 characters

namespace

namespace

This defines the workspace within which each the configuration object is to be created. Must be a DNS_LABEL format. For a namespace object itself, namespace value will be ""

string

>= 6 characters <= 1024 characters

spec

object

adobe_commerce_connector

object

app_id

Protected application ID.

string

<= 1024 characters

big_ip_iapp

object

cloudflare

object

continue_mitigation_action_hdr

Continue Header name

A case-insensitive HTTP header name for Continue Mitigation Action when add header selected.

string

<= 256 characters

disable_js_insert

object

disable_mobile_sdk

object

js_insertion_rules

object

exclude_list

exclude_list

Optional JavaScript insertions exclude list of domain and path matchers.

Array<object>

<= 128 items

JavaScriptExclusionRule

Define JavaScript insertion exclusion rule.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

path

object

path

exact

Exclusive with [prefix regex] Exact path value to match.

string

<= 256 characters

prefix

prefix

Exclusive with [path regex] Path prefix to match (e.g. The value / will match on all paths)

string

<= 256 characters

regex

regex

Exclusive with [path prefix] Regular expression of path match (e.g. The value .* will match on all paths)

string

>= 1 characters <= 256 characters

javascript_location

string

default: JAVA_SCRIPT_LOCATION_UNDEFINED

Allowed values: JAVA_SCRIPT_LOCATION_UNDEFINED AFTER_HEAD AFTER_TITLE_END BEFORE_SCRIPT

js_download_path

js_download_path

Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.

If not specified, default to ‘/common.js’.

string

<= 1024 characters

rules

rules

Required list of pages to insert Bot Defense client JavaScript.

Required: YES.

Array<object>

>= 1 items <= 128 items

JavaScriptInsertionRule

This defines a rule for Bot Defense JavaScript insertion.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

exact_path

path

Exclusive with [glob prefix] Exact path value to match.

string

<= 256 characters

glob

glob

Exclusive with [exact_path prefix]

Accepts wildcards * to match multiple characters or ? To match a single character.

string

>= 1 characters <= 256 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

prefix

prefix

Exclusive with [exact_path glob] Path prefix to match (e.g. The value / will match on all paths)

string

<= 256 characters

loglevel

string

default: LOG_UNDEFINED

Allowed values: LOG_UNDEFINED LOG_ERROR LOG_WARNING LOG_INFO LOG_DEBUG

manual_js_insert

object

js_download_path

js_download_path

Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.

If not specified, default to ‘/common.js’.

string

<= 1024 characters

mobile_sdk_config

object

mobile_identifier

object

headers

Mobile headers

A list of headers that can be used to identify mobile traffic.

Array<object>

<= 16 items

HeaderMatcherType

Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.

object

exact

exact

Exclusive with [regex] Header value to match exactly.

string

<= 256 characters

name

name

Name of the header Required: YES.

string

>= 1 characters <= 256 characters

regex

regex

Exclusive with [exact] Regex match of the header value in re2 format.

string

<= 256 characters

protected_endpoints

protected_endpoints

List of protected endpoints (max 128 items)

Required: YES.

Array<object>

>= 1 items <= 128 items

ProtectedEndpointType

Add the name and description for the protected endpoint.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

http_methods

HTTP Methods

List of HTTP methods.

Required: YES.

Array<string>

>= 1 items <= 4 items

Allowed values: METHOD_ANY METHOD_GET METHOD_POST METHOD_PUT METHOD_PATCH METHOD_DELETE METHOD_GET_DOCUMENT

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

mobile_client

object

block

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

continue

object

add_header

object

no_header

object

path

object

caseinsensitive

Case insensitive

Should path be searched case insensitive;

boolean format: boolean

path

Path

URI Path Required: YES.

string

>= 1 characters <= 256 characters

query

Query

Enter a regular expression to match your query parameters of interest.

string

<= 256 characters

web_client

object

block

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

continue

object

add_header

object

no_header

object

redirect

object

location

URI

URI location for redirect reponse Required: YES.

