GET Protected Application.
const url = 'https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/shape/bot/namespaces/example/protected_applications/example?response_format=GET_RSP_FORMAT_DEFAULT';const options = {method: 'GET', headers: {Authorization: '<Authorization>'}};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request GET \ --url 'https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/shape/bot/namespaces/example/protected_applications/example?response_format=GET_RSP_FORMAT_DEFAULT' \ --header 'Authorization: <Authorization>'GET applications protected by Bot Defense.
Authorizations
Section titled “Authorizations”Parameters
Section titled “Parameters”Path Parameters
Section titled “Path Parameters”Namespace The namespace in which the configuration object is present.
Name The name of the configuration object to be fetched.
Query Parameters
Section titled “Query Parameters”The format in which the configuration object is to be fetched. This could be for example
- in GetSpec form for the contents of object
- in CreateRequest form to create a new similar object
- to ReplaceRequest form to replace changeable values
Default format of returned resource Response should be in CreateRequest format Response should be in ReplaceRequest format Response should be in StatusObject(s) format Response should be in format of GetSpecType Response should have other objects referring to this object Response should have deleted and disabled objects referrred by this object.
Responses
Section titled “Responses”A successful response.
This is the output message of the ‘GET’ RPC.
object
object
object
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects.
object
Human readable description for the object.
A value of true will administratively disable the object.
Map of string keys and values that can be used to organize and categorize (scope and select) objects as chosen by the user. Values specified here will be used by selector expression.
object
This is the name of configuration object. It has to be unique within the namespace. It can only be specified during create API and cannot be changed during replace API. The value of name has to follow DNS-1035 format. Required: YES.
This defines the workspace within which each the configuration object is to be created. Must be a DNS_LABEL format. For a namespace object itself, namespace value will be ""
object
object
object
object
A case-insensitive HTTP header name for Continue Mitigation Action when add header selected.
object
object
object
Optional JavaScript insertions exclude list of domain and path matchers.
Define JavaScript insertion exclusion rule.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
Exclusive with [prefix regex] Exact path value to match.
Exclusive with [path regex] Path prefix to match (e.g. The value / will match on all paths)
Exclusive with [path prefix] Regular expression of path match (e.g. The value .* will match on all paths)
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
Required list of pages to insert Bot Defense client JavaScript.
Required: YES.
This defines a rule for Bot Defense JavaScript insertion.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
Exclusive with [glob prefix] Exact path value to match.
Exclusive with [exact_path prefix]
Accepts wildcards * to match multiple characters or ? To match a single character.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
Exclusive with [exact_path glob] Path prefix to match (e.g. The value / will match on all paths)
object
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
object
object
A list of headers that can be used to identify mobile traffic.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
List of protected endpoints (max 128 items)
Required: YES.
Add the name and description for the protected endpoint.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
List of HTTP methods.
Required: YES.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
object
object
object
Should path be searched case insensitive;
URI Path Required: YES.
Enter a regular expression to match your query parameters of interest.
object
object
Custom body message.
Content type to use in a block response.
object
object
object
object
URI location for redirect reponse Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
Custom body message.
Content type to use in a block response.
object
object
object
object
object
object
object
URI location for redirect reponse Required: YES.
The timeout for the inference check, in milliseconds.
Define your allowlists to skip Bot Defense inference processing.
Client source rule specifies the sources to be trusted.
object
object
List of HTTP header name and value pairs
Required: YES.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
Exclusive with [http_header] IP prefix string.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
Add AWS CloudFront distribution ID, e.g. ABCDEFGHI0JKLM Required: YES.
object
List contains the Cloudfront distribution selection by tags key is a AWS tag name, and the value is regular expression to match Required: YES.
object
A case-insensitive HTTP header name for Continue Mitigation Action when add header selected.
Limit on amount of request-body data (other than F5 telemetry) to send for analysis (limit 1,048,576 == 1 MiByte)
object
object
object
object
Optional JavaScript insertions exclude list of domain and path matchers.
Define JavaScript insertion exclusion rule.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
Exclusive with [prefix regex] Exact path value to match.
Exclusive with [path regex] Path prefix to match (e.g. The value / will match on all paths)
Exclusive with [path prefix] Regular expression of path match (e.g. The value .* will match on all paths)
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
Required list of pages to insert Bot Defense client JavaScript.
Required: YES.
This defines a rule for Bot Defense JavaScript insertion.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
Exclusive with [glob prefix] Exact path value to match.