string

>= 4 characters <= 512 characters

status

string

default: EmptyStatusCode

web_mobile_client

object

block_mobile

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

block_web

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

continue_mobile

object

add_header

object

no_header

object

continue_web

object

add_header

object

no_header

object

redirect_web

object

location

URI

URI location for redirect reponse Required: YES.

string

>= 4 characters <= 512 characters

status

string

default: EmptyStatusCode

timeout

timeout

The timeout for the inference check, in milliseconds.

integer format: int64

trusted_clients

Trusted Client Rules

Define your allowlists to skip Bot Defense inference processing.

Array<object>

<= 256 items

ClientBypassRule

Client source rule specifies the sources to be trusted.

object

http_header

object

headers

headers

List of HTTP header name and value pairs

Required: YES.

Array<object>

<= 16 items

HeaderMatcherType

Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.

object

exact

exact

Exclusive with [regex] Header value to match exactly.

string

<= 256 characters

name

name

Name of the header Required: YES.

string

>= 1 characters <= 256 characters

regex

regex

Exclusive with [exact] Regex match of the header value in re2 format.

string

<= 256 characters

ip_prefix

ip prefix

Exclusive with [http_header] IP prefix string.

string

<= 1024 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

cloudfront

object

aws_configuration_id_selector

object

ids

ids

Add AWS CloudFront distribution ID, e.g. ABCDEFGHI0JKLM Required: YES.

Array<string>

>= 1 items <= 16 items

aws_configuration_tag_selector

object

tags

tags

List contains the Cloudfront distribution selection by tags key is a AWS tag name, and the value is regular expression to match Required: YES.

object

continue_mitigation_action_hdr

Continue Header name

A case-insensitive HTTP header name for Continue Mitigation Action when add header selected.

string

<= 256 characters

data_sample

DataSample

Limit on amount of request-body data (other than F5 telemetry) to send for analysis (limit 1,048,576 == 1 MiByte)

integer format: int64

disable_aws_configuration

object

disable_js_insert

object

disable_mobile_sdk

object

js_insertion_rules

object

exclude_list

exclude_list

Optional JavaScript insertions exclude list of domain and path matchers.

Array<object>

<= 128 items

JavaScriptExclusionRule

Define JavaScript insertion exclusion rule.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

path

object

path

exact

Exclusive with [prefix regex] Exact path value to match.

string

<= 256 characters

prefix

prefix

Exclusive with [path regex] Path prefix to match (e.g. The value / will match on all paths)

string

<= 256 characters

regex

regex

Exclusive with [path prefix] Regular expression of path match (e.g. The value .* will match on all paths)

string

>= 1 characters <= 256 characters

javascript_location

string

default: JAVA_SCRIPT_LOCATION_UNDEFINED

Allowed values: JAVA_SCRIPT_LOCATION_UNDEFINED AFTER_HEAD AFTER_TITLE_END BEFORE_SCRIPT

javascript_mode

string

default: ASYNC_JS_NO_CACHING

Allowed values: ASYNC_JS_NO_CACHING ASYNC_JS_CACHING SYNC_JS_NO_CACHING SYNC_JS_CACHING

js_download_path

js_download_path

Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.

If not specified, default to ‘/common.js’.

string

<= 1024 characters

rules

rules

Required list of pages to insert Bot Defense client JavaScript.

Required: YES.

Array<object>

>= 1 items <= 128 items

JavaScriptInsertionRule

This defines a rule for Bot Defense JavaScript insertion.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

exact_path

path

Exclusive with [glob prefix] Exact path value to match.

string

<= 256 characters

glob

glob

Exclusive with [exact_path prefix]

Accepts wildcards * to match multiple characters or ? To match a single character.

string

>= 1 characters <= 256 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

prefix

prefix

Exclusive with [exact_path glob] Path prefix to match (e.g. The value / will match on all paths)

string

<= 256 characters

loglevel

string

default: LOG_UNDEFINED

Allowed values: LOG_UNDEFINED LOG_ERROR LOG_WARNING LOG_INFO LOG_DEBUG

manual_js_insert

object

javascript_mode

string

default: ASYNC_JS_NO_CACHING

Allowed values: ASYNC_JS_NO_CACHING ASYNC_JS_CACHING SYNC_JS_NO_CACHING SYNC_JS_CACHING

js_download_path

js_download_path

Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.