Exclusive with [exact_path prefix]
Accepts wildcards * to match multiple characters or ? To match a single character.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
Exclusive with [exact_path glob] Path prefix to match (e.g. The value / will match on all paths)
object
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
object
object
A list of headers that can be used to identify mobile traffic.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
List of protected endpoints (max 128 items)
Required: YES.
Add the name and description for the protected endpoint.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
object
object
object
object
object
object
object
object
Failure Conditions.
Bot Defense Transaction Result Condition.
object
A case-insensitive HTTP header name.
A list of regular expressions to match the input against.
Success Conditions.
Bot Defense Transaction Result Condition.
object
A case-insensitive HTTP header name.
A list of regular expressions to match the input against.
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
List of HTTP methods.
Required: YES.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
object
object
Accepts wildcards * to match multiple characters or ? To match a single character Required: YES.
Enter a regular expression to match your query parameters of interest.
object
object
object
Custom body message.
Content type to use in a block response.
object
object
object
object
URI location for redirect reponse Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
Custom body message.
Content type to use in a block response.
object
object
object
object
object
object
object
URI location for redirect reponse Required: YES.
The timeout for the inference check, in milliseconds.
Define your allowlists to skip Bot Defense inference processing.
Client source rule specifies the sources to be trusted.
object
object
List of HTTP header name and value pairs
Required: YES.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
Exclusive with [http_header] IP prefix string.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
object
The set of deleted objects that are referred by this object.
This type establishes a ‘direct reference’ from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name for public API and Uid for private API This type of reference is called direct because the relation is explicit and concrete (as opposed to selector reference which builds a group based on labels of selectee objects)
object
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object’s kind (e.g. “route”)
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object’s(e.g. Route’s) uid.
The set of deleted objects that are referred by this object.
This type establishes a ‘direct reference’ from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name for public API and Uid for private API This type of reference is called direct because the relation is explicit and concrete (as opposed to selector reference which builds a group based on labels of selectee objects)
object
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object’s kind (e.g. “route”)
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object’s(e.g. Route’s) uid.
object
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects.
object
Human readable description for the object.
A value of true will administratively disable the object.
Map of string keys and values that can be used to organize and categorize (scope and select) objects as chosen by the user. Values specified here will be used by selector expression.
object
This is the name of configuration object. It has to be unique within the namespace. It can only be specified during create API and cannot be changed during replace API. The value of name has to follow DNS-1035 format. Required: YES.
This defines the workspace within which each the configuration object is to be created. Must be a DNS_LABEL format. For a namespace object itself, namespace value will be ""
The set of objects that are referring to this object in their spec.
This type establishes a ‘direct reference’ from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name for public API and Uid for private API This type of reference is called direct because the relation is explicit and concrete (as opposed to selector reference which builds a group based on labels of selectee objects)
object
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object’s kind (e.g. “route”)
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object’s(e.g. Route’s) uid.
object
object
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects.
object
Human readable description for the object.
A value of true will administratively disable the object.
Map of string keys and values that can be used to organize and categorize (scope and select) objects as chosen by the user. Values specified here will be used by selector expression.
object
This is the name of configuration object. It has to be unique within the namespace. It can only be specified during create API and cannot be changed during replace API. The value of name has to follow DNS-1035 format. Required: YES.
This defines the workspace within which each the configuration object is to be created. Must be a DNS_LABEL format. For a namespace object itself, namespace value will be ""
object
object
object
object
A case-insensitive HTTP header name for Continue Mitigation Action when add header selected.
object
object
object
Optional JavaScript insertions exclude list of domain and path matchers.
Define JavaScript insertion exclusion rule.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
Exclusive with [prefix regex] Exact path value to match.
Exclusive with [path regex] Path prefix to match (e.g. The value / will match on all paths)
Exclusive with [path prefix] Regular expression of path match (e.g. The value .* will match on all paths)
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
Required list of pages to insert Bot Defense client JavaScript.
Required: YES.
This defines a rule for Bot Defense JavaScript insertion.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
Exclusive with [glob prefix] Exact path value to match.
Exclusive with [exact_path prefix]
Accepts wildcards * to match multiple characters or ? To match a single character.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
Exclusive with [exact_path glob] Path prefix to match (e.g. The value / will match on all paths)
object
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
object
object
A list of headers that can be used to identify mobile traffic.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
List of protected endpoints (max 128 items)
Required: YES.
Add the name and description for the protected endpoint.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
List of HTTP methods.
Required: YES.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
object
object
object
Should path be searched case insensitive;
URI Path Required: YES.
Enter a regular expression to match your query parameters of interest.
object
object
Custom body message.
Content type to use in a block response.
object
object
object
object
URI location for redirect reponse Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
Custom body message.
Content type to use in a block response.
object
object
object
object
object
object
object
URI location for redirect reponse Required: YES.
The timeout for the inference check, in milliseconds.
Define your allowlists to skip Bot Defense inference processing.
Client source rule specifies the sources to be trusted.
object
object
List of HTTP header name and value pairs
Required: YES.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
Exclusive with [http_header] IP prefix string.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
Add AWS CloudFront distribution ID, e.g. ABCDEFGHI0JKLM Required: YES.
object
List contains the Cloudfront distribution selection by tags key is a AWS tag name, and the value is regular expression to match Required: YES.
object
A case-insensitive HTTP header name for Continue Mitigation Action when add header selected.
Limit on amount of request-body data (other than F5 telemetry) to send for analysis (limit 1,048,576 == 1 MiByte)
object
object
object
object
Optional JavaScript insertions exclude list of domain and path matchers.
Define JavaScript insertion exclusion rule.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
Exclusive with [prefix regex] Exact path value to match.
Exclusive with [path regex] Path prefix to match (e.g. The value / will match on all paths)
Exclusive with [path prefix] Regular expression of path match (e.g. The value .* will match on all paths)
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
Required list of pages to insert Bot Defense client JavaScript.
Required: YES.
This defines a rule for Bot Defense JavaScript insertion.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
Exclusive with [glob prefix] Exact path value to match.
Exclusive with [exact_path prefix]
Accepts wildcards * to match multiple characters or ? To match a single character.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
Exclusive with [exact_path glob] Path prefix to match (e.g. The value / will match on all paths)
object
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
object
object
A list of headers that can be used to identify mobile traffic.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
List of protected endpoints (max 128 items)
Required: YES.
Add the name and description for the protected endpoint.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
object
object
object
object
object
object
object
object
Failure Conditions.
Bot Defense Transaction Result Condition.
object
A case-insensitive HTTP header name.
A list of regular expressions to match the input against.
Success Conditions.
Bot Defense Transaction Result Condition.
object
A case-insensitive HTTP header name.
A list of regular expressions to match the input against.
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
List of HTTP methods.
Required: YES.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
object
object
Accepts wildcards * to match multiple characters or ? To match a single character Required: YES.
Enter a regular expression to match your query parameters of interest.
object
object
object
Custom body message.
Content type to use in a block response.
object
object
object
object
URI location for redirect reponse Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
Custom body message.
Content type to use in a block response.
object
object
object
object
object
object
object
URI location for redirect reponse Required: YES.
The timeout for the inference check, in milliseconds.
Define your allowlists to skip Bot Defense inference processing.
Client source rule specifies the sources to be trusted.
object
object
List of HTTP header name and value pairs
Required: YES.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
Exclusive with [http_header] IP prefix string.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
object
object
object
object
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name. Required: YES.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant.
object
object
Protected application ID.
object
object
A case-insensitive HTTP header name for Continue Mitigation Action when add header selected.
object
object
object
Optional JavaScript insertions exclude list of domain and path matchers.
Define JavaScript insertion exclusion rule.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
Exclusive with [prefix regex] Exact path value to match.
Exclusive with [path regex] Path prefix to match (e.g. The value / will match on all paths)
Exclusive with [path prefix] Regular expression of path match (e.g. The value .* will match on all paths)
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
Required list of pages to insert Bot Defense client JavaScript.
Required: YES.
This defines a rule for Bot Defense JavaScript insertion.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
Exclusive with [glob prefix] Exact path value to match.
Exclusive with [exact_path prefix]
Accepts wildcards * to match multiple characters or ? To match a single character.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
Exclusive with [exact_path glob] Path prefix to match (e.g. The value / will match on all paths)
object
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
object
object
A list of headers that can be used to identify mobile traffic.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
List of protected endpoints (max 128 items)
Required: YES.
Add the name and description for the protected endpoint.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
List of HTTP methods.
Required: YES.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
object
object
object
Should path be searched case insensitive;
URI Path Required: YES.
Enter a regular expression to match your query parameters of interest.
object
object
Custom body message.
Content type to use in a block response.
object
object
object
object
URI location for redirect reponse Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
Custom body message.