If not specified, default to ‘/common.js’.

string

<= 1024 characters

mobile_sdk_config

object

mobile_identifier

object

headers

Mobile headers

A list of headers that can be used to identify mobile traffic.

Array<object>

<= 16 items

HeaderMatcherType

Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.

object

exact

exact

Exclusive with [regex] Header value to match exactly.

string

<= 256 characters

name

name

Name of the header Required: YES.

string

>= 1 characters <= 256 characters

regex

regex

Exclusive with [exact] Regex match of the header value in re2 format.

string

<= 256 characters

protected_endpoints

protected_endpoints

List of protected endpoints (max 128 items)

Required: YES.

Array<object>

>= 1 items <= 128 items

ProtectedEndpointType

Add the name and description for the protected endpoint.

object

any_domain

object

domain

object

exact_value

exact value

Exclusive with [regex_value suffix_value] Exact domain name.

string

>= 1 characters <= 256 characters

regex_value

regex values of Domains

Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.

string

>= 1 characters <= 256 characters

suffix_value

suffix value

Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”

string

>= 1 characters <= 256 characters

flow_label

object

account_management

object

create

object

password_reset

object

authentication

object

login

object

disable_transaction_result

object

transaction_result

object

failure_conditions

Failure Conditions

Failure Conditions.

Array<object>

<= 3 items

BotDefenseTransactionResultCondition

Bot Defense Transaction Result Condition.

object

name

name

A case-insensitive HTTP header name.

string

>= 6 characters <= 256 characters

regex_values

regex values

A list of regular expressions to match the input against.

Array<string>

<= 16 items

status

string

default: EmptyStatusCode

success_conditions

Success Conditions

Success Conditions.

Array<object>

<= 3 items

BotDefenseTransactionResultCondition

Bot Defense Transaction Result Condition.

object

name

name

A case-insensitive HTTP header name.

string

>= 6 characters <= 256 characters

regex_values

regex values

A list of regular expressions to match the input against.

Array<string>

<= 16 items

status

string

default: EmptyStatusCode

login_mfa

object

login_partner

object

logout

object

token_refresh

object

financial_services

object

apply

object

money_transfer

object

flight

object

checkin

object

profile_management

object

create

object

update

object

view

object

search

object

flight_search

object

product_search

object

reservation_search

object

room_search

object

shopping_gift_cards

object

gift_card_make_purchase_with_gift_card

object

gift_card_validation

object

shop_add_to_cart

object

shop_checkout

object

shop_choose_seat

object

shop_enter_drawing_submission

object

shop_make_payment

object

shop_order

object

shop_price_inquiry

object

shop_promo_code_validation

object

shop_purchase_gift_card

object

shop_update_quantity

object

http_methods

HTTP Methods

List of HTTP methods.

Required: YES.

Array<string>

>= 1 items <= 4 items

Allowed values: METHOD_ANY METHOD_GET METHOD_POST METHOD_PUT METHOD_PATCH METHOD_DELETE METHOD_GET_DOCUMENT

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

mobile_client

object

block

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

continue

object

add_header

object

no_header

object

path

Path

Accepts wildcards * to match multiple characters or ? To match a single character Required: YES.

string

>= 1 characters <= 256 characters

query

Query

Enter a regular expression to match your query parameters of interest.

string

<= 256 characters

undefined_flow_label

object

web_client

object

block

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

continue

object

add_header

object

no_header

object

redirect

object

location

URI

URI location for redirect reponse Required: YES.

string

>= 4 characters <= 512 characters

status

string

default: EmptyStatusCode

web_mobile_client

object

block_mobile

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

block_web

object

body

body

Custom body message.

string

<= 4096 characters

content_type

content_type

Content type to use in a block response.

string

<= 128 characters

status

string

default: EmptyStatusCode

continue_mobile

object

add_header

object

no_header

object

continue_web

object

add_header

object

no_header

object

redirect_web

object

location

URI

URI location for redirect reponse Required: YES.

string

>= 4 characters <= 512 characters

status

string

default: EmptyStatusCode

timeout

timeout

The timeout for the inference check, in milliseconds.

integer format: int64

trusted_clients

Trusted Client Rules

Define your allowlists to skip Bot Defense inference processing.

Array<object>

<= 256 items

ClientBypassRule

Client source rule specifies the sources to be trusted.

object

http_header

object

headers

headers

List of HTTP header name and value pairs

Required: YES.

Array<object>

<= 16 items

HeaderMatcherType

Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.

object

exact

exact

Exclusive with [regex] Header value to match exactly.

string

<= 256 characters

name

name

Name of the header Required: YES.

string

>= 1 characters <= 256 characters

regex

regex

Exclusive with [exact] Regex match of the header value in re2 format.

string

<= 256 characters

ip_prefix

ip prefix

Exclusive with [http_header] IP prefix string.

string

<= 1024 characters

metadata

object

description

description

Human readable description.

string

>= 21 characters <= 256 characters

name

name

This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.

string

>= 1 characters <= 1024 characters

custom_connector

object

f5_big_ip

object

not_applicable_connector

object

region

string

default: US

Allowed values: US EU ASIA CA

reload_header_name

Protected application Reload Header Name Header that is used for SDK configuration sync.

string

<= 1024 characters

salesforce_commerce_connector

object

status

Protected application status.

string

>= 17 characters <= 1024 characters

xc_mesh

object

http_load_balancer

object

name

name

When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name. Required: YES.

string

>= 1 characters <= 128 characters

namespace

namespace

When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace.

string

>= 6 characters <= 64 characters

tenant

tenant

When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant.

string

>= 6 characters <= 64 characters

system_metadata

object

creation_timestamp

creation_timestamp

CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.

string format: date-time

<= 1024 characters

creator_class

creator_class

A value identifying the class of the user or service which created this configuration object.

string

<= 1024 characters

creator_id

creator_id

A value identifying the exact user or service that created this configuration object.

string

<= 1024 characters

deletion_timestamp

deletion_timestamp

DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.

Populated by the system when a graceful deletion is requested. Read-only.

string format: date-time

<= 1024 characters

finalizers

finalizers

Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.

Array<string>

initializers

object

pending

pending

Pending is a list of initializers that must execute in order before this object is initialized. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.

Array<object>

InitializerType

Initializer is information about an initializer that has not yet completed.

object

name

name

Name of the service that is responsible for initializing this object.

string

>= 6 characters <= 1024 characters

result

object

code

code

Suggested HTTP return code for this status, 0 if not set.

integer format: int32

reason

reason

A human-readable description of why this operation is in the “Failure” status. If this value is empty there is no information available.

string

>= 27 characters <= 1024 characters

status

status

Status of the operation. One of: “Success” or “Failure”.

string

>= 17 characters <= 1024 characters

labels

labels

Map of string keys and values that can be used to organize and categorize (scope and select) objects as chosen by the operator or software. Values here can be interpreted by software(backend or frontend) to enable certain behavior e.g. Things marked as soft-deleted(restorable).

object

modification_timestamp

modification_timestamp

ModificationTimestamp is a timestamp representing the server time when this object was last modified.

string format: date-time

<= 1024 characters

object_index

object_index

Unique index for the object. Some objects need a unique integer index to be allocated for each object type. This field will be populated for all objects that need it and will be zero otherwise.

integer format: int64

owner_view

object

kind

kind

Kind of the view object.