Content type to use in a block response.
object
object
object
object
object
object
object
URI location for redirect reponse Required: YES.
The timeout for the inference check, in milliseconds.
Define your allowlists to skip Bot Defense inference processing.
Client source rule specifies the sources to be trusted.
object
object
List of HTTP header name and value pairs
Required: YES.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
Exclusive with [http_header] IP prefix string.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
Add AWS CloudFront distribution ID, e.g. ABCDEFGHI0JKLM Required: YES.
object
List contains the Cloudfront distribution selection by tags key is a AWS tag name, and the value is regular expression to match Required: YES.
object
A case-insensitive HTTP header name for Continue Mitigation Action when add header selected.
Limit on amount of request-body data (other than F5 telemetry) to send for analysis (limit 1,048,576 == 1 MiByte)
object
object
object
object
Optional JavaScript insertions exclude list of domain and path matchers.
Define JavaScript insertion exclusion rule.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
Exclusive with [prefix regex] Exact path value to match.
Exclusive with [path regex] Path prefix to match (e.g. The value / will match on all paths)
Exclusive with [path prefix] Regular expression of path match (e.g. The value .* will match on all paths)
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
Required list of pages to insert Bot Defense client JavaScript.
Required: YES.
This defines a rule for Bot Defense JavaScript insertion.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
Exclusive with [glob prefix] Exact path value to match.
Exclusive with [exact_path prefix]
Accepts wildcards * to match multiple characters or ? To match a single character.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
Exclusive with [exact_path glob] Path prefix to match (e.g. The value / will match on all paths)
object
Web client will fetch F5 Client Java Script from this path. This path must not conflict with any other website/application paths.
If not specified, default to ‘/common.js’.
object
object
A list of headers that can be used to identify mobile traffic.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
List of protected endpoints (max 128 items)
Required: YES.
Add the name and description for the protected endpoint.
object
object
object
Exclusive with [regex_value suffix_value] Exact domain name.
Exclusive with [exact_value suffix_value] Regular Expression value for the domain name.
Exclusive with [exact_value regex_value] Suffix of domain name e.g “xyz.com” will match “*.xyz.com” and “xyz.com”
object
object
object
object
object
object
object
object
Failure Conditions.
Bot Defense Transaction Result Condition.
object
A case-insensitive HTTP header name.
A list of regular expressions to match the input against.
Success Conditions.
Bot Defense Transaction Result Condition.
object
A case-insensitive HTTP header name.
A list of regular expressions to match the input against.
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
object
List of HTTP methods.
Required: YES.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
object
object
Accepts wildcards * to match multiple characters or ? To match a single character Required: YES.
Enter a regular expression to match your query parameters of interest.
object
object
object
Custom body message.
Content type to use in a block response.
object
object
object
object
URI location for redirect reponse Required: YES.
object
object
Custom body message.
Content type to use in a block response.
object
Custom body message.
Content type to use in a block response.
object
object
object
object
object
object
object
URI location for redirect reponse Required: YES.
The timeout for the inference check, in milliseconds.
Define your allowlists to skip Bot Defense inference processing.
Client source rule specifies the sources to be trusted.
object
object
List of HTTP header name and value pairs
Required: YES.
Header match is done using the name of the header and its value. The value match is done using one of the following regex match on value exact match of value presence of header.
object
Exclusive with [regex] Header value to match exactly.
Name of the header Required: YES.
Exclusive with [exact] Regex match of the header value in re2 format.
Exclusive with [http_header] IP prefix string.
object
Human readable description.
This is the name of the message. The value of name has to follow DNS-1035 format. Required: YES.
object
object
object
Protected application Reload Header Name Header that is used for SDK configuration sync.
object
Protected application status.
object
object
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name. Required: YES.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant.
The status reported by different services for this configuration object.
Most recently observed status of object.
object
Conditions reported by various component of the system.
Conditions are used in the object status to describe the current state of the object, e.g. Ready, Succeeded, etc.
object
Hostname of the instance of the site that sent the status.
Last time the condition was updated.
A human readable string explaining the reason for reaching this condition.
Name of the service that sent the status.
Status of the condition “Success” Validation has succeeded. Requested operation was successful. “Failed” Validation has failed. “Incomplete” Validation of configuration has failed due to missing configuration. “Installed” Validation has passed and configuration has been installed in data path or K8s “Down” Configuration is operationally down. E.g. Down interface “Disabled” Configuration is administratively disabled i.e. objectmetatype.disable = true. “NotApplicable” Configuration is not applicable e.g. Tenant service_policy_set(s) in system namespace are not applicable on REs.
Type of the condition “Validation” represents validation user given configuration object “Operational” represents operational status of a given configuration object.
object
Creation_timestamp is when the status object was created. It is used to find/tie-break for latest status object from same origin.
Class of creator which created this StatusObject. This will be service’s DNS FQDN. This will be set by the system based on client certificate information.
ID of creator which created this StatusObject. This will be a concrete identifier for service (e.g. Identifying the environment also). This will be set by the system based on client certificate information.
Status_id is a field used by the generator to distinguish (if necessary) between two status objects for the same config object from the same site and same service and potentially same daemon(creator-ID)
Uid is the unique in time and space value for a StatusObject.
Origin of this status exchanged by VTRP.
Indicate whether mars deems this object to be stale via graceful restart timer information.
Object reference.
This type establishes a ‘direct reference’ from one object(the referrer) to another(the referred). Such a reference is in form of tenant/namespace/name for public API and Uid for private API This type of reference is called direct because the relation is explicit and concrete (as opposed to selector reference which builds a group based on labels of selectee objects)
object
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then kind will hold the referred object’s kind (e.g. “route”)
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then tenant will hold the referred object’s(e.g. Route’s) tenant.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then uid will hold the referred object’s(e.g. Route’s) uid.
object
CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.
A value identifying the class of the user or service which created this configuration object.
A value identifying the exact user or service that created this configuration object.
DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.
Populated by the system when a graceful deletion is requested. Read-only.
Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.
object
Pending is a list of initializers that must execute in order before this object is initialized. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.
Initializer is information about an initializer that has not yet completed.
object
Name of the service that is responsible for initializing this object.
object
Suggested HTTP return code for this status, 0 if not set.
A human-readable description of why this operation is in the “Failure” status. If this value is empty there is no information available.
Status of the operation. One of: “Success” or “Failure”.
Map of string keys and values that can be used to organize and categorize (scope and select) objects as chosen by the operator or software. Values here can be interpreted by software(backend or frontend) to enable certain behavior e.g. Things marked as soft-deleted(restorable).
object
ModificationTimestamp is a timestamp representing the server time when this object was last modified.
Unique index for the object. Some objects need a unique integer index to be allocated for each object type. This field will be populated for all objects that need it and will be zero otherwise.
object
Kind of the view object.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then name will hold the referred object’s(e.g. Route’s) name.
When a configuration object(e.g. Virtual_host) refers to another(e.g route) then namespace will hold the referred object’s(e.g. Route’s) namespace.
UID of the view object.
Tenant to which this configuration object belongs to. The value for this is found from presented credentials.
Uid is the unique in time and space value for this object. It is generated by the server on successful creation of an object and is not allowed to change on Replace API. The value of is taken from uid field of ObjectMetaType, if provided.
Example
{ "create_form": { "spec": { "cloudflare": { "js_insertion_rules": { "javascript_location": "JAVA_SCRIPT_LOCATION_UNDEFINED" }, "loglevel": "LOG_UNDEFINED", "protected_endpoints": [ { "http_methods": [ "METHOD_ANY" ], "mobile_client": { "block": { "status": "EmptyStatusCode" } }, "web_client": { "block": { "status": "EmptyStatusCode" }, "redirect": { "status": "EmptyStatusCode" } }, "web_mobile_client": { "block_mobile": { "status": "EmptyStatusCode" }, "block_web": { "status": "EmptyStatusCode" }, "redirect_web": { "status": "EmptyStatusCode" } } } ] }, "cloudfront": { "js_insertion_rules": { "javascript_location": "JAVA_SCRIPT_LOCATION_UNDEFINED", "javascript_mode": "ASYNC_JS_NO_CACHING" }, "loglevel": "LOG_UNDEFINED", "manual_js_insert": { "javascript_mode": "ASYNC_JS_NO_CACHING" }, "protected_endpoints": [ { "flow_label": { "authentication": { "login": { "transaction_result": { "failure_conditions": [ { "status": "EmptyStatusCode" } ], "success_conditions": [ { "status": "EmptyStatusCode" } ] } } } }, "http_methods": [ "METHOD_ANY" ], "mobile_client": { "block": { "status": "EmptyStatusCode" } }, "web_client": { "block": { "status": "EmptyStatusCode" }, "redirect": { "status": "EmptyStatusCode" } }, "web_mobile_client": { "block_mobile": { "status": "EmptyStatusCode" }, "block_web": { "status": "EmptyStatusCode" }, "redirect_web": { "status": "EmptyStatusCode" } } } ] }, "region": "US" } }, "replace_form": { "spec": { "cloudflare": { "js_insertion_rules": { "javascript_location": "JAVA_SCRIPT_LOCATION_UNDEFINED" }, "loglevel": "LOG_UNDEFINED", "protected_endpoints": [ { "http_methods": [ "METHOD_ANY" ], "mobile_client": { "block": { "status": "EmptyStatusCode" } }, "web_client": { "block": { "status": "EmptyStatusCode" }, "redirect": { "status": "EmptyStatusCode" } }, "web_mobile_client": { "block_mobile": { "status": "EmptyStatusCode" }, "block_web": { "status": "EmptyStatusCode" }, "redirect_web": { "status": "EmptyStatusCode" } } } ] }, "cloudfront": { "js_insertion_rules": { "javascript_location": "JAVA_SCRIPT_LOCATION_UNDEFINED", "javascript_mode": "ASYNC_JS_NO_CACHING" }, "loglevel": "LOG_UNDEFINED", "manual_js_insert": { "javascript_mode": "ASYNC_JS_NO_CACHING" }, "protected_endpoints": [ { "flow_label": { "authentication": { "login": { "transaction_result": { "failure_conditions": [ { "status": "EmptyStatusCode" } ], "success_conditions": [ { "status": "EmptyStatusCode" } ] } } } }, "http_methods": [ "METHOD_ANY" ], "mobile_client": { "block": { "status": "EmptyStatusCode" } }, "web_client": { "block": { "status": "EmptyStatusCode" }, "redirect": { "status": "EmptyStatusCode" } }, "web_mobile_client": { "block_mobile": { "status": "EmptyStatusCode" }, "block_web": { "status": "EmptyStatusCode" }, "redirect_web": { "status": "EmptyStatusCode" } } } ] } } }, "spec": { "cloudflare": { "js_insertion_rules": { "javascript_location": "JAVA_SCRIPT_LOCATION_UNDEFINED" }, "loglevel": "LOG_UNDEFINED", "protected_endpoints": [ { "http_methods": [ "METHOD_ANY" ], "mobile_client": { "block": { "status": "EmptyStatusCode" } }, "web_client": { "block": { "status": "EmptyStatusCode" }, "redirect": { "status": "EmptyStatusCode" } }, "web_mobile_client": { "block_mobile": { "status": "EmptyStatusCode" }, "block_web": { "status": "EmptyStatusCode" }, "redirect_web": { "status": "EmptyStatusCode" } } } ] }, "cloudfront": { "js_insertion_rules": { "javascript_location": "JAVA_SCRIPT_LOCATION_UNDEFINED", "javascript_mode": "ASYNC_JS_NO_CACHING" }, "loglevel": "LOG_UNDEFINED", "manual_js_insert": { "javascript_mode": "ASYNC_JS_NO_CACHING" }, "protected_endpoints": [ { "flow_label": { "authentication": { "login": { "transaction_result": { "failure_conditions": [ { "status": "EmptyStatusCode" } ], "success_conditions": [ { "status": "EmptyStatusCode" } ] } } } }, "http_methods": [ "METHOD_ANY" ], "mobile_client": { "block": { "status": "EmptyStatusCode" } }, "web_client": { "block": { "status": "EmptyStatusCode" }, "redirect": { "status": "EmptyStatusCode" } }, "web_mobile_client": { "block_mobile": { "status": "EmptyStatusCode" }, "block_web": { "status": "EmptyStatusCode" }, "redirect_web": { "status": "EmptyStatusCode" } } } ] }, "region": "US" }, "status": [ { "metadata": { "publish": "STATUS_DO_NOT_PUBLISH" } } ]}Returned when operation is not authorized.
Examplegenerated
exampleReturned when there is no permission to access resource.
Examplegenerated
exampleReturned when resource is not found.
Examplegenerated
exampleReturned when operation on resource is conflicting with current value.
Examplegenerated
exampleReturned when operation has been rejected as it is happening too frequently.
Examplegenerated
exampleReturned when server encountered an error in processing API.
Examplegenerated
exampleReturned when service is unavailable temporarily.
Examplegenerated
exampleReturned when server timed out processing request.
Examplegenerated
example