string

>= 12 characters <= 1024 characters

name

name

When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name.

string

>= 6 characters <= 1024 characters

namespace

namespace

When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace.

string

>= 6 characters <= 1024 characters

uid

uid

UID of the view object.

string format: uuid

>= 36 characters <= 1024 characters

tenant

tenant

Tenant to which this configuration object belongs to. The value for this is found from presented credentials.

string

>= 6 characters <= 1024 characters

uid

uid

Uid is the unique in time and space value for this object. It is generated by the server on successful creation of an object and is not allowed to change on Replace API. The value of is taken from uid field of ObjectMetaType, if provided.

string format: uuid

>= 36 characters <= 1024 characters

Example

{
  "spec": {
    "cloudflare": {
      "js_insertion_rules": {
        "javascript_location": "JAVA_SCRIPT_LOCATION_UNDEFINED"
      },
      "loglevel": "LOG_UNDEFINED",
      "protected_endpoints": [
        {
          "http_methods": [
            "METHOD_ANY"
          ],
          "mobile_client": {
            "block": {
              "status": "EmptyStatusCode"
            }
          },
          "web_client": {
            "block": {
              "status": "EmptyStatusCode"
            },
            "redirect": {
              "status": "EmptyStatusCode"
            }
          },
          "web_mobile_client": {
            "block_mobile": {
              "status": "EmptyStatusCode"
            },
            "block_web": {
              "status": "EmptyStatusCode"
            },
            "redirect_web": {
              "status": "EmptyStatusCode"
            }
          }
        }
      ]
    },
    "cloudfront": {
      "js_insertion_rules": {
        "javascript_location": "JAVA_SCRIPT_LOCATION_UNDEFINED",
        "javascript_mode": "ASYNC_JS_NO_CACHING"
      },
      "loglevel": "LOG_UNDEFINED",
      "manual_js_insert": {
        "javascript_mode": "ASYNC_JS_NO_CACHING"
      },
      "protected_endpoints": [
        {
          "flow_label": {
            "authentication": {
              "login": {
                "transaction_result": {
                  "failure_conditions": [
                    {
                      "status": "EmptyStatusCode"
                    }
                  ],
                  "success_conditions": [
                    {
                      "status": "EmptyStatusCode"
                    }
                  ]
                }
              }
            }
          },
          "http_methods": [
            "METHOD_ANY"
          ],
          "mobile_client": {
            "block": {
              "status": "EmptyStatusCode"
            }
          },
          "web_client": {
            "block": {
              "status": "EmptyStatusCode"
            },
            "redirect": {
              "status": "EmptyStatusCode"
            }
          },
          "web_mobile_client": {
            "block_mobile": {
              "status": "EmptyStatusCode"
            },
            "block_web": {
              "status": "EmptyStatusCode"
            },
            "redirect_web": {
              "status": "EmptyStatusCode"
            }
          }
        }
      ]
    },
    "region": "US"
  }
}

401

Returned when operation is not authorized.

application/json

string format: string

Example^generated

example

403

Returned when there is no permission to access resource.

application/json

string format: string

Example^generated

example

404

Returned when resource is not found.

application/json

string format: string

Example^generated

example

409

Returned when operation on resource is conflicting with current value.

application/json

string format: string

Example^generated

example

429

Returned when operation has been rejected as it is happening too frequently.

application/json

string format: string

Example^generated

example

500

Returned when server encountered an error in processing API.

application/json

string format: string

Example^generated

example

503

Returned when service is unavailable temporarily.

application/json

string format: string

Example^generated

example

504

Returned when server timed out processing request.

application/json

string format: string

Example^generated

example

Create Protected Application.

Authorizations

Parameters

Path Parameters

Request Bodyrequired

Responses

200

Example

401

Examplegenerated

403

Examplegenerated

404

Examplegenerated

409

Examplegenerated

429

Examplegenerated

500

Examplegenerated

503

Examplegenerated

504

Examplegenerated

Request Body^required

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated