{"note":"OpenAPI conversion -- returning structured metadata","name":"akamai-appsec","description":"Akamai: Application Security API","version":"v1","base_url":"https://{hostname}/appsec/v1","endpoints":213,"raw":"@lap v0.3\n# Machine-readable API spec. Each @endpoint block is one API call.\n@api Akamai: Application Security API\n@base https://{hostname}/appsec/v1\n@version v1\n@common_fields {accountSwitchKey: str # For customers who manage more than one account, this [runs the operation from another account](https://techdocs.akamai.com/developer/docs/manage-many-accounts-with-one-api-client). The Identity and Access Management API provides a [list of available account switch keys](https://techdocs.akamai.com/iam-api/reference/get-client-account-switch-keys).}\n@endpoints 213\n@hint download_for_search\n@toc activations(3), api-discovery(5), configs(179), contracts-groups(1), contracts(1), cves(6), export(1), hostname-coverage(1), onboardings(15), siem-definitions(1)\n\n@group activations\n@endpoint POST /activations\n@desc Activate a configuration version\n@required {action: str(ACTIVATE/DEACTIVATE) # The action to take, either `ACTIVATE` or `DEACTIVATE`., activationConfigs: [map{configId!: int, configVersion!: int}] # Specifies the security configuration and version to activate or deactivate., network: str(STAGING/PRODUCTION) # The target Akamai activation environment, either `STAGING` or `PRODUCTION`., note: str # The notes you entered for the activation., notificationEmails: [str] # The email addresses to notify when the activation happens.}\n@optional {acknowledgedInvalidHosts: [str] # The list of invalid hostnames in the security configuration to activate. In some cases, you may want to activate a security configuration with hostnames that WAF can't protect (for example, hostnames not managed as Akamai properties, or managed under a different contract than the configuration). By default, the existence of invalid hostnames blocks activation with a warning. The warning includes the names of the invalid hostnames. If you want to activate a configuration with invalid hostnames, enter the hostnames in this array. This field is now deprecated. Use `acknowledgedInvalidHostsByConfig` instead., acknowledgedInvalidHostsByConfig: [map{configId!: int, invalidHosts!: [str]}] # The list of invalid hostnames per security configuration to activate. In some cases, you may want to activate a security configuration with hostnames that WAF can't protect (for example, hostnames not managed as Akamai properties, or managed under a different contract than the configuration). By default, the existence of invalid hostnames blocks activation with a warning. The warning includes the names of the invalid hostnames. If you want to activate a configuration with invalid hostnames, enter the hostnames and the configuration ID in this array.}\n@returns(200) {action: str, activationConfigs: [map], activationId: int, completionDate: str(date-time), createDate: str(date-time), createdBy: str, dispatchCount: int, estimate: str, network: str, status: str} # Activation request successful.\n@returns(202) {createDate: str(date-time), links: map{check-status: str}, statusId: str} # Activation request launched.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the configuration.}\n@example_request {\"action\":\"ACTIVATE\",\"activationConfigs\":[{\"configId\":1,\"configVersion\":4}],\"network\":\"STAGING\",\"note\":\"Free text notes\",\"notificationEmails\":[\"a@example.com\",\"b@example.com\"]}\n\n@endpoint GET /activations/status/{statusId}\n@desc Get an activation request status\n@returns(200) {createDate: str(date-time), statusId: str} # Your activation request is still being created. Keep polling this API to get the latest status.\n@errors {303: Your activation is ready. Follow the redirect to get the latest status.}\n\n@endpoint GET /activations/{activationId}\n@desc Get activation status\n@returns(200) {action: str, activationConfigs: [map], activationId: int, completionDate: str(date-time), createDate: str(date-time), createdBy: str, dispatchCount: int, estimate: str, network: str, status: str} # Successfully returned activation status.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to this activation.}\n\n@endgroup\n\n@group api-discovery\n@endpoint GET /api-discovery\n@desc List discovered APIs\n@optional {includeHidden: bool=false # If `true`, includes all discovered APIs including ones you have hidden. By default, `false` returns only the visible APIs., search: str # Filter results by hostname or basepath. You can also match on substrings.}\n@returns(200) {apis: [map]} # Successfully retrieved APIs.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint GET /api-discovery/host/{hostname}/basepath/{basePath}\n@desc Get a discovered API\n@optional {includeHidden: bool=false # If `true`, includes all discovered APIs including ones you have hidden. By default, `false` returns only the visible APIs., search: str # Filter results by name, description, or ID. You can match on substrings.}\n@returns(200) {apiEndpointIds: [int], basePath: str, discoveryType: str, enrichment: map{options: int, browsers: int, clientErrors: int, clientReputation: num, dateFirstSeen: str, dateLastModified: str, dateLastSeen: str, deletes: int, dosAttackers: num, formats: [str], gets: int, hostSamples: [str], mobiles: int, newlyDiscovered: bool, paths: map{options: int, deletes: int, gets: int, posts: int, puts: int, samples: [str], template: str}, posts: int, puts: int, redirects: int, requests: int, requestsBadReputation: num, requestsLastDay: int, scanningTools: num, serverErrors: int, successes: int, totalDailyRequests: [map], totalErrors: int, trend: str, webAttackers: num, webScrapers: num}, host: str, visibility: str} # Successfully retrieved the details.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /api-discovery/host/{hostname}/basepath/{basePath}\n@desc Modify an API's visibility\n@required {hidden: bool # Describes an API's visibility status.}\n@optional {reason: str(NOT_ELIGIBLE/FALSE_POSITIVE) # The reason you've decided to hide the API from the API list. Use `NOT_ELIGIBLE` if you want to hide it for now and choose what to do with the API at a later time. Use `FALSE_POSITIVE` for APIs you feel are incorrectly included in the data.}\n@returns(200) {hidden: bool, reason: str} # Successfully updated the API's action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"hidden\":true,\"reason\":\"FALSE_POSITIVE\"}\n\n@endpoint POST /api-discovery/host/{hostname}/basepath/{basePath}/endpoints\n@desc Create an endpoint or resource\n@optional {apiEndpointId: int # A unique identifier for an API endpoint. You need this when adding a resource to an existing endpoint., apiName: str # The name for this API endpoint. You need this to register an endpoint., contractId: str # A unique identifier for a contract. You need this when registering a new endpoint., groupId: int # A unique identifier for a group. You need this when registering a new endpoint., version: int # The version number. You need this when adding a resource to an existing endpoint. When a version is read-only, the version is cloned and updates are included in the newly cloned version.}\n@returns(201) {akamaiSecurityRestrictions: map?{ALLOW_UNDEFINED_RESPONSE_BODY_PARAMS: int, ALLOW_UNDEFINED_RESPONSE_HEADER_PARAMS: int, MAX_BODY_SIZE: int, MAX_DOC_DEPTH: int, MAX_ELEMENT_NAME_LENGTH: int, MAX_INTEGER_VALUE: int, MAX_JSONXML_ELEMENT: int, MAX_STRING_LENGTH: int, POSITIVE_SECURITY_ENABLED: int}, apiCategoryIds: [int]?, apiEndPointHosts: [str], apiEndPointId: int, apiEndPointLocked: bool, apiEndPointName: str, apiEndPointScheme: str, apiEndPointVersion: int, apiResources: [map], apiVersionInfo: map?{location: str, parameterName: str, value: str}, availableActions: [str], basePath: str?, caseSensitive: bool, clonedFromVersion: int?, consumeType: str, contractId: str, createDate: str, createdBy: str, description: str?, endpointHidden: bool, groupId: int, isGraphQL: bool, lockVersion: int, positiveConstrainsEnabled: bool?, productionStatus: str?, productionVersion: map, protectedByApiKey: bool, securityScheme: map{securitySchemeDetail: map{apiKeyLocation: str, apiKeyName: str}, securitySchemeType: str}, source: map?, stagingStatus: str?, stagingVersion: map, updateDate: str, updatedBy: str, versionHidden: bool, versionNumber: int} # Successfully registered an endpoint or a new resource to an existing endpoint.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"apiName\":\"New API\",\"contractId\":\"C-0N7RAC71\",\"groupId\":12345}\n\n@endpoint GET /api-discovery/host/{hostname}/basepath/{basePath}/endpoints\n@desc List discovered API endpoints\n@returns(200) {configurations: [map]} # Successfully returned the data.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endgroup\n\n@group configs\n@endpoint POST /configs\n@desc Create a configuration\n@required {description: str # Describes the security configuration., hostnames: [str] # List of hostnames to be added to the configuration., name: str # The name you assigned to the security configuration.}\n@optional {contractId: str # Contract ID., createFrom: map{configId!: int, version!: int} # Contains details about a source configuration and version for cloning a new security configuration., groupId: int # Group ID.}\n@returns(201) {contractId: str, createFrom: map{configId: int, version: int}, description: str, groupId: int, hostnames: [str], name: str} # Successfully created a security configuration.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have create access for security configurations.}\n@example_request {\"contractId\":\"C-0N7RAC7\",\"description\":\"description1\",\"groupId\":32145,\"hostnames\":[\"new.example.com\",\"www.example.com\"],\"name\":\"newapitest\"}\n\n@endpoint GET /configs\n@desc List configurations\n@returns(200) {configurations: [map]} # Successful response.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint GET /configs/{configId}\n@desc Get a security configuration\n@optional {includeHostnames: bool=false # If `true`, include the list of hostnames protected by this security configuration in the production network.  If `false`, exclude the list of hostnames protected by this security configuration in the production network.}\n@returns(200) {description: str, id: int, latestVersion: int, name: str, productionHostnames: [str], productionVersion: int, stagingVersion: int} # Successful response.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration wasn't found.}\n\n@endpoint PUT /configs/{configId}\n@desc Rename a security configuration\n@required {name: str # The name you assigned to the security configuration.}\n@optional {description: str # Describes the security configuration.}\n@returns(200) {description: str, name: str} # Successfully renamed the security configuration.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration wasn't found.}\n@example_request {\"description\":\"description1\",\"name\":\"newapitest\"}\n\n@endpoint DELETE /configs/{configId}\n@desc Delete a configuration\n@returns(204) Successfully deleted the security configuration.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Security configuration is active in a network and not editable., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n\n@endpoint GET /configs/{configId}/activations\n@desc List activation history\n@returns(200) {activationHistory: [map], configId: int} # Successful response.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration wasn't found.}\n\n@endpoint POST /configs/{configId}/custom-rules\n@desc Create a custom rule\n@required {name: str # The custom rule name., operation: str(AND/OR) # Specify `AND` logic to require all conditions, or `OR` logic to require at least one condition to match., structured: bool # Whether you created the rule with the structured custom rule builder or free-form XML. This needs to be `true`.}\n@optional {conditions: [map{name: any, nameCase: bool, nameWildcard: bool, positiveMatch!: bool, type!: str, useXForwardForHeaders: bool, value: str, valueCase: bool, valueExactMatch: bool, valueIgnoreSegment: bool, valueNormalize: bool, valueRecursive: bool, valueWildcard: bool}] # Contains the details about the condition that triggers the custom rule., description: str # The custom rule description., effectiveTimePeriod: map{endDate!: str, startDate!: str(date-time), status: str} # The time period during which the custom rule is active., id: int # Uniquely identifies the rule., inspectRequest: bool # Whether to inspect the HTTP request for unstructured custom rules., inspectResponse: bool # Whether to inspect the HTTP response for unstructured custom rules., loggingOptions: [map{id!: str, name: str, value: str}] # The specific conditions to be logged., metadata: str # The metadata you provided for unstructured custom rules., ruleActivated: bool # Whether the rule is active in the configuration., samplingRate: int # The portion of traffic to sample, expressed as a percent., stagingOnly: bool=false # Whether to show traffic from only the staging network, or all traffic. The default setting is `false` and only shows in the response when `true`., tag: [str] # The list of labels you assigned to the custom rule., version: int # The custom rule version.}\n@returns(200) {conditions: [map], description: str, effectiveTimePeriod: map{endDate: str, startDate: str(date-time), status: str}, id: int, inspectRequest: bool, inspectResponse: bool, loggingOptions: [map], metadata: str, name: str, operation: str, ruleActivated: bool, samplingRate: int, stagingOnly: bool, structured: bool, tag: [str], version: int} # Responds with the newly created rule.\n@example_request {\"conditions\":[{\"positiveMatch\":true,\"type\":\"requestMethodMatch\",\"value\":[\"GET\",\"CONNECT\",\"TRACE\",\"PUT\",\"POST\",\"OPTIONS\",\"DELETE\",\"HEAD\"]},{\"positiveMatch\":true,\"type\":\"pathMatch\",\"value\":[\"/H\",\"/Li\",\"/He\"]},{\"positiveMatch\":true,\"type\":\"extensionMatch\",\"value\":[\"Li\",\"He\",\"H\"],\"valueCase\":true,\"valueWildcard\":true},{\"positiveMatch\":true,\"type\":\"filenameMatch\",\"value\":[\"He\",\"H\",\"Li\"],\"valueCase\":false,\"valueWildcard\":false},{\"positiveMatch\":true,\"type\":\"requestProtocolVersionMatch\",\"value\":\"HTTP/0.9\"},{\"name\":[\"H\",\"He\"],\"nameWildcard\":true,\"positiveMatch\":true,\"type\":\"requestHeaderMatch\",\"value\":[\"Li\",\"He\",\"H\"],\"valueCase\":true,\"valueWildcard\":true},{\"name\":[\"He\"],\"nameWildcard\":true,\"positiveMatch\":true,\"type\":\"requestHeaderMatch\",\"value\":[\"C\",\"Be\",\"B\"],\"valueCase\":true,\"valueWildcard\":true},{\"positiveMatch\":true,\"type\":\"headerOrderMatch\",\"value\":\"H:He\"},{\"name\":\"H\",\"nameCase\":true,\"nameWildcard\":true,\"positiveMatch\":true,\"type\":\"cookieMatch\",\"value\":[\"H\",\"He\",\"Li\"],\"valueCase\":true,\"valueWildcard\":true},{\"name\":\"Be\",\"nameCase\":true,\"nameWildcard\":true,\"positiveMatch\":true,\"type\":\"cookieMatch\",\"value\":[\"O\",\"N\",\"C\"],\"valueCase\":true,\"valueWildcard\":true},{\"name\":\"C\",\"nameCase\":true,\"nameWildcard\":true,\"positiveMatch\":true,\"type\":\"uriQueryMatch\",\"value\":[\"Carbon\",\"C\"],\"valueCase\":true,\"valueWildcard\":true},{\"name\":\"N\",\"nameCase\":false,\"nameWildcard\":false,\"positiveMatch\":true,\"type\":\"uriQueryMatch\",\"value\":[\"Nitrogen\",\"N\"],\"valueCase\":false,\"valueWildcard\":false},{\"name\":\"H\",\"positiveMatch\":true,\"type\":\"argsPostMatch\",\"value\":[\"H\",\"Hydrogen\"]},{\"name\":\"He\",\"positiveMatch\":true,\"type\":\"argsPostMatch\",\"value\":[\"He\",\"Helium\"]},{\"positiveMatch\":true,\"type\":\"argsPostNamesMatch\",\"value\":[\"Carbon\",\"Oxygen\",\"Nitrogen\",\"Chlorine\"]},{\"positiveMatch\":true,\"type\":\"clientCertPresentMatch\"},{\"positiveMatch\":false,\"type\":\"clientCertValidMatch\"},{\"positiveMatch\":true,\"type\":\"clientTlsFingerprintMatch\",\"value\":[\"aebbfa8e53e8661f\"]},{\"positiveMatch\":true,\"type\":\"hostMatch\",\"value\":[\"example.com\",\"*.Nitrogen.gb\"]},{\"positiveMatch\":false,\"type\":\"asNumberMatch\",\"useXForwardForHeaders\":true,\"value\":[\"2145697538\"]},{\"positiveMatch\":false,\"type\":\"geoMatch\",\"useXForwardForHeaders\":true,\"value\":[\"AD\"]},{\"positiveMatch\":false,\"type\":\"ipAddressMatch\",\"useXForwardForHeaders\":true,\"value\":[\"81.477.377.57\"]},{\"positiveMatch\":true,\"type\":\"clientListMatch\",\"useXForwardForHeaders\":true,\"value\":[\"86744_AZURETLS\",\"83629_40KHG\"]}],\"description\":\"Can I create all conditions?\",\"effectiveTimePeriod\":{\"endDate\":\"2021-11-02T01:00:00.000Z\",\"startDate\":\"2021-08-05T01:00:00.000Z\"},\"loggingOptions\":[{\"id\":\"CLIENT_TLS_FINGERPRINT_MATCH\"}],\"name\":\"Fat Rule\",\"operation\":\"AND\",\"samplingRate\":10,\"stagingOnly\":true,\"structured\":true,\"tag\":[\"test\"]}\n\n@endpoint GET /configs/{configId}/custom-rules\n@desc List custom rules\n@returns(200) {customRules: [map]} # All the latest custom rules for this configuration.\n\n@endpoint GET /configs/{configId}/custom-rules/{ruleId}\n@desc Get a custom rule\n@returns(200) {conditions: [map], description: str, effectiveTimePeriod: map{endDate: str, startDate: str(date-time), status: str}, id: int, inspectRequest: bool, inspectResponse: bool, loggingOptions: [map], metadata: str, name: str, operation: str, ruleActivated: bool, samplingRate: int, stagingOnly: bool, structured: bool, tag: [str], version: int} # Responds with the requested rule.\n\n@endpoint PUT /configs/{configId}/custom-rules/{ruleId}\n@desc Modify a custom rule\n@required {name: str # The custom rule name., operation: str(AND/OR) # Specify `AND` logic to require all conditions, or `OR` logic to require at least one condition to match., structured: bool # Whether you created the rule with the structured custom rule builder or free-form XML. This needs to be `true`.}\n@optional {conditions: [map{name: any, nameCase: bool, nameWildcard: bool, positiveMatch!: bool, type!: str, useXForwardForHeaders: bool, value: str, valueCase: bool, valueExactMatch: bool, valueIgnoreSegment: bool, valueNormalize: bool, valueRecursive: bool, valueWildcard: bool}] # Contains the details about the condition that triggers the custom rule., description: str # The custom rule description., effectiveTimePeriod: map{endDate!: str, startDate!: str(date-time), status: str} # The time period during which the custom rule is active., id: int # Uniquely identifies the rule., inspectRequest: bool # Whether to inspect the HTTP request for unstructured custom rules., inspectResponse: bool # Whether to inspect the HTTP response for unstructured custom rules., loggingOptions: [map{id!: str, name: str, value: str}] # The specific conditions to be logged., metadata: str # The metadata you provided for unstructured custom rules., ruleActivated: bool # Whether the rule is active in the configuration., samplingRate: int # The portion of traffic to sample, expressed as a percent., stagingOnly: bool=false # Whether to show traffic from only the staging network, or all traffic. The default setting is `false` and only shows in the response when `true`., tag: [str] # The list of labels you assigned to the custom rule., version: int # The custom rule version.}\n@returns(200) {conditions: [map], description: str, effectiveTimePeriod: map{endDate: str, startDate: str(date-time), status: str}, id: int, inspectRequest: bool, inspectResponse: bool, loggingOptions: [map], metadata: str, name: str, operation: str, ruleActivated: bool, samplingRate: int, stagingOnly: bool, structured: bool, tag: [str], version: int} # Responds with the updated rule.\n@example_request {\"conditions\":[{\"positiveMatch\":true,\"type\":\"requestMethodMatch\",\"value\":[\"GET\",\"CONNECT\",\"TRACE\",\"PUT\",\"POST\",\"OPTIONS\",\"DELETE\",\"HEAD\"]},{\"positiveMatch\":true,\"type\":\"pathMatch\",\"value\":[\"/H\",\"/Li\",\"/He\"]},{\"positiveMatch\":true,\"type\":\"extensionMatch\",\"value\":[\"Li\",\"He\",\"H\"],\"valueCase\":true,\"valueWildcard\":true},{\"positiveMatch\":true,\"type\":\"filenameMatch\",\"value\":[\"He\",\"H\",\"Li\"],\"valueCase\":false,\"valueWildcard\":false},{\"positiveMatch\":true,\"type\":\"requestProtocolVersionMatch\",\"value\":\"HTTP/0.9\"},{\"name\":[\"H\",\"He\"],\"nameWildcard\":true,\"positiveMatch\":true,\"type\":\"requestHeaderMatch\",\"value\":[\"Li\",\"He\",\"H\"],\"valueCase\":true,\"valueWildcard\":true},{\"name\":[\"He\"],\"nameWildcard\":true,\"positiveMatch\":true,\"type\":\"requestHeaderMatch\",\"value\":[\"C\",\"Be\",\"B\"],\"valueCase\":true,\"valueWildcard\":true},{\"positiveMatch\":true,\"type\":\"headerOrderMatch\",\"value\":\"H:He\"},{\"name\":\"H\",\"nameCase\":true,\"nameWildcard\":true,\"positiveMatch\":true,\"type\":\"cookieMatch\",\"value\":[\"H\",\"He\",\"Li\"],\"valueCase\":true,\"valueWildcard\":true},{\"name\":\"Be\",\"nameCase\":true,\"nameWildcard\":true,\"positiveMatch\":true,\"type\":\"cookieMatch\",\"value\":[\"O\",\"N\",\"C\"],\"valueCase\":true,\"valueWildcard\":true},{\"name\":\"C\",\"nameCase\":true,\"nameWildcard\":true,\"positiveMatch\":true,\"type\":\"uriQueryMatch\",\"value\":[\"Carbon\",\"C\"],\"valueCase\":true,\"valueWildcard\":true},{\"name\":\"N\",\"nameCase\":false,\"nameWildcard\":false,\"positiveMatch\":true,\"type\":\"uriQueryMatch\",\"value\":[\"Nitrogen\",\"N\"],\"valueCase\":false,\"valueWildcard\":false},{\"name\":\"H\",\"positiveMatch\":true,\"type\":\"argsPostMatch\",\"value\":[\"H\",\"Hydrogen\"]},{\"name\":\"He\",\"positiveMatch\":true,\"type\":\"argsPostMatch\",\"value\":[\"He\",\"Helium\"]},{\"positiveMatch\":true,\"type\":\"argsPostNamesMatch\",\"value\":[\"Carbon\",\"Oxygen\",\"Nitrogen\",\"Chlorine\"]},{\"positiveMatch\":true,\"type\":\"clientCertPresentMatch\"},{\"positiveMatch\":false,\"type\":\"clientCertValidMatch\"},{\"positiveMatch\":true,\"type\":\"clientTlsFingerprintMatch\",\"value\":[\"aebbfa8e53e8661f\"]},{\"positiveMatch\":true,\"type\":\"hostMatch\",\"value\":[\"example.com\",\"*.Nitrogen.gb\"]},{\"positiveMatch\":false,\"type\":\"asNumberMatch\",\"useXForwardForHeaders\":true,\"value\":[\"2145697538\"]},{\"positiveMatch\":false,\"type\":\"geoMatch\",\"useXForwardForHeaders\":true,\"value\":[\"AD\"]},{\"positiveMatch\":false,\"type\":\"ipAddressMatch\",\"useXForwardForHeaders\":true,\"value\":[\"81.477.377.57\"]},{\"positiveMatch\":true,\"type\":\"clientListMatch\",\"useXForwardForHeaders\":true,\"value\":[\"86744_AZURETLS\",\"83629_40KHG\"]}],\"description\":\"Can I create all conditions?\",\"effectiveTimePeriod\":{\"endDate\":\"2021-11-02T01:00:00.000Z\",\"startDate\":\"2021-08-05T01:00:00.000Z\",\"status\":\"expired\"},\"id\":661699,\"loggingOptions\":[{\"id\":\"CLIENT_TLS_FINGERPRINT_MATCH\"}],\"name\":\"Fat Rule\",\"operation\":\"AND\",\"samplingRate\":10,\"stagingOnly\":true,\"structured\":true,\"tag\":[\"test\"],\"version\":1}\n\n@endpoint DELETE /configs/{configId}/custom-rules/{ruleId}\n@desc Remove a custom rule\n@returns(204) Custom rule successfully deleted.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). Custom rule used and cannot be deleted.}\n\n@endpoint GET /configs/{configId}/failover-hostnames\n@desc List failover hostnames\n@returns(200) {hostnameList: [map], mode: str} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint POST /configs/{configId}/notification/subscription/{feature}\n@desc Subscribe or unsubscribe to recommendation emails\n@required {action: str(subscribe/unsubscribe) # Use `subscribe` to add user emails to the subscription. Use `unsubscribe` to remove them from the subscription., emails: [str] # The user emails to add to or remove from subscription.}\n@returns(204) Subscribed/Unsubscribed successfully.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Incorrect client input. See the `fieldErrors` and other fields provided in the response for more information., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). Access denied. Make sure you have correct permissions., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n@example_request {\"action\":\"subscribe\",\"emails\":[\"subscriber1@email.example.com\",\"subscriber2@email.example.com\",\"subscriber3@email.example.com\"]}\n\n@endpoint GET /configs/{configId}/notification/subscription/{feature}\n@desc List subscribers\n@returns(200) {emails: [str]} # Successfully returns list of subscribers.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). Access denied. Make sure you have correct permissions., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint POST /configs/{configId}/versions\n@desc Clone a configuration version\n@required {createFromVersion: int # The configuration version to clone from., ruleUpdate: bool # Specifies whether the application rules should be migrated to the latest version.}\n@returns(200) {basedOn: int, configId: int, configName: str, createDate: str, createdBy: str, production: map{action: str, status: str, time: str}, staging: map{action: str, status: str, time: str}, version: int, versionNotes: str} # Successfully cloned Configuration Version.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed., 412: [Precondition failed](https://techdocs.akamai.com/application-security/reference/412).}\n@example_request {\"createFromVersion\":1,\"ruleUpdate\":false}\n\n@endpoint GET /configs/{configId}/versions\n@desc List configuration versions\n@optional {page: int=1 # The index of the result page. If the value is `-1`, then pagination is ignored.  The default value is `1`., pageSize: int=25 # The number of items on each result page. The default value is `25`., detail: bool=false # When `true`, the results contain detailed information on versions. With the default `false`, the results contain summary information on versions.}\n@returns(200) {configId: int, configName: str, lastCreatedVersion: int, page: int, pageSize: int, productionActiveVersion: int, productionExpediteRequestId: int, stagingActiveVersion: int, stagingExpediteRequestId: int, totalSize: int, versionList: [map]} # Successfully retrieved resource.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint POST /configs/{configId}/versions/diff\n@desc Compare two versions\n@required {from: int # The configuration version number to compare against., to: int # The configuration version number you're comparing to the version in `from`.}\n@optional {outcomes: [str]=MODIFIED # Show either `MODIFIED` or `UNMODIFIED` data, or both. When empty, only `MODIFIED` values are returned.}\n@returns(200) The response object represents much the same data as the [Export a configuration version](https://techdocs.akamai.com/application-security/reference/get-export-config-version) operation, but substituting additional objects that represent diffs. The structure of these diffs vary when comparing different types of data: simple values, simple arrays, objects, and object arrays.  For details on the diff format, see [Diff configuration versions](https://techdocs.akamai.com/application-security/reference/diff-configuration-versions).\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n@example_request {\"from\":1,\"outcomes\":[\"MODIFIED\",\"UNMODIFIED\"],\"to\":2}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}\n@desc Get configuration version details\n@returns(200) {basedOn: int, configId: int, configName: str, createDate: str, createdBy: str, production: map{action: str, status: str, time: str}, staging: map{action: str, status: str, time: str}, version: int, versionNotes: str} # Successfully retrieved resource.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint DELETE /configs/{configId}/versions/{versionNumber}\n@desc Delete a configuration version\n@returns(204) Successfully deleted the configuration version.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/advanced-settings/cookie-settings\n@desc Get cookie settings\n@returns(200) {cookieDomain: str, useAllSecureTraffic: bool} # Successfully retrieved the cookie settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/advanced-settings/cookie-settings\n@desc Modify cookie settings\n@optional {cookieDomain: str(automatic/fqdn/legacy/psl) # Choose the type of domain. The default recommended type is `automatic`. Otherwise, choose `fqdn` to use the current Fully Qualified Domain name, `legacy` to use the original way in which the domain was selected, or `psl` to use the public suffix list to identify a private domain., useAllSecureTraffic: bool # If all of your traffic uses HTTPS, specify `true`. This option sets the Secure flag on all security product cookies, which are then only included with HTTPS traffic. It also adds `SameSite=None` to most bot management cookies, ensuring that recent browser versions submit the cookies with protected requests. The `SameSite=None` cookie setting is necessary for site architectures that involve cross-domain form submission or inclusion of cross-domain iframes.}\n@returns(200) {cookieDomain: str, useAllSecureTraffic: bool} # The response shows the updated cookie settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"cookieDomain\":\"automatic\",\"useAllSecureTraffic\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/advanced-settings/evasive-path-match\n@desc Get evasive path match settings for a configuration\n@returns(200) {enablePathMatch: bool} # Successfully retrieved the evasive path match settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/advanced-settings/evasive-path-match\n@desc Modify evasive path match settings for a configuration\n@required {enablePathMatch: bool # When enabled, evaluates requests with the following list of characters removed ` & ! $ ' ( ) + , [ ] * @ ^ \\ \"` and `.` only when it appears as a trailing character at the end of the URL.}\n@returns(200) {enablePathMatch: bool} # Successfully updated the evasive path match settings:.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"enablePathMatch\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/advanced-settings/logging\n@desc Get the HTTP header log settings for a configuration\n@returns(200) {allowSampling: bool, cookies: map{type: str, values: [str]}, customHeaders: map{type: str, values: [str]}, standardHeaders: map{type: str, values: [str]}} # Successfully retrieved the HTTP Header Logging settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/advanced-settings/logging\n@desc Modify HTTP header log settings for a configuration\n@required {allowSampling: bool # Whether to enable HTTP Header logging.}\n@optional {cookies: map{type!: str, values: [str]} # Settings for cookie headers., customHeaders: map{type!: str, values: [str]} # Settings for custom headers., standardHeaders: map{type!: str, values: [str]} # Settings for standard headers.}\n@returns(200) {allowSampling: bool, cookies: map{type: str, values: [str]}, customHeaders: map{type: str, values: [str]}, standardHeaders: map{type: str, values: [str]}} # Successfully updated the HTTP Header Logging settings:.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"allowSampling\":true,\"cookies\":{\"type\":\"all\"},\"customHeaders\":{\"type\":\"exclude\",\"values\":[\"csdasdad\"]},\"standardHeaders\":{\"type\":\"only\",\"values\":[\"Accept\"]}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/advanced-settings/logging/attack-payload\n@desc Get the attack payload log settings for a configuration\n@returns(200) {enabled: bool, requestBody: map{type: str}, responseBody: map{type: str}} # Successfully retrieved the attack payload logging settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/advanced-settings/logging/attack-payload\n@desc Modify attack payload log settings for a configuration\n@required {enabled: bool # Whether attack payload logging is enabled., requestBody: map{type!: str} # Settings for request body., responseBody: map{type!: str} # Settings for response body.}\n@returns(200) {enabled: bool, requestBody: map{type: str}, responseBody: map{type: str}} # Successfully updated the attack payload logging settings:.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"enabled\":true,\"requestBody\":{\"type\":\"ATTACK_PAYLOAD\"},\"responseBody\":{\"type\":\"NONE\"}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/advanced-settings/pii-learning\n@desc Get PII learning settings for a configuration\n@returns(200) {enablePiiLearning: bool} # Successfully retrieved the PII learning settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/advanced-settings/pii-learning\n@desc Enable PII learning settings for a configuration\n@required {enablePiiLearning: bool # Enables PII learning.}\n@returns(200) {enablePiiLearning: bool} # Successfully updated the PII learning settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"enablePiiLearning\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/advanced-settings/pragma-header\n@desc Get Pragma settings for a configuration\n@returns(200) {action: str, conditionOperator: str, excludeCondition: [map]} # Successfully retrieved the Pragma header settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/advanced-settings/pragma-header\n@desc Modify Pragma settings for a configuration\n@required {action: str # The action to perform when a user passes a `Pragma` header. The only action currently supported is `REMOVE`.}\n@optional {conditionOperator: str(OR/AND) # Use `OR` to match any condition, or `AND` to match on all conditions., excludeCondition: [map{header: str, name: str, positiveMatch!: bool, type!: str, useHeaders: bool, value!: [str], valueCase: bool, valueWildcard: bool}] # The conditions to exclude from the default `remove` action. Any condition you set in this object appears in the `Pragma` header debug response object.}\n@returns(200) {action: str, conditionOperator: str, excludeCondition: [map]} # Successfully updated the Pragma header settings:.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"REMOVE\",\"conditionOperator\":\"AND\",\"excludeCondition\":[{\"header\":\"accept\",\"positiveMatch\":true,\"type\":\"requestHeaderValueMatch\",\"value\":[\"application/json\",\"application/xml\"],\"valueCase\":true,\"valueWildcard\":true},{\"positiveMatch\":true,\"type\":\"ipMatch\",\"useHeaders\":false,\"value\":[\"192.0.2.1\",\"192.0.2.250/24\"]},{\"positiveMatch\":true,\"type\":\"networkList\",\"value\":[\"123_3ALLOWEDIPS\"]},{\"name\":\"type\",\"positiveMatch\":true,\"type\":\"queryParamNameValueMatch\",\"value\":[\"type A\",\"type B\"],\"valueCase\":true,\"valueWildcard\":false}]}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/advanced-settings/prefetch\n@desc Get prefetch requests\n@returns(200) {allExtensions: bool, enableAppLayer: bool, enableRateControls: bool, extensions: [str]} # Successfully retrieved the Prefetch Request settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/advanced-settings/prefetch\n@desc Modify prefetch requests\n@optional {allExtensions: bool # Whether to enable prefetch requests for all extensions., enableAppLayer: bool # Whether to enable Prefetch Requests., enableRateControls: bool # Whether to enable Prefetch Requests for rate controls., extensions: [str] # List of extensions.}\n@returns(200) {allExtensions: bool, enableAppLayer: bool, enableRateControls: bool, extensions: [str]} # Successfully updated the prefetch request settings:.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"allExtensions\":false,\"enableAppLayer\":true,\"enableRateControls\":false,\"extensions\":[\"cgi\",\"jsp\",\"EMPTY_STRING\",\"aspx\",\"py\",\"php\",\"asp\"]}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/advanced-settings/request-body\n@desc Get request body size settings for a configuration\n@returns(200) {requestBodyInspectionLimitInKB: str} # Successfully retrieved the request body inspection limit settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/advanced-settings/request-body\n@desc Modify request body inspection limit settings for a configuration\n@optional {requestBodyInspectionLimitInKB: str(8/16/32/default) # Request body size in KB, either `8`, `16`, or `32` as string-formatted integers, or `default` to use Akamai's best practice value.}\n@returns(200) {requestBodyInspectionLimitInKB: str} # Successfully updated the request body inspection limit settings:.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"requestBodySizeInKB\":16}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/bypass-network-lists\n@desc Get bypass network lists settings\n@returns(200) {networkLists: [map]} # Successfully retrieved the bypass network lists settings.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/bypass-network-lists\n@desc Modify the bypass network lists settings\n@required {networkLists: [str] # Contains a list of network list IDs.}\n@returns(200) {networkLists: [str]} # Successfully updated the IP/Geo Firewall settings.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource.}\n@example_request {\"networkLists\":[\"1304427_AAXXBBLIST\",\"888518_ACDDCKERS\"]}\n\n@endpoint POST /configs/{configId}/versions/{versionNumber}/custom-deny\n@desc Create a custom deny action\n@required {name: str # The name you assigned to the custom deny action., parameters: [map{displayName: str, name!: str, value!: str}] # Describes the custom deny parameters.}\n@optional {description: str # Describes the custom deny action., id: str # __Read-only__ Uniquely identifies the custom deny action.}\n@returns(201) {description: str, id: str, name: str, parameters: [map]} # Successfully created a custom deny action.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to custom deny actions in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n@example_request {\"description\":\"test description\",\"name\":\"new custom deny\",\"parameters\":[{\"displayName\":\"Prevent browser caching\",\"name\":\"prevent_browser_cache\",\"value\":\"true\"},{\"displayName\":\"Response body content\",\"name\":\"response_body_content\",\"value\":\"json desc\"},{\"displayName\":\"Response content type\",\"name\":\"response_content_type\",\"value\":\"application/xml\"},{\"displayName\":\"Response status code\",\"name\":\"response_status_code\",\"value\":\"403\"}]}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/custom-deny\n@desc List custom deny actions\n@optional {search: str # Filter results by name, description, or ID. You can match on substrings.}\n@returns(200) {ratePolicies: [map]} # Successfully returned custom deny actions.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to custom deny actions in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version not found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/custom-deny/{customDenyId}\n@desc Get a custom deny action\n@returns(200) {description: str, id: str, name: str, parameters: [map]} # Successfully returned custom deny action.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to custom deny action in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or custom deny action wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/custom-deny/{customDenyId}\n@desc Modify a custom deny action\n@required {name: str # The name you assigned to the custom deny action., parameters: [map{displayName: str, name!: str, value!: str}] # Describes the custom deny parameters.}\n@optional {description: str # Describes the custom deny action., id: str # __Read-only__ Uniquely identifies the custom deny action.}\n@returns(200) {description: str, id: str, name: str, parameters: [map]} # Successfully updated custom deny action.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to custom deny action in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or custom deny action wasn't found.}\n@example_request {\"description\":\"test description\",\"id\":622919,\"name\":\"new custom deny\",\"parameters\":[{\"displayName\":\"Prevent browser caching\",\"name\":\"prevent_browser_cache\",\"value\":\"true\"},{\"displayName\":\"Response body content\",\"name\":\"response_body_content\",\"value\":\"json desc\"},{\"displayName\":\"Response content type\",\"name\":\"response_content_type\",\"value\":\"application/xml\"},{\"displayName\":\"Response status code\",\"name\":\"response_status_code\",\"value\":\"403\"}]}\n\n@endpoint DELETE /configs/{configId}/versions/{versionNumber}/custom-deny/{customDenyId}\n@desc Remove a custom deny action\n@returns(204) Successfully deleted the custom deny action.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to custom deny action in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or custom deny action wasn't found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/hostname-coverage/match-targets\n@desc Get the hostname coverage match targets\n@optional {hostname: str # Get results by hostname.}\n@returns(200) {matchTargets: map{apiTargets: [map], websiteTargets: [map]}} # Successfully retrieved the hostname coverage match targets.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/hostname-coverage/overlapping\n@desc List hostname overlaps\n@optional {hostname: str # Get results by hostname.}\n@returns(200) {overLappingList: [map]} # Successfully retrieved the hostname's overlapping version information.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint POST /configs/{configId}/versions/{versionNumber}/malware-policies\n@desc Create a malware policy\n@required {hostnames: [str] # The hostnames to match. This is where you want the malware detections to focus., name: str # The name you assign to a malware policy., paths: [str] # The paths to match. You can use the `?` and `*` wildcards anywhere in a path.}\n@optional {allowListId: str # The ID of a client list containing file hashes of specific files to allow., blockListId: str # The ID of a client list containing file hashes of specific files to block., contentTypes: [map{encodedContentAttributes: [map], name!: str}] # The content types and encodings to match., description: str # Descriptive text you provide about a policy., id: int # __Read-only__ Uniquely identifies each malware policy., logFilename: bool=false # Whether to log the name of the file that triggered an `alert` or `deny` action.}\n@returns(201) {allowListId: str, blockListId: str, contentTypes: [map], description: str, hostnames: [str], id: int, logFilename: bool, name: str, paths: [str]} # Successfully created a malware policy.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to malware policies in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n@example_request {\"allowListId\":\"523719_ALLOWLIST\",\"blockListId\":\"524002_BLOCKLIST\",\"contentTypes\":[{\"encodedContentAttributes\":[{\"encoding\":[\"base64\"],\"path\":\"image.imagePath\"}],\"name\":\"application/json\"}],\"description\":\"Malware scan configuration details\",\"hostnames\":[\"abc.com\",\"def.com\",\"xyz.com\"],\"logFilename\":true,\"name\":\"FMS Configuration22\",\"paths\":[\"/base-path\",\"/b\"]}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/malware-policies\n@desc List malware policies\n@returns(200) {malwarePolicies: [map]} # Successfully returned the malware policies.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the malware policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The security configuration version wasn't found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/malware-policies/content-types\n@desc List supported malware policy content types\n@returns(200) {malwareContentTypes: [str]} # Successfully returned the malware policies.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the malware policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The security configuration version wasn't found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/malware-policies/{malwarePolicyId}\n@desc Get a malware policy\n@returns(200) {allowListId: str, blockListId: str, contentTypes: [map], description: str, hostnames: [str], id: int, logFilename: bool, name: str, paths: [str]} # Successfully returned the malware policy.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to this malware policy., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The security configuration version or malware policy wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/malware-policies/{malwarePolicyId}\n@desc Modify a malware policy\n@required {hostnames: [str] # The hostnames to match. This is where you want the malware detections to focus., name: str # The name you assign to a malware policy., paths: [str] # The paths to match. You can use the `?` and `*` wildcards anywhere in a path.}\n@optional {allowListId: str # The ID of a client list containing file hashes of specific files to allow., blockListId: str # The ID of a client list containing file hashes of specific files to block., contentTypes: [map{encodedContentAttributes: [map], name!: str}] # The content types and encodings to match., description: str # Descriptive text you provide about a policy., id: int # __Read-only__ Uniquely identifies each malware policy., logFilename: bool=false # Whether to log the name of the file that triggered an `alert` or `deny` action.}\n@returns(200) {allowListId: str, blockListId: str, contentTypes: [map], description: str, hostnames: [str], id: int, logFilename: bool, name: str, paths: [str]} # Successfully updated the malware policy.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to this malware policy., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The security configuration version or malware policy wasn't found.}\n@example_request {\"allowListId\":\"523719_ALLOWLIST\",\"blockListId\":\"524002_BLOCKLIST\",\"contentTypes\":[{\"encodedContentAttributes\":[{\"encoding\":[\"base64\"],\"path\":\"image.imagePath\"}],\"name\":\"application/json\"}],\"description\":\"Malware scan configuration details\",\"hostnames\":[\"abc.com\",\"def.com\",\"xyz.com\"],\"logFilename\":true,\"name\":\"FMS Configuration\",\"paths\":[\"/base-path\",\"/b\"]}\n\n@endpoint DELETE /configs/{configId}/versions/{versionNumber}/malware-policies/{malwarePolicyId}\n@desc Remove a malware policy\n@returns(204) Successfully deleted the malware policy.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to this malware policy., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The security configuration version or malware policy wasn't found.}\n\n@endpoint POST /configs/{configId}/versions/{versionNumber}/match-targets\n@desc Create a match target\n@required {securityPolicy: map{policyId!: str} # The security policy associated with the match target., type: str(website/api) # Describes the type of match target, either `website` or `api`.}\n@optional {apis: [map{id!: int, name: str}] # Contains a list of objects containing an API endpoint ID and name. This field applies only to API match targets., bypassNetworkLists: [map{id!: str, name: str}] # The list of network list identifiers and names., configId: int # Uniquely identifies the security configuration., configVersion: int # The version of security configuration., defaultFile: str(NO_MATCH/BASE_MATCH/RECURSIVE_MATCH)=NO_MATCH # Describes the rule to match on paths. Either `NO_MATCH` to not match on the default file, `BASE_MATCH` to match only requests for top-level hostnames ending in a trailing slash, or `RECURSIVE_MATCH` to match all requests for paths that end in a trailing slash., effectiveSecurityControls: map{applyApiConstraints!: bool, applyApplicationLayerControls!: bool, applyBotmanControls!: bool, applyNetworkLayerControls!: bool, applyRateControls!: bool, applyReputationControls!: bool, applySlowPostControls!: bool} # __Read-only__ Defines the security controls to apply. For a security control to be effectively turned on, it has to be enabled in both the match target and the security policy., fileExtensions: [str] # Contains a list of file extensions., filePaths: [str] # Contains a list of file paths., hostnames: [str] # Contains a list of hostnames to protect., isNegativeFileExtensionMatch: bool # Describes whether the match target applies when a match is found in the specified `fileExtensions` or when a match isn't found., isNegativePathMatch: bool # Describes whether the match target applies when a match is found in the specified paths or when a match isn't found., sequence: int # The position in the sequence of match targets., targetId: int # Uniquely identifies the match target., validations: map{errors!: [map], notices!: [map], warnings!: [map]} # __Read-only__ Describes warnings, errors, or notices determined by a validation of this resource.}\n@returns(201) {apis: [map], bypassNetworkLists: [map], configId: int, configVersion: int, defaultFile: str, effectiveSecurityControls: map{applyApiConstraints: bool, applyApplicationLayerControls: bool, applyBotmanControls: bool, applyNetworkLayerControls: bool, applyRateControls: bool, applyReputationControls: bool, applySlowPostControls: bool}, fileExtensions: [str], filePaths: [str], hostnames: [str], isNegativeFileExtensionMatch: bool, isNegativePathMatch: bool, securityPolicy: map{policyId: str}, sequence: int, targetId: int, type: str, validations: map{errors: [map], notices: [map], warnings: [map]}} # Successfully created a  match target.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to match targets in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n@example_request {\"bypassNetworkLists\":[{\"id\":\"888518_ACDDCKERS\"},{\"id\":\"1304427_AAXXBBLIST\"}],\"defaultFile\":\"NO_MATCH\",\"fileExtensions\":[\"wmls\",\"jpeg\",\"pws\",\"carb\",\"pdf\",\"js\",\"hdml\",\"cct\",\"swf\",\"pct\"],\"filePaths\":[\"/sssi/*\",\"/cache/aaabbc*\",\"/price_toy/*\"],\"hostnames\":[\"example.com\",\"www.example.net\",\"m.example.com\"],\"isNegativeFileExtensionMatch\":true,\"isNegativePathMatch\":false,\"securityPolicy\":{\"policyId\":\"fwsf_32432\"},\"type\":\"website\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/match-targets\n@desc List match targets\n@optional {policyId: str # Specifies the security policy to filter match targets., includeChildObjectName: bool=true # Specify whether to return the object name in the payload, true` by default.}\n@returns(200) {matchTargets: map{apiTargets: [map], websiteTargets: [map]}} # Successfully returned match targets.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to match targets in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/match-targets/sequence\n@desc Modify match target order\n@required {targetSequence: [map{sequence!: int, targetId!: int}] # Contains the ID and sequence of a match target., type: str(WEBSITE/API) # Describes the type of match target, either `WEBSITE` or `API`.}\n@returns(200) {targetSequence: [map], type: str} # Successfully updated match target sequence.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to match targets in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n@example_request {\"targetSequence\":[{\"sequence\":1,\"targetId\":1217289},{\"sequence\":2,\"targetId\":1217339}],\"type\":\"website\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/match-targets/{targetId}\n@desc Get a match target\n@optional {includeChildObjectName: bool=true # Specify whether to return the object name in the payload, true` by default.}\n@returns(200) {apis: [map], bypassNetworkLists: [map], configId: int, configVersion: int, defaultFile: str, effectiveSecurityControls: map{applyApiConstraints: bool, applyApplicationLayerControls: bool, applyBotmanControls: bool, applyNetworkLayerControls: bool, applyRateControls: bool, applyReputationControls: bool, applySlowPostControls: bool}, fileExtensions: [str], filePaths: [str], hostnames: [str], isNegativeFileExtensionMatch: bool, isNegativePathMatch: bool, securityPolicy: map{policyId: str}, sequence: int, targetId: int, type: str, validations: map{errors: [map], notices: [map], warnings: [map]}} # Successfully returned match target.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to match targets in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or match target wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/match-targets/{targetId}\n@desc Modify a match target\n@required {securityPolicy: map{policyId!: str} # The security policy associated with the match target., type: str(website/api) # Describes the type of match target, either `website` or `api`.}\n@optional {apis: [map{id!: int, name: str}] # Contains a list of objects containing an API endpoint ID and name. This field applies only to API match targets., bypassNetworkLists: [map{id!: str, name: str}] # The list of network list identifiers and names., configId: int # Uniquely identifies the security configuration., configVersion: int # The version of security configuration., defaultFile: str(NO_MATCH/BASE_MATCH/RECURSIVE_MATCH)=NO_MATCH # Describes the rule to match on paths. Either `NO_MATCH` to not match on the default file, `BASE_MATCH` to match only requests for top-level hostnames ending in a trailing slash, or `RECURSIVE_MATCH` to match all requests for paths that end in a trailing slash., effectiveSecurityControls: map{applyApiConstraints!: bool, applyApplicationLayerControls!: bool, applyBotmanControls!: bool, applyNetworkLayerControls!: bool, applyRateControls!: bool, applyReputationControls!: bool, applySlowPostControls!: bool} # __Read-only__ Defines the security controls to apply. For a security control to be effectively turned on, it has to be enabled in both the match target and the security policy., fileExtensions: [str] # Contains a list of file extensions., filePaths: [str] # Contains a list of file paths., hostnames: [str] # Contains a list of hostnames to protect., isNegativeFileExtensionMatch: bool # Describes whether the match target applies when a match is found in the specified `fileExtensions` or when a match isn't found., isNegativePathMatch: bool # Describes whether the match target applies when a match is found in the specified paths or when a match isn't found., sequence: int # The position in the sequence of match targets., targetId: int # Uniquely identifies the match target., validations: map{errors!: [map], notices!: [map], warnings!: [map]} # __Read-only__ Describes warnings, errors, or notices determined by a validation of this resource.}\n@returns(200) {apis: [map], bypassNetworkLists: [map], configId: int, configVersion: int, defaultFile: str, effectiveSecurityControls: map{applyApiConstraints: bool, applyApplicationLayerControls: bool, applyBotmanControls: bool, applyNetworkLayerControls: bool, applyRateControls: bool, applyReputationControls: bool, applySlowPostControls: bool}, fileExtensions: [str], filePaths: [str], hostnames: [str], isNegativeFileExtensionMatch: bool, isNegativePathMatch: bool, securityPolicy: map{policyId: str}, sequence: int, targetId: int, type: str, validations: map{errors: [map], notices: [map], warnings: [map]}} # Successfully updated match target.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to match targets in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or match target wasn't found.}\n@example_request {\"bypassNetworkLists\":[{\"id\":\"888518_ACDDCKERS\"},{\"id\":\"1304427_AAXXBBLIST\"}],\"defaultFile\":\"NO_MATCH\",\"fileExtensions\":[\"wmls\",\"jpeg\",\"pws\",\"carb\",\"pdf\",\"js\",\"hdml\",\"cct\",\"swf\",\"pct\"],\"filePaths\":[\"/sssi/*\",\"/cache/aaabbc*\",\"/price_toy/*\"],\"hostnames\":[\"example.com\",\"www.example.net\",\"m.example.com\"],\"isNegativeFileExtensionMatch\":true,\"isNegativePathMatch\":false,\"securityPolicy\":{\"policyId\":\"fwsf_32432\"},\"targetId\":112231,\"type\":\"website\"}\n\n@endpoint DELETE /configs/{configId}/versions/{versionNumber}/match-targets/{targetId}\n@desc Remove a match target\n@returns(204) Successfully deleted the match target.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to match targets in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or match target wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/protect-eval-hostnames\n@desc Protect evaluation hostnames\n@required {hostnames: [str] # Contains a list of hostnames.}\n@optional {mode: str(append/remove/replace) # The type of update you want to make to the evaluation hostname list. You can `append` additional hostnames, `remove` hostnames from the list, or `replace` the existing list with the hostnames you pass in your request.}\n@returns(200) {hostnames: [str], mode: str} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource.}\n@example_request {\"hostnames\":[\"*.example.net\",\"example.com\",\"m.example.com\"],\"mode\":\"append\"}\n\n@endpoint POST /configs/{configId}/versions/{versionNumber}/rate-policies\n@desc Create a rate policy\n@required {averageThreshold: int # The allowed hits per second during any two-minute interval., burstThreshold: int # The allowed hits per second during any five-second interval., clientIdentifier: str(api-key/ip-useragent/ip/cookie:value) # The client identifier you want to use to identify and track request senders. The value is required only for WAF type, and `api-key` is supported only for API match criteria. Using `ip-useragent` is typically more specific than using `ip` alone when trying to identify a client. Tracking by `cookie:value` applies to requests per individual session, even if the IP address changes., matchType: str(path/api) # The match type in a rate policy. Either `path` to match website paths or `api` to match API paths., name: str # The name you assign to a rate policy., pathMatchType: str(AllRequests/TopLevel/Custom) # The type of paths to match in incoming requests. Either `AllRequests` to match an empty path or any path that ends in a trailing slash (`/`), `TopLevel` to match top-level hostnames only, or `Custom` to match a specific path or path component. This applies only when the corresponding `matchType` member is `path`., requestType: str(ClientRequest/ClientResponse/ForwardResponse/ForwardRequest) # The type of requests to count towards the rate policy's thresholds. Either `ClientRequest` to count client requests to edge servers, `ClientResponse` to count edge responses to the client, `ForwardResponse` to count origin responses to the client, or `ForwardRequest` to count edge requests to your origin., sameActionOnIpv6: bool # Whether to apply the same action to the IPv6 traffic as to the IPv4 traffic., type: str(WAF/BOTMAN) # The rate policy type. Either `WAF` for Web Application Firewall, or `BOTMAN` for Bot Manager.}\n@optional {additionalMatchOptions: [map{positiveMatch!: bool, type!: str, values!: [str]}] # The list of additional match conditions., apiSelectors: [map{apiDefinitionId!: int, definedResources: bool, resourceIds: [int], undefinedResources: bool}] # The API endpoints to match in incoming requests. This only applies to the `api` `matchType`., bodyParameters: [map{name!: str, positiveMatch!: bool, valueInRange: bool, values!: [str]}] # The list of body parameters to match on., burstWindow: int # The time span for the `burstThreshold` interval. For existing rate policies, analyze your traffic in Alert mode before you reduce the measure window from 5 seconds. [Learn more about thresholds here](https://techdocs.akamai.com/kona-site-defender/docs/rate-thresholds)., condition: map{atomicConditions: [any], positiveMatch: bool} # Contains information about the criteria that trigger the rate policy., counterType: str(per_edge/region_aggregated)=per_edge # The rate policy counter type. Either `per_edge` for rate limiting to work per edge node, or `region_aggregated` for rate limiting to work using aggregated rate accounting across multiple edge nodes., createDate: str(date-time) # __Read-only__ The time stamp when you created the rate policy., description: str # Descriptive text you provide about a policy., evaluation: map{averageThreshold!: int, burstThreshold!: int, burstWindow: int, counterType: str, endDate: str(date-time), evaluationId: int, evaluationStatus: str, startDate: str(date-time), version: int} # Contains details about rate policy evaluation., fileExtensions: map{positiveMatch!: bool, values!: [str]} # Contains the file extension match criteria., hostnames: [str] # __Deprecated__. The hostnames to match. This array member is deprecated. Use the `hosts` object instead., hosts: map{positiveMatch!: bool, values!: [str]} # The hostnames to match, and whether to trigger on a match or absence of match., id: int # __Read-only__ Uniquely identifies each rate policy., path: map{positiveMatch!: bool, values!: [str]} # Contains details about the path match criteria., pathUriPositiveMatch: bool # Whether the condition should trigger on a match (`true`) or a lack of match (`false`)., queryParameters: [map{name!: str, positiveMatch!: bool, valueInRange: bool, values!: [str]}] # The list of query parameter objects to match on., updateDate: str(date-time) # __Read-only__ The ISO 8601 timestamp when you last updated the rate policy., useXForwardForHeaders: bool # Whether to check the contents of the `X-Forwarded-For` header in incoming requests., used: bool # __Read-only__ Whether you're currently using the rate policy.}\n@returns(201) {additionalMatchOptions: [map], apiSelectors: [map], averageThreshold: int, bodyParameters: [map], burstThreshold: int, burstWindow: int, clientIdentifier: str, condition: map{atomicConditions: [any], positiveMatch: bool}, counterType: str, createDate: str(date-time), description: str, evaluation: map{averageThreshold: int, burstThreshold: int, burstWindow: int, counterType: str, endDate: str(date-time), evaluationId: int, evaluationStatus: str, startDate: str(date-time), version: int}, fileExtensions: map{positiveMatch: bool, values: [str]}, hostnames: [str], hosts: map{positiveMatch: bool, values: [str]}, id: int, matchType: str, name: str, path: map{positiveMatch: bool, values: [str]}, pathMatchType: str, pathUriPositiveMatch: bool, queryParameters: [map], requestType: str, sameActionOnIpv6: bool, type: str, updateDate: str(date-time), useXForwardForHeaders: bool, used: bool} # Successfully created a  rate policy.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to rate policies in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n@example_request {\"additionalMatchOptions\":[{\"positiveMatch\":true,\"type\":\"IpAddressCondition\",\"values\":[\"192.0.2.210\"]},{\"positiveMatch\":true,\"type\":\"RequestMethodCondition\",\"values\":[\"GET\"]}],\"averageThreshold\":5,\"burstThreshold\":10,\"burstWindow\":3,\"clientIdentifier\":\"ip\",\"condition\":{\"atomicConditions\":[{\"className\":\"TlsFingerprintCondition\",\"positiveMatch\":true,\"value\":[\"a797dc449ef113be\",\"ba51ec8d71259a5b3c92d8787370e2c3\"]},{\"className\":\"ClientReputationCondition\",\"name\":[\"DOSATCK\",\"WEBATCK\"],\"positiveMatch\":true,\"sharedIpHandling\":\"BOTH\",\"value\":3},{\"className\":\"RequestHeaderCondition\",\"name\":[\"Accept\",\"Content-Type\"],\"nameWildcard\":true,\"positiveMatch\":true,\"value\":[\"json\",\"xml\"],\"valueCase\":false,\"valueWildcard\":true}],\"positiveMatch\":true},\"counterType\":\"per_edge\",\"description\":\"AFW Test Extensions\",\"evaluation\":{\"averageThreshold\":5,\"burstThreshold\":8},\"fileExtensions\":{\"positiveMatch\":false,\"values\":[\"3g2\",\"3gp\",\"aif\",\"aiff\",\"au\",\"avi\",\"bin\",\"bmp\",\"cab\"]},\"hosts\":{\"positiveMatch\":false,\"values\":[\"www.myexamplehostname.org\"]},\"matchType\":\"path\",\"name\":\"Test_Paths 2\",\"path\":{\"positiveMatch\":true,\"values\":[\"/login/\",\"/path/\"]},\"pathMatchType\":\"Custom\",\"pathUriPositiveMatch\":true,\"queryParameters\":[{\"name\":\"productId\",\"positiveMatch\":true,\"valueInRange\":false,\"values\":[\"BUB_12\",\"SUSH_11\"]}],\"requestType\":\"ClientRequest\",\"sameActionOnIpv6\":false,\"type\":\"WAF\",\"useXForwardForHeaders\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/rate-policies\n@desc List rate policies\n@returns(200) {ratePolicies: [map]} # Successfully returned rate policies.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to rate policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/rate-policies/{ratePolicyId}\n@desc Get a rate policy\n@returns(200) {additionalMatchOptions: [map], apiSelectors: [map], averageThreshold: int, bodyParameters: [map], burstThreshold: int, burstWindow: int, clientIdentifier: str, condition: map{atomicConditions: [any], positiveMatch: bool}, counterType: str, createDate: str(date-time), description: str, evaluation: map{averageThreshold: int, burstThreshold: int, burstWindow: int, counterType: str, endDate: str(date-time), evaluationId: int, evaluationStatus: str, startDate: str(date-time), version: int}, fileExtensions: map{positiveMatch: bool, values: [str]}, hostnames: [str], hosts: map{positiveMatch: bool, values: [str]}, id: int, matchType: str, name: str, path: map{positiveMatch: bool, values: [str]}, pathMatchType: str, pathUriPositiveMatch: bool, queryParameters: [map], requestType: str, sameActionOnIpv6: bool, type: str, updateDate: str(date-time), useXForwardForHeaders: bool, used: bool} # Successfully returned rate policy.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to rate policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or rate policy wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/rate-policies/{ratePolicyId}\n@desc Modify a rate policy\n@required {averageThreshold: int # The allowed hits per second during any two-minute interval., burstThreshold: int # The allowed hits per second during any five-second interval., clientIdentifier: str(api-key/ip-useragent/ip/cookie:value) # The client identifier you want to use to identify and track request senders. The value is required only for WAF type, and `api-key` is supported only for API match criteria. Using `ip-useragent` is typically more specific than using `ip` alone when trying to identify a client. Tracking by `cookie:value` applies to requests per individual session, even if the IP address changes., matchType: str(path/api) # The match type in a rate policy. Either `path` to match website paths or `api` to match API paths., name: str # The name you assign to a rate policy., pathMatchType: str(AllRequests/TopLevel/Custom) # The type of paths to match in incoming requests. Either `AllRequests` to match an empty path or any path that ends in a trailing slash (`/`), `TopLevel` to match top-level hostnames only, or `Custom` to match a specific path or path component. This applies only when the corresponding `matchType` member is `path`., requestType: str(ClientRequest/ClientResponse/ForwardResponse/ForwardRequest) # The type of requests to count towards the rate policy's thresholds. Either `ClientRequest` to count client requests to edge servers, `ClientResponse` to count edge responses to the client, `ForwardResponse` to count origin responses to the client, or `ForwardRequest` to count edge requests to your origin., sameActionOnIpv6: bool # Whether to apply the same action to the IPv6 traffic as to the IPv4 traffic., type: str(WAF/BOTMAN) # The rate policy type. Either `WAF` for Web Application Firewall, or `BOTMAN` for Bot Manager.}\n@optional {additionalMatchOptions: [map{positiveMatch!: bool, type!: str, values!: [str]}] # The list of additional match conditions., apiSelectors: [map{apiDefinitionId!: int, definedResources: bool, resourceIds: [int], undefinedResources: bool}] # The API endpoints to match in incoming requests. This only applies to the `api` `matchType`., bodyParameters: [map{name!: str, positiveMatch!: bool, valueInRange: bool, values!: [str]}] # The list of body parameters to match on., burstWindow: int # The time span for the `burstThreshold` interval. For existing rate policies, analyze your traffic in Alert mode before you reduce the measure window from 5 seconds. [Learn more about thresholds here](https://techdocs.akamai.com/kona-site-defender/docs/rate-thresholds)., condition: map{atomicConditions: [any], positiveMatch: bool} # Contains information about the criteria that trigger the rate policy., counterType: str(per_edge/region_aggregated)=per_edge # The rate policy counter type. Either `per_edge` for rate limiting to work per edge node, or `region_aggregated` for rate limiting to work using aggregated rate accounting across multiple edge nodes., createDate: str(date-time) # __Read-only__ The time stamp when you created the rate policy., description: str # Descriptive text you provide about a policy., evaluation: map{averageThreshold!: int, burstThreshold!: int, burstWindow: int, counterType: str, endDate: str(date-time), evaluationId: int, evaluationStatus: str, startDate: str(date-time), version: int} # Contains details about rate policy evaluation., fileExtensions: map{positiveMatch!: bool, values!: [str]} # Contains the file extension match criteria., hostnames: [str] # __Deprecated__. The hostnames to match. This array member is deprecated. Use the `hosts` object instead., hosts: map{positiveMatch!: bool, values!: [str]} # The hostnames to match, and whether to trigger on a match or absence of match., id: int # __Read-only__ Uniquely identifies each rate policy., path: map{positiveMatch!: bool, values!: [str]} # Contains details about the path match criteria., pathUriPositiveMatch: bool # Whether the condition should trigger on a match (`true`) or a lack of match (`false`)., queryParameters: [map{name!: str, positiveMatch!: bool, valueInRange: bool, values!: [str]}] # The list of query parameter objects to match on., updateDate: str(date-time) # __Read-only__ The ISO 8601 timestamp when you last updated the rate policy., useXForwardForHeaders: bool # Whether to check the contents of the `X-Forwarded-For` header in incoming requests., used: bool # __Read-only__ Whether you're currently using the rate policy.}\n@returns(200) {additionalMatchOptions: [map], apiSelectors: [map], averageThreshold: int, bodyParameters: [map], burstThreshold: int, burstWindow: int, clientIdentifier: str, condition: map{atomicConditions: [any], positiveMatch: bool}, counterType: str, createDate: str(date-time), description: str, evaluation: map{averageThreshold: int, burstThreshold: int, burstWindow: int, counterType: str, endDate: str(date-time), evaluationId: int, evaluationStatus: str, startDate: str(date-time), version: int}, fileExtensions: map{positiveMatch: bool, values: [str]}, hostnames: [str], hosts: map{positiveMatch: bool, values: [str]}, id: int, matchType: str, name: str, path: map{positiveMatch: bool, values: [str]}, pathMatchType: str, pathUriPositiveMatch: bool, queryParameters: [map], requestType: str, sameActionOnIpv6: bool, type: str, updateDate: str(date-time), useXForwardForHeaders: bool, used: bool} # Successfully updated rate policy.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to rate policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or rate policy wasn't found.}\n@example_request {\"additionalMatchOptions\":[{\"positiveMatch\":true,\"type\":\"IpAddressCondition\",\"values\":[\"192.0.2.232\"]},{\"positiveMatch\":true,\"type\":\"RequestMethodCondition\",\"values\":[\"GET\"]}],\"averageThreshold\":5,\"burstThreshold\":10,\"burstWindow\":3,\"clientIdentifier\":\"ip\",\"condition\":{\"atomicConditions\":[{\"className\":\"TlsFingerprintCondition\",\"positiveMatch\":true,\"value\":[\"a797dc449ef113be\",\"ba51ec8d71259a5b3c92d8787370e2c3\"]},{\"className\":\"ClientReputationCondition\",\"name\":[\"DOSATCK\",\"WEBATCK\"],\"positiveMatch\":true,\"sharedIpHandling\":\"BOTH\",\"value\":3},{\"className\":\"RequestHeaderCondition\",\"name\":[\"Accept\",\"Content-Type\"],\"nameWildcard\":true,\"positiveMatch\":true,\"value\":[\"json\",\"xml\"],\"valueCase\":false,\"valueWildcard\":true}],\"positiveMatch\":true},\"counterType\":\"per_edge\",\"description\":\"AFW Test Extensions\",\"evaluation\":{\"averageThreshold\":5,\"burstThreshold\":8},\"fileExtensions\":{\"positiveMatch\":false,\"values\":[\"3g2\",\"3gp\",\"aif\",\"aiff\",\"au\",\"avi\",\"bin\",\"bmp\",\"cab\"]},\"hosts\":{\"positiveMatch\":false,\"values\":[\"www.myexamplehostname.org\"]},\"id\":2234,\"matchType\":\"path\",\"name\":\"Test_Paths 2\",\"path\":{\"positiveMatch\":true,\"values\":[\"/login/\",\"/path/\"]},\"pathMatchType\":\"Custom\",\"pathUriPositiveMatch\":true,\"queryParameters\":[{\"name\":\"productId\",\"positiveMatch\":true,\"valueInRange\":false,\"values\":[\"BUB_12\",\"SUSH_11\"]}],\"requestType\":\"ClientRequest\",\"sameActionOnIpv6\":false,\"type\":\"WAF\",\"useXForwardForHeaders\":true}\n\n@endpoint DELETE /configs/{configId}/versions/{versionNumber}/rate-policies/{ratePolicyId}\n@desc Remove a rate policy\n@returns(204) Successfully deleted the rate policy.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to rate policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or rate policy wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/rate-policies/{ratePolicyId}/evaluation\n@desc Modify a rate policy evaluation\n@required {action: str(APPLY/DISCARD) # Specifies the action to perform on a rate policy evaluation, either `APPLY` or `DISCARD`.}\n@returns(200) {additionalMatchOptions: [map], apiSelectors: [map], averageThreshold: int, bodyParameters: [map], burstThreshold: int, burstWindow: int, clientIdentifier: str, condition: map{atomicConditions: [any], positiveMatch: bool}, counterType: str, createDate: str(date-time), description: str, evaluation: map{averageThreshold: int, burstThreshold: int, burstWindow: int, counterType: str, endDate: str(date-time), evaluationId: int, evaluationStatus: str, startDate: str(date-time), version: int}, fileExtensions: map{positiveMatch: bool, values: [str]}, hostnames: [str], hosts: map{positiveMatch: bool, values: [str]}, id: int, matchType: str, name: str, path: map{positiveMatch: bool, values: [str]}, pathMatchType: str, pathUriPositiveMatch: bool, queryParameters: [map], requestType: str, sameActionOnIpv6: bool, type: str, updateDate: str(date-time), useXForwardForHeaders: bool, used: bool} # Successfully apply or discard rate policy evalutation.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to rate policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or rate policy wasn't found.}\n@example_request {\"action\":\"APPLY\"}\n\n@endpoint POST /configs/{configId}/versions/{versionNumber}/reputation-profiles\n@desc Create a reputation profile\n@required {context: str(WEBSCRP/DOSATCK/WEBATCK/SCANTL) # Identifies the reputation category. Web scrapers (`WEBSCRP`) crawl sites and collect data like hotel rates, product prices, store locations, and more. DoS attackers (`DOSATCK`) are web clients or botnets that use automated tools to launch volumetric Denial of Service (DoS) attacks. Web attackers (`WEBATCK`) target websites and web apps with techniques like SQL injection, remote file inclusion, or cross-site scripting. Scanning tools (`SCANTL`) probe web apps for vulnerabilities during an attack's reconnaissance phase., name: str # The name you assigned to the reputation profile., sharedIpHandling: str(NON_SHARED/SHARED_ONLY/BOTH) # Identifies the IP sharing. Either `NON_SHARED`, `SHARED_ONLY`, `BOTH`., threshold: num # The threshold when the profile to triggers.}\n@optional {condition: map{atomicConditions: [map], positiveMatch: bool} # Contains information about the criteria that trigger the reputation profile., contextReadable: str # __Read-only__ Describes the reputation category., description: str # Describes the reputation profile., enabled: bool # __Read-only__ Whether you enabled the reputation profile., id: int # __Read-only__ Uniquely identifies the reputation profile.}\n@returns(201) {condition: map{atomicConditions: [map], positiveMatch: bool}, context: str, contextReadable: str, description: str, enabled: bool, id: int, name: str, sharedIpHandling: str, threshold: num} # Successfully created a  reputation profile.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to reputation profiles in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n@example_request {\"condition\":{\"atomicConditions\":[{\"className\":\"AsNumberCondition\",\"positiveMatch\":true,\"value\":[\"1\"]},{\"className\":\"RequestCookieCondition\",\"name\":\"x-header\",\"nameCase\":true,\"nameWildcard\":true,\"positiveMatch\":true,\"valueWildcard\":true},{\"className\":\"HostCondition\",\"host\":[\"*.com\"],\"positiveMatch\":true,\"valueWildcard\":true}],\"positiveMatch\":true},\"context\":\"WEBATCK\",\"description\":\"Reputation profile description\",\"name\":\"Web Attack Rep Profile\",\"sharedIpHandling\":\"NON_SHARED\",\"threshold\":5}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/reputation-profiles\n@desc List reputation profiles\n@returns(200) {reputationProfiles: [map]} # Successfully returned reputation profiles.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to reputation profile in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/reputation-profiles/{reputationProfileId}\n@desc Get a reputation profile\n@returns(200) {condition: map{atomicConditions: [map], positiveMatch: bool}, context: str, contextReadable: str, description: str, enabled: bool, id: int, name: str, sharedIpHandling: str, threshold: num} # Successfully returned reputation profile.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to reputation profile in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or reputation profile wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/reputation-profiles/{reputationProfileId}\n@desc Modify a reputation profile\n@required {context: str(WEBSCRP/DOSATCK/WEBATCK/SCANTL) # Identifies the reputation category. Web scrapers (`WEBSCRP`) crawl sites and collect data like hotel rates, product prices, store locations, and more. DoS attackers (`DOSATCK`) are web clients or botnets that use automated tools to launch volumetric Denial of Service (DoS) attacks. Web attackers (`WEBATCK`) target websites and web apps with techniques like SQL injection, remote file inclusion, or cross-site scripting. Scanning tools (`SCANTL`) probe web apps for vulnerabilities during an attack's reconnaissance phase., name: str # The name you assigned to the reputation profile., sharedIpHandling: str(NON_SHARED/SHARED_ONLY/BOTH) # Identifies the IP sharing. Either `NON_SHARED`, `SHARED_ONLY`, `BOTH`., threshold: num # The threshold when the profile to triggers.}\n@optional {condition: map{atomicConditions: [map], positiveMatch: bool} # Contains information about the criteria that trigger the reputation profile., contextReadable: str # __Read-only__ Describes the reputation category., description: str # Describes the reputation profile., enabled: bool # __Read-only__ Whether you enabled the reputation profile., id: int # __Read-only__ Uniquely identifies the reputation profile.}\n@returns(200) {condition: map{atomicConditions: [map], positiveMatch: bool}, context: str, contextReadable: str, description: str, enabled: bool, id: int, name: str, sharedIpHandling: str, threshold: num} # Successfully updated reputation profile.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to reputation profile in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or reputation profile wasn't found.}\n@example_request {\"condition\":{\"atomicConditions\":[{\"checkIps\":\"connecting\",\"className\":\"AsNumberCondition\",\"index\":1,\"positiveMatch\":true,\"value\":[\"1\"]},{\"className\":\"RequestCookieCondition\",\"index\":2,\"name\":\"x-header\",\"nameCase\":true,\"nameWildcard\":true,\"positiveMatch\":true,\"valueCase\":false,\"valueWildcard\":true},{\"className\":\"HostCondition\",\"host\":[\"example.com\"],\"index\":3,\"positiveMatch\":true,\"valueWildcard\":true}],\"positiveMatch\":true},\"context\":\"WEBATCK\",\"description\":\"Reputation profile description\",\"enabled\":false,\"id\":2509987,\"name\":\"Web Attack Rep Profile\",\"sharedIpHandling\":\"NON_SHARED\",\"threshold\":5}\n\n@endpoint DELETE /configs/{configId}/versions/{versionNumber}/reputation-profiles/{reputationProfileId}\n@desc Remove a reputation profile\n@returns(204) Successfully deleted the reputation profile.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to reputation profile in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or reputation profile wasn't found.}\n\n@endpoint POST /configs/{configId}/versions/{versionNumber}/security-policies\n@desc Clone or create a security policy\n@optional {createFromSecurityPolicy: str # The unique identifier (`policyId`) of the source policy to create the new policy from., defaultSettings: str # The default settings on the policy, `true` by default., policyName: str # The name of the security policy. If not provided, the system generates a name automatically with the pattern  `clone from `., policyPrefix: str # The four-character alphanumeric string prefix for the `policyId`. If not provided, the prefix is autogenerated., source: str # The source for the new the policy. If not provided, the source is blank. Other values are 'default' or the source security policy ID.}\n@returns(201) {configId: int, hasRatePolicyWithApiKey: bool, policyId: str, policyName: str, policySecurityControls: map{applyApiConstraints: bool, applyApplicationLayerControls: bool, applyBotmanControls: bool, applyNetworkLayerControls: bool, applyRateControls: bool, applyReputationControls: bool, applySlowPostControls: bool}, version: int} # Successfully created security policy.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"createFromSecurityPolicy\":\"1_35752\",\"policyName\":\"Open Cloned IV 2\",\"policyPrefix\":\"bt17\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies\n@desc List security policies\n@optional {notMatched: bool # If `true`, returns all security policies in the configuration version that don't have a match target.  If `false`, returns all security policies in the configuration version., detail: bool=false # When `true`, the results contain detailed information on versions. With the default `false`, the results contain summary information on versions.}\n@returns(200) {configId: int, policies: [map], version: int} # Successfully returned resource.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}\n@desc Get a security policy\n@returns(200) {configId: int, hasRatePolicyWithApiKey: bool, policyId: str, policyName: str, policySecurityControls: map{applyApiConstraints: bool, applyApplicationLayerControls: bool, applyBotmanControls: bool, applyNetworkLayerControls: bool, applyRateControls: bool, applyReputationControls: bool, applySlowPostControls: bool}, version: int} # Successfully returned security policy.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to security policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or security policy wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}\n@desc Modify a security policy\n@returns(200) {policyName: str} # Successfully updated security policy name.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to security policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or security policy action wasn't found.}\n@example_request {\"policyName\":\"updated policy name\"}\n\n@endpoint DELETE /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}\n@desc Remove a security policy\n@returns(204) Successfully deleted the security policy.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to security policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or security policy wasn't found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/advanced-settings/evasive-path-match\n@desc Get evasive path match settings\n@returns(200) {enablePathMatch: bool} # Successfully retrieved the evasive path match settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/advanced-settings/evasive-path-match\n@desc Modify evasive path match settings\n@required {enablePathMatch: bool # When enabled, evaluates requests with the following list of characters removed ` & ! $ ' ( ) + , [ ] * @ ^ \\ \"` and `.` only when it appears as a trailing character at the end of the URL.}\n@returns(200) {enablePathMatch: bool} # Successfully updated the evasive path match setting.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"enablePathMatch\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/advanced-settings/logging\n@desc Get HTTP header log settings\n@returns(200) {allowSampling: bool, cookies: map{type: str, values: [str]}, customHeaders: map{type: str, values: [str]}, override: bool, standardHeaders: map{type: str, values: [str]}} # Successfully retrieved the policy HTTP Header Logging settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/advanced-settings/logging\n@desc Modify HTTP header log settings\n@required {override: bool # When enabled, your security configuration won't log any header data for security events triggered by settings in the security configuration.}\n@optional {allowSampling: bool # Whether you enabled the header data sampling., cookies: map{type!: str, values: [str]} # When enabled, filter requests whose headers you log by cookie., customHeaders: map{type!: str, values: [str]} # When enabled, filter requests you log by custom headers you specify., standardHeaders: map{type!: str, values: [str]} # When enabled, filter requests you log by standard headers you specify.}\n@returns(200) {allowSampling: bool, cookies: map{type: str, values: [str]}, customHeaders: map{type: str, values: [str]}, override: bool, standardHeaders: map{type: str, values: [str]}} # Successfully updated the policy HTTP Header Logging settings:.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"allowSampling\":true,\"cookies\":{\"type\":\"all\"},\"customHeaders\":{\"type\":\"exclude\",\"values\":[\"csdasdad\"]},\"override\":true,\"standardHeaders\":{\"type\":\"only\",\"values\":[\"Accept\"]}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/advanced-settings/logging/attack-payload\n@desc Get attack payload logging settings for a policy\n@returns(200) {enabled: bool, override: bool, requestBody: map{type: str}, responseBody: map{type: str}} # Successfully retrieved the policy attack payload logging settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/advanced-settings/logging/attack-payload\n@desc Modify attack payload logging settings for a policy\n@required {enabled: bool # When enabled, log attack payloads in requests and responses., override: bool # When `true`, use the security policy's attack payload logging settings instead of the settings at the configuration level. Note that when `type` is `NONE`, the request body and response body show as redacted in the log. For example, `JSON_PAIRS:redacted`., requestBody: map{type!: str} # The settings for how Akamai's network logs attack payloads in request bodies., responseBody: map{type!: str} # The settings for how Akamai's network logs attack payloads in response bodies.}\n@returns(200) {enabled: bool, override: bool, requestBody: map{type: str}, responseBody: map{type: str}} # Successfully updated the policy attack payload logging settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"enabled\":true,\"override\":true,\"requestBody\":{\"type\":\"ATTACK_PAYLOAD\"},\"responseBody\":{\"type\":\"NONE\"}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/advanced-settings/pragma-header\n@desc Get Pragma settings for a security policy\n@returns(200) {action: str, conditionOperator: str, excludeCondition: [map]} # Successfully retrieved the Pragma Header settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/advanced-settings/pragma-header\n@desc Modify Pragma settings for a security policy\n@required {action: str # The action to perform when a user passes a `Pragma` header. The only action currently supported is `REMOVE`.}\n@optional {conditionOperator: str(OR/AND) # Use `OR` to match any condition, or `AND` to match on all conditions., excludeCondition: [map{header: str, name: str, positiveMatch!: bool, type!: str, useHeaders: bool, value!: [str], valueCase: bool, valueWildcard: bool}] # The conditions to exclude from the default `remove` action. Any condition you set in this object appears in the `Pragma` header debug response object.}\n@returns(200) {action: str, conditionOperator: str, excludeCondition: [map]} # Successfully updated the Pragma header settings:.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"REMOVE\",\"conditionOperator\":\"AND\",\"excludeCondition\":[{\"header\":\"accept\",\"positiveMatch\":true,\"type\":\"requestHeaderValueMatch\",\"value\":[\"application/json\",\"application/xml\"],\"valueCase\":true,\"valueWildcard\":true},{\"positiveMatch\":true,\"type\":\"ipMatch\",\"useHeaders\":false,\"value\":[\"192.0.2.1\",\"192.0.2.250/24\"]},{\"positiveMatch\":true,\"type\":\"networkList\",\"value\":[\"123_3ALLOWEDIPS\"]},{\"name\":\"type\",\"positiveMatch\":true,\"type\":\"queryParamNameValueMatch\",\"value\":[\"type A\",\"type B\"],\"valueCase\":true,\"valueWildcard\":false}]}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/advanced-settings/request-body\n@desc Get request body inspection limit settings for a security policy\n@returns(200) {requestBodyInspectionLimitInKB: str} # Successfully retrieved the request body inspection limit settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/advanced-settings/request-body\n@desc Modify request body size settings for a security policy\n@optional {requestBodyInspectionLimitInKB: str(8/16/32/default) # Request body size in KB, either `8`, `16`, or `32` as string-formatted integers, or `default` to use Akamai's best practice value.}\n@returns(200) {requestBodyInspectionLimitInKB: str} # Successfully updated the request body inspection limit settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"requestBodySizeInKB\":16}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/api-endpoints\n@desc List API endpoints\n@returns(200) {apiEndpoints: [map]} # Successfully retrieved API endpoints.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/api-request-constraints\n@desc List API request constraints and actions\n@returns(200) {apiEndpoints: [map]} # Successfully retrieved API match target actions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/api-request-constraints\n@desc Modify the request constraint action for all APIs\n@required {action: str(alert/deny/none) # The action to assign to API request constraints, either `alert`, `deny`, or `none`. Use `deny_custom_{custom_deny_id}` to apply a custom action instead of Akamai's default. Run [Modify a custom deny action](https://techdocs.akamai.com/application-security/reference/put-custom-deny) to manage your custom deny actions. If the action is `none`, the rule is inactive in the policy.}\n@returns(200) {apiEndpoints: [map]} # Successfully updated the API Request Constraint action for all APIs covered by match target.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"alert\"}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/api-request-constraints/{apiId}\n@desc Modify an API request constraint's action\n@required {action: str(alert/deny/none) # The action to assign to API request constraints, either `alert`, `deny`, or `none`. Use `deny_custom_{custom_deny_id}` to apply a custom action instead of Akamai's default. Run [Modify a custom deny action](https://techdocs.akamai.com/application-security/reference/put-custom-deny) to manage your custom deny actions. If the action is `none`, the rule is inactive in the policy.}\n@returns(200) {action: str} # Successfully updated the API's action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"alert\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/attack-groups\n@desc List attack groups\n@returns(200) {attackGroupActions: [map]} # Successfully retrieved the attack group actions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/attack-groups/{attackGroupId}\n@desc Get the action for an attack group\n@returns(200) {action: str} # Successfully retrieved the attack group's actions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/attack-groups/{attackGroupId}\n@desc Modify the action for an attack group\n@required {action: str(alert/deny/none) # The attack group action, either `alert`, `deny`, or `none`.}\n@returns(200) {action: str} # Successfully updated the attack group's action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"alert\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/attack-groups/{attackGroupId}/condition-exception\n@desc Get the exceptions of an attack group\n@returns(200) {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]}, conditions: [map], exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map{name: str, selector: str, value: str}, specificHeaderCookieOrParamNames: map{names: [str], selector: str}, specificHeaderCookieOrParamPrefix: map{prefix: str, selector: str}, specificHeaderCookieParamXmlOrJsonNames: [map]}} # Successfully retrieved the attack group exceptions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/attack-groups/{attackGroupId}/condition-exception\n@desc Modify the exceptions of an attack group\n@optional {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]} # Describes the advanced exception members that allow you to conditionally exclude requests from inspection. This is only available for attack groups and when the advanced exception feature is enabled., conditions: [map{caseSensitive: bool, clientLists: [str], extensions: [str], filenames: [str], header: str, hosts: [str], ips: [str], methods: [str], name: str, nameCase: bool, paths: [str], positiveMatch!: bool, type!: str, useHeaders: bool, value: str, valueCase: bool, valueWildcard: bool, wildcard: bool}] # The conditions list for a rule., exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map, specificHeaderCookieOrParamNames: map, specificHeaderCookieOrParamPrefix: map, specificHeaderCookieParamXmlOrJsonNames: [map]} # Describes the exception members that allow you to conditionally exclude requests from inspection.}\n@returns(200) {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]}, conditions: [map], exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map{name: str, selector: str, value: str}, specificHeaderCookieOrParamNames: map{names: [str], selector: str}, specificHeaderCookieOrParamPrefix: map{prefix: str, selector: str}, specificHeaderCookieParamXmlOrJsonNames: [map]}} # Successfully updated the exceptions of an attack group.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"exception\":{\"specificHeaderCookieParamXmlOrJsonNames\":[{\"names\":[\"*\"],\"selector\":\"REQUEST_HEADERS_NAMES\",\"wildcard\":true},{\"names\":[\"header2\",\"header1\"],\"selector\":\"REQUEST_HEADERS\",\"wildcard\":false},{\"names\":[\"connect.sid\"],\"selector\":\"REQUEST_COOKIES_NAMES\",\"wildcard\":false},{\"names\":[\"cookie1\",\"cookie2\"],\"selector\":\"REQUEST_COOKIES\",\"wildcard\":true},{\"names\":[\"test*\"],\"selector\":\"ARGS_NAMES\",\"wildcard\":true},{\"names\":[\"param-name\"],\"selector\":\"ARGS\",\"wildcard\":true},{\"names\":[\"test*\"],\"selector\":\"JSON_NAMES\",\"wildcard\":true},{\"names\":[\"json1\"],\"selector\":\"JSON_PAIRS\",\"wildcard\":true},{\"selector\":\"REQUEST_PROTOCOL\",\"wildcard\":true},{\"selector\":\"REQUEST_METHOD\",\"wildcard\":true},{\"selector\":\"REQUEST_URI\",\"wildcard\":true},{\"selector\":\"QUERY_STRING\",\"wildcard\":true},{\"selector\":\"REQUEST_FILENAME\",\"wildcard\":true},{\"selector\":\"REQUEST_PATH_SEGMENT\",\"wildcard\":true},{\"selector\":\"REQUEST_BODY\",\"wildcard\":true},{\"selector\":\"REQBODY_PROCESSOR_ERROR\",\"wildcard\":true},{\"selector\":\"FILES_NAMES\",\"wildcard\":true}]}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/bypass-network-lists\n@desc Get the bypass network lists settings for a security policy\n@returns(200) {networkLists: [map]} # Successfully retrieved the bypass network lists settings.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/bypass-network-lists\n@desc Modify the bypass network lists settings for a security policy\n@required {networkLists: [str] # Contains a list of network list IDs.}\n@returns(200) {networkLists: [str]} # Successfully updated the IP/Geo Firewall settings.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource.}\n@example_request {\"networkLists\":[\"1304427_AAXXBBLIST\",\"888518_ACDDCKERS\"]}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/cpc\n@desc Get Client-Side Protection & Compliance settings\n@returns(200) {edgeInjection: map{autoLoadStaging: bool, clientSideProtectionConfigId: int, loadScriptAsync: bool}, edgeTestParameters: map{disableInjectionKey: str, disableInjectionValue: str, forceInjectionKey: str, forceInjectionValue: str}, injectionCriteria: map{injectionPathExcludes: str, injectionPathIncludes: str, injectionPercent: int, injectionPolicy: str}} # The response provides the Client-Side Protections & Compliance settings.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/cpc\n@desc Modify Client-Side Protections & Compliance settings\n@required {edgeInjection: map{autoLoadStaging!: bool, clientSideProtectionConfigId!: int, loadScriptAsync!: bool} # Specifies the Client-Side Protection & Compliance (CPC) configuration you want to apply, and which pages get monitored by CPC's JavaScript injection to flag suspicious activity. See [Client-Side Protection & Compliance](https://techdocs.akamai.com/client-side-protect-compliance/docs/client-side-protect-compliance-ov) for more information., edgeTestParameters: map{disableInjectionKey: str, disableInjectionValue: str, forceInjectionKey: str, forceInjectionValue: str} # Use these query string parameters to unit test an edge server's behavior. Entries here override the sampling percentage, ensuring or disabling JavaScript injection., injectionCriteria: map{injectionPathExcludes: str, injectionPathIncludes: str, injectionPercent!: int, injectionPolicy!: str} # Specifies the criteria for agent injection.}\n@returns(200) {edgeInjection: map{autoLoadStaging: bool, clientSideProtectionConfigId: int, loadScriptAsync: bool}, edgeTestParameters: map{disableInjectionKey: str, disableInjectionValue: str, forceInjectionKey: str, forceInjectionValue: str}, injectionCriteria: map{injectionPathExcludes: str, injectionPathIncludes: str, injectionPercent: int, injectionPolicy: str}} # The response reflects the updated CPC configuration.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n@example_request {\"edgeInjection\":{\"autoLoadStaging\":false,\"clientSideProtectionConfigId\":5965,\"cpcConfigId\":5965,\"loadScriptAsync\":false},\"edgeTestParameters\":{\"disableInjectionKey\":\"page-integrity\",\"disableInjectionValue\":\"disable-injection-1234_104690\",\"forceInjectionKey\":\"page-integrity\",\"forceInjectionValue\":\"force-injection-1234_104690\"},\"injectionCriteria\":{\"injectionPathExcludes\":\"\",\"injectionPathIncludes\":\"\",\"injectionPercent\":100,\"injectionPolicy\":\"late_head\"}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/custom-rules\n@desc List custom rule actions\n@returns(200) {customRules: [map]} # All the latest custom rules for this configuration.\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/custom-rules/{ruleId}\n@desc Modify a custom rule action\n@required {action: str(alert/deny/none) # Specifies the action that the rule should trigger. Either `alert`, `deny`, deny_custom_{custom_deny_id}, or `none`.  If the action is `none`, it isn't associated with the policy.}\n@returns(200) {action: str} # Updated action.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have edit permissions for this config., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The config doesn't exist or you don't have access to it.}\n@example_request {\"action\":\"alert\"}\n\n@endpoint POST /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval\n@desc Set evaluation mode\n@required {eval: str(START/STOP/RESTART/COMPLETE/UPDATE) # Set `eval` to `start`, `stop`, `restart`, `complete`, or `update` to manage the evaluation of new rules you want to test before you upgrade. If you set `eval` to `start`, `restart`, or `update`, the response object will have an `eval` value of `enabled`. The value is `disabled` for requests of `stop` or `complete`. For more information see [Set evaluation mode](https://techdocs.akamai.com/application-security/reference/post-policy-eval).}\n@optional {mode: str(ASE_AUTO/ASE_MANUAL) # Optionally lets you specify between two Adaptive Security Engine (ASE) rule set types. Use `ASE_AUTO` for automatic updates to the ASE evaluation rules, or `ASE_MANUAL` to manually retrieve current evaluation rules. When not specified, the mode uses default settings. For a KRS 1.0 policy, that means using the KRS 1.0 rule set.}\n@returns(201) {eval: str, mode: str} # Successfully set the evaluation action in the specified security policy.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n@example_request {\"eval\":\"START\",\"mode\":\"ASE_MANUAL\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-groups\n@desc List evaluation attack groups\n@returns(200) {attackGroupActions: [map]} # Successfully retrieved the evaluation attack group actions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-groups/{attackGroupId}\n@desc Get the action for an evaluation attack group\n@returns(200) {action: str} # Successfully retrieved the evaluation attack group's actions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-groups/{attackGroupId}\n@desc Modify the action for an evaluation attack group\n@required {action: str(alert/deny/none) # The attack group action, either `alert`, `deny`, or `none`.}\n@returns(200) {action: str} # Successfully updated the evaluation attack group's action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"alert\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-groups/{attackGroupId}/condition-exception\n@desc Get the exceptions of an evaluation attack group\n@returns(200) {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]}, conditions: [map], exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map{name: str, selector: str, value: str}, specificHeaderCookieOrParamNames: map{names: [str], selector: str}, specificHeaderCookieOrParamPrefix: map{prefix: str, selector: str}, specificHeaderCookieParamXmlOrJsonNames: [map]}} # Successfully retrieved the evaluation attack group exceptions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-groups/{attackGroupId}/condition-exception\n@desc Modify the exceptions of an evaluation attack group\n@optional {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]} # Describes the advanced exception members that allow you to conditionally exclude requests from inspection. This is only available for attack groups and when the advanced exception feature is enabled., conditions: [map{caseSensitive: bool, clientLists: [str], extensions: [str], filenames: [str], header: str, hosts: [str], ips: [str], methods: [str], name: str, nameCase: bool, paths: [str], positiveMatch!: bool, type!: str, useHeaders: bool, value: str, valueCase: bool, valueWildcard: bool, wildcard: bool}] # The conditions list for a rule., exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map, specificHeaderCookieOrParamNames: map, specificHeaderCookieOrParamPrefix: map, specificHeaderCookieParamXmlOrJsonNames: [map]} # Describes the exception members that allow you to conditionally exclude requests from inspection.}\n@returns(200) {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]}, conditions: [map], exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map{name: str, selector: str, value: str}, specificHeaderCookieOrParamNames: map{names: [str], selector: str}, specificHeaderCookieOrParamPrefix: map{prefix: str, selector: str}, specificHeaderCookieParamXmlOrJsonNames: [map]}} # Successfully updated the exceptions of an evaluation attack group.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"exception\":{\"specificHeaderCookieParamXmlOrJsonNames\":[{\"names\":[\"*\"],\"selector\":\"REQUEST_HEADERS_NAMES\",\"wildcard\":true},{\"names\":[\"header2\",\"header1\"],\"selector\":\"REQUEST_HEADERS\",\"wildcard\":false},{\"names\":[\"connect.sid\"],\"selector\":\"REQUEST_COOKIES_NAMES\",\"wildcard\":false},{\"names\":[\"cookie1\",\"cookie2\"],\"selector\":\"REQUEST_COOKIES\",\"wildcard\":true},{\"names\":[\"test*\"],\"selector\":\"ARGS_NAMES\",\"wildcard\":true},{\"names\":[\"param-name\"],\"selector\":\"ARGS\",\"wildcard\":true},{\"names\":[\"test*\"],\"selector\":\"JSON_NAMES\",\"wildcard\":true},{\"names\":[\"json1\"],\"selector\":\"JSON_PAIRS\",\"wildcard\":true},{\"selector\":\"REQUEST_PROTOCOL\",\"wildcard\":true},{\"selector\":\"REQUEST_METHOD\",\"wildcard\":true},{\"selector\":\"REQUEST_URI\",\"wildcard\":true},{\"selector\":\"QUERY_STRING\",\"wildcard\":true},{\"selector\":\"REQUEST_FILENAME\",\"wildcard\":true},{\"selector\":\"REQUEST_PATH_SEGMENT\",\"wildcard\":true},{\"selector\":\"REQUEST_BODY\",\"wildcard\":true},{\"selector\":\"REQBODY_PROCESSOR_ERROR\",\"wildcard\":true},{\"selector\":\"FILES_NAMES\",\"wildcard\":true}]}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-hostnames\n@desc List evaluation hostnames for a security policy\n@returns(200) {hostnames: [str], mode: str} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-hostnames\n@desc Modify evaluation hostnames for a security policy\n@required {hostnames: [str] # Contains a list of hostnames.}\n@optional {mode: str(append/remove/replace) # The type of update you want to make to the evaluation hostname list. You can `append` additional hostnames, `remove` hostnames from the list, or `replace` the existing list with the hostnames you pass in your request.}\n@returns(200) {hostnames: [str], mode: str} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource.}\n@example_request {\"hostnames\":[\"*.example.net\",\"example.com\",\"m.example.com\"],\"mode\":\"append\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-penalty-box\n@desc Get the penalty box for a policy in evaluation mode\n@returns(200) {action: any, penaltyBoxProtection: bool} # Successfully retrieved penalty box protection settings for a security policy in evaluation mode.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-penalty-box\n@desc Modify the evaluation penalty box\n@required {action: any, penaltyBoxProtection: bool # Specifies whether penalty box protection is enabled for the security policy. When set to `true` the `action` occurs if triggered by a request.}\n@returns(200) {action: any, penaltyBoxProtection: bool} # Successfully updated penalty box protection settings for a security policy in evaluation mode.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"alert\",\"penaltyBoxProtection\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-penalty-box/conditions\n@desc Get penalty box conditions in evaluation mode\n@returns(200) {conditionOperator: str, conditions: [map]} # Successfully retrieved penalty box conditions for the security policy in evaluation mode.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-penalty-box/conditions\n@desc Modify the penalty box conditions in evaluation mode\n@required {conditionOperator: str(AND/OR) # The logic to apply to a set of penalty box conditions: either `OR` to satisfy any condition, or `AND` to satisfy all conditions., conditions: [map{caseSensitive: bool, clientLists: [str], extensions: [str], filenames: [str], header: str, hosts: [str], ips: [str], methods: [str], name: str, nameCase: bool, paths: [str], positiveMatch!: bool, type!: str, useHeaders: bool, value: str, valueCase: bool, valueWildcard: bool, wildcard: bool}] # The conditions list for the penalty box.}\n@returns(200) {conditionOperator: str, conditions: [map]} # Successfully updated penalty box conditions for the security policy in evaluation mode.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"conditionOperator\":\"AND\",\"conditions\":[{\"filenames\":[\"hh\"],\"positiveMatch\":true,\"type\":\"filenameMatch\"},{\"clientLists\":[\"88331_TESTGEO1\"],\"positiveMatch\":true,\"type\":\"clientListMatch\",\"useHeaders\":true}]}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-rules\n@desc List evaluation rules\n@returns(200) {evalRuleActions: [map]} # Successfully retrieved the evaluation rule actions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-rules/{ruleId}\n@desc Get the action of an evaluation rule\n@returns(200) {action: str} # Successfully retrieved the evaluation rule's action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-rules/{ruleId}\n@desc Modify the action of an evaluation rule\n@required {action: str(alert/deny/none) # The rule's action, either `alert`, `deny`, or `none`. If the action is `none`, the rule is inactive in the policy.}\n@returns(200) {action: str} # Successfully updated the evaluation action of a rule.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"alert\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-rules/{ruleId}/condition-exception\n@desc Get the conditions and exceptions for an evaluation rule\n@returns(200) {conditions: [map], exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map{name: str, selector: str, value: str}, specificHeaderCookieOrParamNames: map{names: [str], selector: str}, specificHeaderCookieOrParamPrefix: map{prefix: str, selector: str}, specificHeaderCookieParamXmlOrJsonNames: [map]}} # Successfully retrieved the rule conditions and exceptions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/eval-rules/{ruleId}/condition-exception\n@desc Modify the conditions and exceptions for an evaluation rule\n@required {conditions: [map{caseSensitive: bool, clientLists: [str], extensions: [str], filenames: [str], header: str, hosts: [str], ips: [str], methods: [str], name: str, nameCase: bool, paths: [str], positiveMatch!: bool, type!: str, useHeaders: bool, value: str, valueCase: bool, valueWildcard: bool, wildcard: bool}] # The conditions list for a rule or attack group., exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map, specificHeaderCookieOrParamNames: map, specificHeaderCookieOrParamPrefix: map, specificHeaderCookieParamXmlOrJsonNames: [map]} # Describes the exception members that allow you to conditionally exclude requests from inspection.}\n@optional {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]} # Describes the advanced exception members that allow you to conditionally exclude requests from inspection. This is only available for attack groups and when the advanced exception feature is enabled.}\n@returns(200) {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]}, conditions: [map], exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map{name: str, selector: str, value: str}, specificHeaderCookieOrParamNames: map{names: [str], selector: str}, specificHeaderCookieOrParamPrefix: map{prefix: str, selector: str}, specificHeaderCookieParamXmlOrJsonNames: [map]}} # Successfully updated the conditions and exceptions of the rule.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"advancedExceptions\":{\"conditionOperator\":\"AND\",\"conditions\":[{\"extensions\":[\"test\"],\"positiveMatch\":true,\"type\":\"extensionMatch\"},{\"filenames\":[\"test2\"],\"positiveMatch\":true,\"type\":\"filenameMatch\"},{\"hosts\":[\"www.test.com\"],\"positiveMatch\":true,\"type\":\"hostMatch\"},{\"ips\":[\"192.0.2.34\"],\"positiveMatch\":true,\"type\":\"ipMatch\",\"useHeaders\":true},{\"caseSensitive\":true,\"name\":\"test3\",\"nameCase\":false,\"positiveMatch\":true,\"type\":\"uriQueryMatch\",\"value\":\"test4\",\"wildcard\":true},{\"header\":\"referer\",\"positiveMatch\":true,\"type\":\"requestHeaderMatch\",\"value\":\"test5\",\"valueCase\":false,\"valueWildcard\":false},{\"methods\":[\"GET\"],\"positiveMatch\":true,\"type\":\"requestMethodMatch\"},{\"paths\":[\"/test6\"],\"positiveMatch\":true,\"type\":\"pathMatch\"},{\"clientLists\":[\"77547_AGEOLIST\"],\"positiveMatch\":true,\"type\":\"clientListMatch\",\"useHeaders\":false}],\"headerCookieOrParamValues\":[{\"valueWildcard\":true,\"values\":[\"test\"]}],\"specificHeaderCookieOrParamNameValue\":[{\"namesValues\":[{\"names\":[\"Test\"],\"values\":[\"test\"]}],\"selector\":\"REQUEST_HEADERS\",\"valueWildcard\":true,\"wildcard\":true}],\"specificHeaderCookieOrParamNames\":[{\"names\":[\"test\"],\"selector\":\"REQUEST_HEADERS\"},{\"names\":[\"test\"],\"selector\":\"REQUEST_COOKIES\"},{\"names\":[\"test\"],\"selector\":\"ARGS\"},{\"names\":[\"test\"],\"selector\":\"JSON_PAIRS\"},{\"names\":[\"test\"],\"selector\":\"XML_PAIRS\"}]}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/ip-geo-firewall\n@desc Get IP/Geo Firewall settings\n@returns(200) {asnControls: map{allowedIPNetworkLists: map{networkList: [str]}, blockedIPNetworkLists: map{networkList: [str]}}, block: str, geoControls: map{blockedIPNetworkLists: map{networkList: [str]}}, ipControls: map{allowedIPNetworkLists: map{networkList: [str]}, blockedIPNetworkLists: map{networkList: [str]}}, ukraineGeoControl: map{ukraineGeoControl: map{action: str}}} # Successfully retrieved the IP/Geo firewall settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/ip-geo-firewall\n@desc Modify IP/Geo Firewall settings\n@required {block: str(blockSpecificIPGeo/blockAllTrafficExceptAllowedIPs) # The method by which you block or allow requests by IP or geographic location. In Control Center, this is called `mode`. Use `blockSpecificIPGeo` to block any IPs, subnets, geographies, or network lists you specify. Use `blockAllTrafficExceptAllowedIPs` to allow requests from IPs, subnets, geographies or networks lists in your `blockExceptions` maintained in [Network Lists API](https://techdocs.akamai.com/network-lists/reference/api).}\n@optional {asnControls: map{allowedIPNetworkLists: map, blockedIPNetworkLists: map} # The network lists you block or allow by AS number., geoControls: map{blockedIPNetworkLists: map} # The network lists you block geographically., ipControls: map{allowedIPNetworkLists: map, blockedIPNetworkLists: map} # The network lists you block or allow by IP., ukraineGeoControl: map{ukraineGeoControl: map} # The settings for requests to and from Ukraine.}\n@returns(200) {asnControls: map{allowedIPNetworkLists: map{networkList: [str]}, blockedIPNetworkLists: map{networkList: [str]}}, block: str, geoControls: map{blockedIPNetworkLists: map{networkList: [str]}}, ipControls: map{allowedIPNetworkLists: map{networkList: [str]}, blockedIPNetworkLists: map{networkList: [str]}}, ukraineGeoControl: map{ukraineGeoControl: map{action: str}}} # Successfully updated the IP/Geo Firewall settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"asnControls\":{\"allowedIPNetworkLists\":{\"networkList\":[\"9876_ASNTEST\"]},\"blockedIPNetworkLists\":{\"networkList\":[\"567321_TESTASNLIST\"]}},\"block\":\"blockSpecificIPGeo\",\"geoControls\":{\"blockedIPNetworkLists\":{\"networkList\":[\"72138_TEST1\"]}},\"ipControls\":{\"allowedIPNetworkLists\":{\"networkList\":[\"56921_TEST\"]},\"blockedIPNetworkLists\":{\"networkList\":[\"53712_TESTLIST123\"]}},\"ukraineGeoControl\":{\"action\":\"deny\"}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/malware-policies\n@desc List malware policy actions\n@returns(200) {malwarePolicyActions: [map]} # Successfully returned active malware policies.\n@errors {404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The security configuration version or policy wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/malware-policies/{malwarePolicyId}\n@desc Modify a malware policy action\n@required {action: str(alert/deny/none) # Specifies the action the malware policy triggers. Either `alert`, `deny`, or `none`. Use `deny_custom_{custom_deny_id}` to apply a custom action instead of Akamai's default. Run [Modify a custom deny action](https://techdocs.akamai.com/application-security/reference/put-custom-deny) to manage your custom deny actions.  If the action is `none`, it isn't associated with the policy., unscannedAction: str(alert/deny/none) # Specifies the action to take when the file is outside the 5 MB scan limit. Either `alert`, `deny`, or `none`. Use `deny_custom_{custom_deny_id}` to apply a custom action instead of Akamai's default. Run [Modify a custom deny action](https://techdocs.akamai.com/application-security/reference/put-custom-deny) to manage your custom deny actions.  When the `action` is `none`, it behaves as if you aren't using malware protections.}\n@returns(200) {action: str, unscannedAction: str} # Successfully updated the malware policy action.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to edit this configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The configuration either doesn't exist or you don't have access to it.}\n@example_request {\"action\":\"alert\",\"unscannedAction\":\"alert\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/mode\n@desc Get the current mode\n@returns(200) {current: str, eval: bool, evaluating: str, expires: str(date-time), mode: str} # Successfully retrieved the current mode.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/mode\n@desc Modify the mode\n@required {mode: str(KRS/AAG/ASE_AUTO/ASE_MANUAL) # The security policy rule update mode. Use `KRS` to update rules manually, or `AAG` to update rules automatically. For Adaptive Security Engine (ASE), use `ASE_AUTO` for automatic updates or `ASE_MANUAL` to manually get current rules. When switching from one mode to another, any rule actions you have migrate to the new mode. For example, your rule actions for `ASE_AUTO` become the rule actions for `ASE_MANUAL` when you switch from auto to manual modes, and vice versa. Rule actions for `ASE_AUTO` are currently in beta. Contact your account team to access this option.}\n@returns(200) {current: str, mode: str} # Successfully set the security policy mode.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"mode\":\"KRS\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/penalty-box\n@desc Get the penalty box\n@returns(200) {action: any, penaltyBoxProtection: bool} # Successfully retrieved penalty box protection for the security policy.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/penalty-box\n@desc Modify the penalty box\n@required {action: any, penaltyBoxProtection: bool # Specifies whether penalty box protection is enabled for the security policy. When set to `true` the `action` occurs if triggered by a request.}\n@returns(200) {action: any, penaltyBoxProtection: bool} # Successfully updated penalty box protection for security policy.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"alert\",\"penaltyBoxProtection\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/penalty-box/conditions\n@desc Get penalty box condition\n@returns(200) {conditionOperator: str, conditions: [map]} # Successfully retrieved penalty box conditions for the security policy.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/penalty-box/conditions\n@desc Modify the penalty box conditions\n@required {conditionOperator: str(AND/OR) # The logic to apply to a set of penalty box conditions: either `OR` to satisfy any condition, or `AND` to satisfy all conditions., conditions: [map{caseSensitive: bool, clientLists: [str], extensions: [str], filenames: [str], header: str, hosts: [str], ips: [str], methods: [str], name: str, nameCase: bool, paths: [str], positiveMatch!: bool, type!: str, useHeaders: bool, value: str, valueCase: bool, valueWildcard: bool, wildcard: bool}] # The conditions list for the penalty box.}\n@returns(200) {conditionOperator: str, conditions: [map]} # Successfully updated penalty box conditions for the security policy.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"conditionOperator\":\"AND\",\"conditions\":[{\"filenames\":[\"hh\"],\"positiveMatch\":true,\"type\":\"filenameMatch\"},{\"clientLists\":[\"88331_TESTGEO1\"],\"positiveMatch\":true,\"type\":\"clientListMatch\",\"useHeaders\":true}]}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/protect-eval-hostnames\n@desc Protect evaluation hostnames for a security policy\n@required {hostnames: [str] # Contains a list of hostnames.}\n@optional {mode: str(append/remove/replace) # The type of update you want to make to the evaluation hostname list. You can `append` additional hostnames, `remove` hostnames from the list, or `replace` the existing list with the hostnames you pass in your request.}\n@returns(200) {hostnames: [str], mode: str} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource.}\n@example_request {\"hostnames\":[\"*.example.net\",\"example.com\",\"m.example.com\"],\"mode\":\"append\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/protections\n@desc Get protections\n@returns(200) {applyApiConstraints: bool, applyApplicationLayerControls: bool, applyCpcControls: bool, applyMalwareControls: bool, applyNetworkLayerControls: bool, applyRateControls: bool, applyReputationControls: bool, applySlowPostControls: bool} # Successfully retrieved the security policy protections.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/protections\n@desc Modify protections\n@optional {applyApiConstraints: bool # When enabled, this protection responds to triggers with a specified action., applyApplicationLayerControls: bool # When enabled, your security policy applies the Web Application Firewall controls to your traffic., applyCpcControls: bool=false # When enabled, your security policy applies Client-Side Protection & Compliance controls to your match target., applyMalwareControls: bool # When enabled, your security policy applies file malware scanning controls to your traffic., applyNetworkLayerControls: bool # When enabled, your security policy applies the network layer control settings to your traffic., applyRateControls: bool # When enabled, your security policy applies the rate control settings to your traffic. Rate controls monitor and flag traffic too fast to be from a human., applyReputationControls: bool # When enabled, your security policy applies the reputation profile settings to your traffic. Reputation profile analyses IP addresses based on their prior interactions with Akamai customers, then alerts on or blocks potentially malicious IP addresses from issuing requests., applySlowPostControls: bool # When enabled, your security policy applies slow POST controls to your traffic.}\n@returns(200) {applyApiConstraints: bool, applyApplicationLayerControls: bool, applyCpcControls: bool, applyMalwareControls: bool, applyNetworkLayerControls: bool, applyRateControls: bool, applyReputationControls: bool, applySlowPostControls: bool} # Successfully updated the security policy protections.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"applyApiConstraints\":true,\"applyApplicationLayerControls\":true,\"applyMalwareControls\":true,\"applyNetworkLayerControls\":true,\"applyRateControls\":true,\"applyReputationControls\":true,\"applySlowPostControls\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rapid-rules\n@desc List rapid rules\n@returns(200) {policyRules: [map]} # Successfully retrieved rapid rules.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rapid-rules/action\n@desc Get rapid rules' default action\n@returns(200) {action: map} # Successfully retrieved rapid rules' default action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rapid-rules/action\n@desc Update rapid rules' default action\n@required {action: map # The list of rapid rule actions, either `alert`, `deny`, or `none`. Use `deny_custom_{custom_deny_id}` to apply a custom action instead of Akamai's default. Run [Modify a custom deny action](https://techdocs.akamai.com/application-security/reference/put-custom-deny) to manage your custom deny actions. If the action is `none`, the rule is inactive in the policy.}\n@returns(200) {action: map} # Successfully updated rapid rules' default action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"alert\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rapid-rules/status\n@desc Get rapid rules' status\n@returns(200) {enabled: bool} # Successfully retrieved rapid rules status.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rapid-rules/status\n@desc Update rapid rules' status\n@required {enabled: bool # Whether the rapid rule is active.}\n@returns(200) {enabled: bool} # Successfully enabled or disabled rapid rules.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"enabled\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rapid-rules/{ruleId}/condition-exception\n@desc List a rapid rule's conditions and exceptions\n@returns(200) {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]}, conditions: [map], exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map{name: str, selector: str, value: str}, specificHeaderCookieOrParamNames: map{names: [str], selector: str}, specificHeaderCookieOrParamPrefix: map{prefix: str, selector: str}, specificHeaderCookieParamXmlOrJsonNames: [map]}} # Successfully retrieved the rapid rule's condition and exceptions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rapid-rules/{ruleId}/condition-exception\n@desc Update a rapid rule's conditions and exceptions\n@optional {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]} # Describes the advanced exception members that allow you to conditionally exclude requests from inspection. This is only available for attack groups and when the advanced exception feature is enabled., conditions: [map{caseSensitive: bool, clientLists: [str], extensions: [str], filenames: [str], header: str, hosts: [str], ips: [str], methods: [str], name: str, nameCase: bool, paths: [str], positiveMatch!: bool, type!: str, useHeaders: bool, value: str, valueCase: bool, valueWildcard: bool, wildcard: bool}] # The conditions list for a rule., exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map, specificHeaderCookieOrParamNames: map, specificHeaderCookieOrParamPrefix: map, specificHeaderCookieParamXmlOrJsonNames: [map]} # Describes the exception members that allow you to conditionally exclude requests from inspection.}\n@returns(200) {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]}, conditions: [map], exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map{name: str, selector: str, value: str}, specificHeaderCookieOrParamNames: map{names: [str], selector: str}, specificHeaderCookieOrParamPrefix: map{prefix: str, selector: str}, specificHeaderCookieParamXmlOrJsonNames: [map]}} # Successfully updated the rapid rule condition exceptions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"advancedExceptions\":{\"conditionOperator\":\"AND\",\"conditions\":[{\"filenames\":[\"bakku\"],\"positiveMatch\":true,\"type\":\"filenameMatch\"},{\"ips\":[\"1.1.1.1/24\"],\"positiveMatch\":true,\"type\":\"ipMatch\",\"useHeaders\":false}],\"headerCookieOrParamValues\":[{\"valueWildcard\":false,\"values\":[\"baks\"]}],\"specificHeaderCookieOrParamNameValue\":[{\"namesValues\":[{\"names\":[\"b1\"],\"values\":[\"b1\"]}],\"selector\":\"REQUEST_COOKIES\",\"wildcard\":false}],\"specificHeaderCookieParamXmlOrJsonNames\":[{\"names\":[\"b1\",\"b2\"],\"selector\":\"REQUEST_COOKIES_NAMES\",\"wildcard\":true},{\"names\":[\"b1\",\"b2\"],\"selector\":\"REQUEST_COOKIES\",\"wildcard\":true}]}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rapid-rules/{ruleId}/lock\n@desc Get a rapid rule's lock status\n@returns(200) {enabled: bool} # Successfully retrieved the rapid rule lock status.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rapid-rules/{ruleId}/lock\n@desc Update a rapid rule's lock status\n@optional {enabled: bool # Whether you've locked the rapid rule's action. When locked, future versions of this rule continue to use the action you originally selected.}\n@returns(200) {enabled: bool} # Successfully updated the rapid rule's lock status.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"enabled\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rapid-rules/{ruleId}/versions/{ruleVersion}/action\n@desc Get a rapid rule's action\n@returns(200) {action: map, lock: bool} # Successfully retrieved the rapid rule's action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rapid-rules/{ruleId}/versions/{ruleVersion}/action\n@desc Update a rapid rule's action\n@required {action: map # The list of rapid rule actions, either `alert`, `deny`, or `none`. Use `deny_custom_{custom_deny_id}` to apply a custom action instead of Akamai's default. Run [Modify a custom deny action](https://techdocs.akamai.com/application-security/reference/put-custom-deny) to manage your custom deny actions. If the action is `none`, the rule is inactive in the policy.}\n@returns(200) {action: map, lock: bool} # Successfully updated the rapid rule's action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"alert\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rate-policies\n@desc List rate policy actions\n@returns(200) {ratePolicyActions: [map]} # All the used rate policies for this configuration.\n@errors {404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or policy wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rate-policies/{ratePolicyId}\n@desc Modify a rate policy action\n@required {ipv4Action: str # The IPv4 action to assign to this rate policy. For `BOTMAN` policies, choose `monitor`, `delay`, `slow`, `deny`,` tarpit`, `none`, or a custom action. For `WAF` policies, choose `alert`, `deny`, `challenge_{id}`, or `none`. Or use `deny_custom_{custom_deny_id}` to apply a custom action to your WAF rate policy. Run [Modify a custom deny action](https://techdocs.akamai.com/application-security/reference/put-custom-deny) to manage your custom deny actions. If the action is `none`, the rate policy is inactive in the policy. Refer to [Challenge actions](https://techdocs.akamai.com/bot-manager/reference/post-challenge-action) for `POST`, `GET`, `PUT`, and `DELETE` operation details., ipv6Action: str # The IPv6 action to assign to this rate policy. For `BOTMAN` policies, specify the same action you chose for `ipv4Action`. For `WAF` policies, choose `alert`, `deny`, `challenge_{id}`, or `none`. Or use `deny_custom_{custom_deny_id}` to apply a custom action to your WAF rate policy. Run [Modify a custom deny action](https://techdocs.akamai.com/application-security/reference/put-custom-deny) to manage your custom deny actions. If the action is `none`, the rate policy is inactive in the policy. Refer to [Challenge actions](https://techdocs.akamai.com/bot-manager/reference/post-challenge-action) for `POST`, `GET`, `PUT`, and `DELETE` operation details.}\n@returns(200) {ipv4Action: str, ipv6Action: str} # Updated action.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The config doesn't exist or you don't have access to it.}\n@example_request {\"ipv4Action\":\"alert\",\"ipv6Action\":\"alert\"}\n\n@endpoint POST /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/recommendations\n@desc Respond to exception recommendations\n@required {action: str(ACCEPT/DECLINE/RESET) # How you want to respond to the exception recommendation. Use `ACCEPT` to add the recommendation to your policy, rule, or attack group. Use `DECLINE` to reject the recommendation, or `RESET` to undo a previous `DECLINE` action., selectorId: int # The unique identifier for the selector referenced in the recommendation.}\n@optional {type: str(ACTIVE/EVALUATION/ALL)=ACTIVE # __Enum__ If `ACTIVE`, includes only active recommendations, the default. If `EVALUATION`, includes only evaluation recommendations. If `ALL`, includes both active and evaluation recommendations.}\n@returns(201) Successfully accepted, declined, or reset a recommendation selector.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"ACCEPT\",\"selectorId\":84220}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/recommendations\n@desc Get tuning recommendations for a policy\n@optional {type: str(ACTIVE/EVALUATION/ALL)=ACTIVE # __Enum__ If `ACTIVE`, includes only active recommendations, the default. If `EVALUATION`, includes only evaluation recommendations. If `ALL`, includes both active and evaluation recommendations.}\n@returns(200) {attackGroupRecommendations: [map], evaluationPeriodEnd: str, evaluationPeriodStart: str, ruleRecommendations: [map]} # Successfully returned the resource.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/recommendations/attack-groups/{attackGroupId}\n@desc List tuning recommendations for an attack group\n@optional {type: str(ACTIVE/EVALUATION/ALL)=ACTIVE # __Enum__ If `ACTIVE`, includes only active recommendations, the default. If `EVALUATION`, includes only evaluation recommendations. If `ALL`, includes both active and evaluation recommendations.}\n@returns(200) {declinedRecommendations: [map], group: str, recommendations: [map]} # Successfully returned recommendations.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to recommendations in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Recommendations not found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/recommendations/rules/{ruleId}\n@desc List tuning recommendations for a rule\n@optional {type: str(ACTIVE/EVALUATION/ALL)=ACTIVE # __Enum__ If `ACTIVE`, includes only active recommendations, the default. If `EVALUATION`, includes only evaluation recommendations. If `ALL`, includes both active and evaluation recommendations.}\n@returns(200) {declinedRecommendations: [map], id: int, recommendations: [map]} # Successfully returned recommendations.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to recommendations in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Recommendations not found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/reputation-analysis\n@desc Get reputation analysis settings\n@returns(200) {forwardSharedIPToHTTPHeaderAndSIEM: bool, forwardToHTTPHeader: bool} # Successfully retrieved the reputation analysis settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/reputation-analysis\n@desc Modify reputation analysis settings\n@optional {forwardSharedIPToHTTPHeaderAndSIEM: bool # Whether to enable the option to add value indicating that shared IPs are included in HTTP header and SIEM integration when used., forwardToHTTPHeader: bool # Whether to enable the option to add client reputation details to requests forwarded to origin in an HTTP header.}\n@returns(200) {forwardSharedIPToHTTPHeaderAndSIEM: bool, forwardToHTTPHeader: bool} # Successfully updated the reputation analysis settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"forwardSharedIPToHTTPHeaderAndSIEM\":true,\"forwardToHTTPHeader\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/reputation-profiles\n@desc List reputation profile actions\n@returns(200) {reputationProfiles: [map]} # Successfully retrieved the reputation profile actions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/reputation-profiles/{reputationProfileId}\n@desc Get the action for a reputation profile\n@returns(200) {action: str} # Successfully retrieved the reputation profile action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/reputation-profiles/{reputationProfileId}\n@desc Modify the action for a reputation profile\n@required {action: str(alert/deny/none) # The action of a reputation profile. Use `alert` to record the trigger of the event, `deny` to block the request, or `none` to take no action. Use `deny_custom_{custom_deny_id}` to apply a custom action instead of Akamai's default. Run [Modify a custom deny action](https://techdocs.akamai.com/application-security/reference/put-custom-deny) to manage your custom deny actions.}\n@returns(200) {action: str} # Successfully updated the reputation profile's action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"alert\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rules\n@desc List rules\n@returns(200) {ruleActions: [map]} # Successfully retrieved the rule actions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rules\n@desc Upgrade KRS ruleset\n@returns(200) {current: str, eval: bool, evaluating: str, expires: str(date-time), mode: str} # Successfully updated to latest KRS rule set version.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"upgrade\":true}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rules/threat-intel\n@desc Get adaptive intelligence settings\n@returns(200) {action: str} # Successfully retrieved threat intelligence settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rules/threat-intel\n@desc Modify adaptive intelligence settings\n@optional {action: str(on/off) # Set to `on` so our network analyzes a request and dynamically modifies protection methods to fit the detected threat level. Set to `off` to manually fine-tune your rule sets.}\n@returns(200) {action: str} # Successfully updated threat intelligence settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"threatIntel\":\"on\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rules/upgrade-details\n@desc Get upgrade details\n@returns(200) {current: str, evalToEvalUpdates: map{deletedAttackGroups: [map], deletedRules: [map], newAttackGroups: [map], newRules: [map], updatedAttackGroups: [map], updatedRules: [map]}, evaluating: str, krsToEvalUpdates: map{deletedAttackGroups: [map], deletedRules: [map], newAttackGroups: [map], newRules: [map], updatedAttackGroups: [map], updatedRules: [map]}, krsToLatestUpdates: map{deletedAttackGroups: [map], deletedRules: [map], newAttackGroups: [map], newRules: [map], updatedAttackGroups: [map], updatedRules: [map]}, latest: str} # Successfully retrieved the upgraded rule details.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rules/{ruleId}\n@desc Get the action for a rule\n@returns(200) {action: str} # Successfully retrieved the rule action.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rules/{ruleId}\n@desc Modify the action for a rule\n@required {action: str(alert/deny/none) # The action of the rule, either `alert`, `deny`, or `none`.}\n@returns(200) {action: str} # Successfully updated the action of a rule.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"action\":\"alert\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rules/{ruleId}/condition-exception\n@desc Get the conditions and exceptions of a rule\n@returns(200) {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]}, conditions: [map], exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map{name: str, selector: str, value: str}, specificHeaderCookieOrParamNames: map{names: [str], selector: str}, specificHeaderCookieOrParamPrefix: map{prefix: str, selector: str}, specificHeaderCookieParamXmlOrJsonNames: [map]}} # Successfully retrieved the rule conditions and exceptions.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/rules/{ruleId}/condition-exception\n@desc Modify the conditions and exceptions of a rule\n@optional {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]} # Describes the advanced exception members that allow you to conditionally exclude requests from inspection. This is only available for attack groups and when the advanced exception feature is enabled., conditions: [map{caseSensitive: bool, clientLists: [str], extensions: [str], filenames: [str], header: str, hosts: [str], ips: [str], methods: [str], name: str, nameCase: bool, paths: [str], positiveMatch!: bool, type!: str, useHeaders: bool, value: str, valueCase: bool, valueWildcard: bool, wildcard: bool}] # The conditions list for a rule., exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map, specificHeaderCookieOrParamNames: map, specificHeaderCookieOrParamPrefix: map, specificHeaderCookieParamXmlOrJsonNames: [map]} # Describes the exception members that allow you to conditionally exclude requests from inspection.}\n@returns(200) {advancedExceptions: map{conditionOperator: str, conditions: [map], headerCookieOrParamValues: [map], specificHeaderCookieOrParamNameValue: [map], specificHeaderCookieParamXmlOrJsonNames: [map]}, conditions: [map], exception: map{anyHeaderCookieOrParam: [str], headerCookieOrParamValues: [str], specificHeaderCookieOrParamNameValue: map{name: str, selector: str, value: str}, specificHeaderCookieOrParamNames: map{names: [str], selector: str}, specificHeaderCookieOrParamPrefix: map{prefix: str, selector: str}, specificHeaderCookieParamXmlOrJsonNames: [map]}} # Successfully updated the conditions and exceptions of a rule.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"advancedExceptions\":{\"conditionOperator\":\"AND\",\"conditions\":[{\"extensions\":[\"test\"],\"positiveMatch\":true,\"type\":\"extensionMatch\"},{\"filenames\":[\"test2\"],\"positiveMatch\":true,\"type\":\"filenameMatch\"},{\"hosts\":[\"www.test.com\"],\"positiveMatch\":true,\"type\":\"hostMatch\"},{\"ips\":[\"192.0.2.34\"],\"positiveMatch\":true,\"type\":\"ipMatch\",\"useHeaders\":true},{\"caseSensitive\":true,\"name\":\"test3\",\"nameCase\":false,\"positiveMatch\":true,\"type\":\"uriQueryMatch\",\"value\":\"test4\",\"wildcard\":true},{\"header\":\"referer\",\"positiveMatch\":true,\"type\":\"requestHeaderMatch\",\"value\":\"test5\",\"valueCase\":false,\"valueWildcard\":false},{\"methods\":[\"GET\"],\"positiveMatch\":true,\"type\":\"requestMethodMatch\"},{\"paths\":[\"/test6\"],\"positiveMatch\":true,\"type\":\"pathMatch\"},{\"clientLists\":[\"77547_AGEOLIST\"],\"positiveMatch\":true,\"type\":\"clientListMatch\",\"useHeaders\":false}],\"headerCookieOrParamValues\":[{\"valueWildcard\":true,\"values\":[\"test\"]}],\"specificHeaderCookieOrParamNameValue\":[{\"namesValues\":[{\"names\":[\"Test\"],\"values\":[\"test\"]}],\"selector\":\"REQUEST_HEADERS\",\"valueWildcard\":true,\"wildcard\":true}],\"specificHeaderCookieOrParamNames\":[{\"names\":[\"test\"],\"selector\":\"REQUEST_HEADERS\"},{\"names\":[\"test\"],\"selector\":\"REQUEST_COOKIES\"},{\"names\":[\"test\"],\"selector\":\"ARGS\"},{\"names\":[\"test\"],\"selector\":\"JSON_PAIRS\"},{\"names\":[\"test\"],\"selector\":\"XML_PAIRS\"}]}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/selected-hostnames\n@desc List selected hostnames for a security policy\n@returns(200) {hostnameList: [map], mode: str} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/selected-hostnames\n@desc Modify selected hostnames for a security policy\n@required {hostnameList: [map{hostname!: str}] # The list of hostnames for a configuration version.}\n@optional {mode: str(append/remove/replace) # The type of update you want to make to the evaluation hostname list. Use `append` to add additional hostnames, `remove` to delete the hostnames from the list, or `replace` to replace the existing list with the hostnames you pass in your request.}\n@returns(200) {hostnameList: [map], mode: str} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource.}\n@example_request {\"hostnameList\":[{\"hostname\":\"*.example.net\"},{\"hostname\":\"example.com\"},{\"hostname\":\"m.example.com\"}],\"mode\":\"append\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/slow-post\n@desc Get slow POST protection settings\n@returns(200) {action: str, durationThreshold: map{timeout: int}, slowRateThreshold: map{period: int, rate: int}} # Successfully retrieved slow POST protection settings.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/slow-post\n@desc Modify slow POST protection settings\n@required {action: str(alert/abort) # Specifies the  action that the rule should trigger. Either `alert` or `abort`.}\n@optional {durationThreshold: map{timeout!: int} # If the edge server doesn't receive the first eight kilobytes of the POST body transfer within the specified time, the specified action in the policy is applied., slowRateThreshold: map{period!: int, rate!: int} # The average rate in bytes per second over a period of time that you specify before an action (`alert` or `abort`) in the policy triggers. For example, if you set the `slowRateThreshold` to an average of 10 bytes per second in a 60 second period and a request comes in at an average of 5 bytes per second in a 60 second period, the action you specified in the policy triggers.}\n@returns(200) {action: str, durationThreshold: map{timeout: int}, slowRateThreshold: map{period: int, rate: int}} # Successfully retrieved slow POST configuration.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n@example_request {\"action\":\"alert\",\"durationThreshold\":{\"timeout\":5},\"slowRateThreshold\":{\"period\":50,\"rate\":10}}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/url-protections\n@desc List URL protection policy actions\n@returns(200) {urlProtectionActions: [map]} # In-use URL protection policies for this configuration.\n@errors {404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or policy wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/url-protections/{urlProtectionPolicyId}\n@desc Modify a URL protection policy action\n@required {action: any # The action to assign to this URL protection policy. Choose `alert`, `deny`, `none`, or `deny_custom_{custom_deny_id}`. Run [Modify a custom deny action](https://techdocs.akamai.com/application-security/reference/put-custom-deny) to manage your custom deny actions. If the action is `none`, the URL protection policy is inactive in the policy.}\n@returns(200) {action: any} # Updated action.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The configuration wasn't found.}\n@example_request {\"action\":\"none\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/selectable-hostnames\n@desc List selectable hostnames\n@returns(200) {availableSet: [map], configId: int, configVersion: int, errorSet: [map], protectARLInclusionHost: bool, selectedSet: [map]} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/selected-hostnames\n@desc List selected hostnames\n@returns(200) {hostnameList: [map], mode: str} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/selected-hostnames\n@desc Modify selected hostnames\n@required {hostnameList: [map{hostname!: str}] # The list of hostnames for a configuration version.}\n@optional {mode: str(append/remove/replace) # The type of update you want to make to the evaluation hostname list. Use `append` to add additional hostnames, `remove` to delete the hostnames from the list, or `replace` to replace the existing list with the hostnames you pass in your request.}\n@returns(200) {hostnameList: [map], mode: str} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource.}\n@example_request {\"hostnameList\":[{\"hostname\":\"*.example.net\"},{\"hostname\":\"example.com\"},{\"hostname\":\"m.example.com\"}],\"mode\":\"append\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/selected-hostnames/eval-hostnames\n@desc List evaluation hostnames\n@returns(200) {hostnames: [str], mode: str} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/selected-hostnames/eval-hostnames\n@desc Modify evaluation hostnames\n@required {hostnames: [str] # Contains a list of hostnames.}\n@optional {mode: str(append/remove/replace) # The type of update you want to make to the evaluation hostname list. You can `append` additional hostnames, `remove` hostnames from the list, or `replace` the existing list with the hostnames you pass in your request.}\n@returns(200) {hostnames: [str], mode: str} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource.}\n@example_request {\"hostnames\":[\"*.example.net\",\"example.com\",\"m.example.com\"],\"mode\":\"append\"}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/siem\n@desc Get SIEM settings\n@returns(200) {enableForAllPolicies: bool, enableSiem: bool, enabledBotmanSiemEvents: bool, exceptions: [map], firewallPolicyIds: [str], siemDefinitionId: int} # Successfully retrieved SIEM settings.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/siem\n@desc Modify SIEM settings\n@required {enableSiem: bool # Whether you enabled SIEM in a security configuration version.}\n@optional {enableForAllPolicies: bool # Whether you enabled SIEM for all the security policies in the configuration version., enabledBotmanSiemEvents: bool # __Deprecated__ Whether you enabled SIEM for the Bot Manager events. Use `exceptions` parameter instead to set botman siem events exception., exceptions: [map{actionTypes: [str], protection: str}] # Describes all attack type exceptions that will be ignored in siem events., firewallPolicyIds: [str] # The list of security policy identifiers for which to enable the SIEM integration., siemDefinitionId: int # Uniquely identifies the SIEM settings.}\n@returns(200) {enableForAllPolicies: bool, enableSiem: bool, enabledBotmanSiemEvents: bool, exceptions: [map], firewallPolicyIds: [str], siemDefinitionId: int} # Successfully retrieved SIEM settings.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n@example_request {\"enableForAllPolicies\":false,\"enableSiem\":true,\"enabledBotmanSiemEvents\":false,\"exceptions\":[{\"actionTypes\":[\"*\"],\"protection\":\"botmanagement\"},{\"actionTypes\":[\"alert\"],\"protection\":\"ipgeo\"},{\"actionTypes\":[\"alert\"],\"protection\":\"rate\"}],\"firewallPolicyIds\":[\"qik2_38799\",\"4444_44572\",\"teet_39295\",\"ds22_48583\"],\"siemDefinitionId\":1}\n\n@endpoint POST /configs/{configId}/versions/{versionNumber}/url-protections\n@desc Create a URL protection policy\n@required {intelligentLoadShedding: bool # Enable or disable intelligent load shedding. If enabled, traffic that matches the load shedding categories is eligible for shedding if the origin rate exceeds the load shedding threshold., name: str # The rate policy's unique name., rateThreshold: int # The allowed hits per second during any five-second interval.}\n@optional {apiDefinitions: [map{apiDefinitionId!: int(int64), definedResources: bool, resourceIds: [int(int64)], undefinedResources: bool}] # The API endpoints to match on in incoming requests. This only applies to the `api` `matchType`., bypassCondition: map{atomicConditions: [any]} # Exempts specific clients from being processed by the URL protection policy., categories: [any] # The traffic categories to perform load shedding on when the origin traffic rate exceeds the load shedding threshold. If `intelligentLoadShedding` is set to `true`, specify one or more categories., configId: int(int64) # Uniquely identifies the security configuration., configVersion: int # The security configuration version., createDate: str(date-time) # __Read-only__ The timestamp when you created the URL protection policy., createdBy: str # __Read-only__ The username of the person who created the URL protection policy., description: str # A description of the rate policy., hostnamePaths: [map{hostname!: str, paths!: [str]}] # The hostname and path combinations to match on., policyId: int(int64) # __Read-only__ Uniquely identifies the URL protection policy., protectionType: str(SINGLE/MULTIPLE) # If matching on `hostnamePaths`, specify `SINGLE` to match on a hostname and path, or `MULTIPLE` to match on hostname and path combinations., sheddingThresholdHitsPerSec: int # Specify the threshold value, in hits per second, after which traffic can be shed. The `sheddingThresholdHitsPerSec` value must be between 70%-90% of the `rateThreshold` value. If you enabled `intelligentLoadShedding`, this value is required., updateDate: str(date-time) # __Read-only__ The ISO 8601 timestamp when you last updated the URL protection policy., updatedBy: str # __Read-only__ Username who last updated the URL protection policy., used: bool # __Read-only__ Whether you're currently using the URL protection policy.}\n@returns(201) {apiDefinitions: [map], bypassCondition: map{atomicConditions: [any]}, categories: [any], configId: int(int64), configVersion: int, createDate: str(date-time), createdBy: str, description: str, hostnamePaths: [map], intelligentLoadShedding: bool, name: str, policyId: int(int64), protectionType: str, rateThreshold: int, sheddingThresholdHitsPerSec: int, updateDate: str(date-time), updatedBy: str, used: bool} # Successfully created a URL protection policy.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to URL protection policies in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n@example_request {\"bypassCondition\":{\"atomicConditions\":[{\"className\":\"NetworkListCondition\",\"value\":[\"12345_10CLIENTLIST\",\"54321_123\"]},{\"className\":\"RequestHeaderCondition\",\"name\":[\"my-custom-header\"],\"value\":[\"my-custom-value\"]}]},\"categories\":[{\"type\":\"BOTS\"},{\"type\":\"CLOUD_PROVIDERS\"},{\"type\":\"PROXIES\"},{\"type\":\"TOR_EXIT_NODES\"},{\"type\":\"PLATFORM_DDOS_INTELLIGENCE\"},{\"listIds\":[\"12345_10CLIENTLIST\",\"54321_123\"],\"positiveMatch\":true,\"type\":\"CLIENT_LIST\"}],\"description\":\"URL Protection\",\"hostnamePaths\":[{\"hostname\":\"api.demo.com\",\"paths\":[\"/login\",\"/checkout\",\"/history\"]}],\"intelligentLoadShedding\":true,\"name\":\"Transaction site protection\",\"protectionType\":\"MULTIPLE\",\"rateThreshold\":195,\"sheddingThresholdHitsPerSec\":150}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/url-protections\n@desc List URL protection policies\n@returns(200) {urlProtectionPolicies: [map]} # Successfully returned the URL protection policies.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the URL protection policies in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version wasn't found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/url-protections/{urlProtectionPolicyId}\n@desc Get a URL protection policy\n@returns(200) {apiDefinitions: [map], bypassCondition: map{atomicConditions: [any]}, categories: [any], configId: int(int64), configVersion: int, createDate: str(date-time), createdBy: str, description: str, hostnamePaths: [map], intelligentLoadShedding: bool, name: str, policyId: int(int64), protectionType: str, rateThreshold: int, sheddingThresholdHitsPerSec: int, updateDate: str(date-time), updatedBy: str, used: bool} # Successfully returned the URL protection policy.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the URL protection policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or URL protection policy wasn't found.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/url-protections/{urlProtectionPolicyId}\n@desc Modify a URL protection policy\n@required {intelligentLoadShedding: bool # Enable or disable intelligent load shedding. If enabled, traffic that matches the load shedding categories is eligible for shedding if the origin rate exceeds the load shedding threshold., name: str # The rate policy's unique name., rateThreshold: int # The allowed hits per second during any five-second interval.}\n@optional {apiDefinitions: [map{apiDefinitionId!: int(int64), definedResources: bool, resourceIds: [int(int64)], undefinedResources: bool}] # The API endpoints to match on in incoming requests. This only applies to the `api` `matchType`., bypassCondition: map{atomicConditions: [any]} # Exempts specific clients from being processed by the URL protection policy., categories: [any] # The traffic categories to perform load shedding on when the origin traffic rate exceeds the load shedding threshold. If `intelligentLoadShedding` is set to `true`, specify one or more categories., configId: int(int64) # Uniquely identifies the security configuration., configVersion: int # The security configuration version., createDate: str(date-time) # __Read-only__ The timestamp when you created the URL protection policy., createdBy: str # __Read-only__ The username of the person who created the URL protection policy., description: str # A description of the rate policy., hostnamePaths: [map{hostname!: str, paths!: [str]}] # The hostname and path combinations to match on., policyId: int(int64) # __Read-only__ Uniquely identifies the URL protection policy., protectionType: str(SINGLE/MULTIPLE) # If matching on `hostnamePaths`, specify `SINGLE` to match on a hostname and path, or `MULTIPLE` to match on hostname and path combinations., sheddingThresholdHitsPerSec: int # Specify the threshold value, in hits per second, after which traffic can be shed. The `sheddingThresholdHitsPerSec` value must be between 70%-90% of the `rateThreshold` value. If you enabled `intelligentLoadShedding`, this value is required., updateDate: str(date-time) # __Read-only__ The ISO 8601 timestamp when you last updated the URL protection policy., updatedBy: str # __Read-only__ Username who last updated the URL protection policy., used: bool # __Read-only__ Whether you're currently using the URL protection policy.}\n@returns(200) {apiDefinitions: [map], bypassCondition: map{atomicConditions: [any]}, categories: [any], configId: int(int64), configVersion: int, createDate: str(date-time), createdBy: str, description: str, hostnamePaths: [map], intelligentLoadShedding: bool, name: str, policyId: int(int64), protectionType: str, rateThreshold: int, sheddingThresholdHitsPerSec: int, updateDate: str(date-time), updatedBy: str, used: bool} # Successfully updated URL protection policy.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to URL protection policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or URL protection policy wasn't found.}\n@example_request {\"bypassCondition\":{\"atomicConditions\":[{\"className\":\"NetworkListCondition\",\"value\":[\"12345_10CLIENTLIST\",\"54321_123\"]},{\"className\":\"RequestHeaderCondition\",\"name\":[\"my-custom-header\"],\"value\":[\"my-custom-value\"]}]},\"categories\":[{\"type\":\"BOTS\"},{\"type\":\"CLIENT_REPUTATIONS\"},{\"type\":\"CLOUD_PROVIDERS\"},{\"type\":\"PROXIES\"},{\"type\":\"TOR_EXIT_NODES\"},{\"type\":\"PLATFORM_DDOS_INTELLIGENCE\"},{\"listIds\":[\"81658_CLIENTLIST\",\"56789_1234\"],\"positiveMatch\":true,\"type\":\"CLIENT_LIST\"}],\"description\":\"URL Protection\",\"hostnamePaths\":[{\"hostname\":\"api.demo.com\",\"paths\":[\"/login\",\"/checkout\",\"/history\"]}],\"intelligentLoadShedding\":true,\"name\":\"Transaction site protection\",\"protectionType\":\"MULTIPLE\",\"rateThreshold\":195,\"sheddingThresholdHitsPerSec\":150}\n\n@endpoint DELETE /configs/{configId}/versions/{versionNumber}/url-protections/{urlProtectionPolicyId}\n@desc Remove a URL protection policy\n@returns(204) Successfully deleted the URL protection policy.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the URL protection policy in this security configuration., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Security configuration version or URL protection policy wasn't found.}\n\n@endpoint GET /configs/{configId}/versions/{versionNumber}/version-notes\n@desc Get the version notes\n@returns(200) {notes: str} # Successfully retrieved the version notes.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endpoint PUT /configs/{configId}/versions/{versionNumber}/version-notes\n@desc Modify version notes\n@optional {notes: str # The version notes.}\n@returns(200) {notes: str} # Successfully updated the version notes.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have permission to write to this resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n@example_request {\"notes\":\"This is a version note.\"}\n\n@endgroup\n\n@group contracts-groups\n@endpoint GET /contracts-groups\n@desc List contracts and groups\n@returns(200) {contractId: str, displayName: str, groupId: int} # Successful response.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endgroup\n\n@group contracts\n@endpoint GET /contracts/{contractId}/groups/{groupId}/selectable-hostnames\n@desc List available hostnames for a new configuration\n@returns(200) {availableSet: [map], configId: int, configVersion: int, errorSet: [map], protectARLInclusionHost: bool, selectedSet: [map]} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endgroup\n\n@group cves\n@endpoint GET /cves\n@desc List CVEs\n@optional {modifiedAfter: str(date-time) # Filters CVEs by `modifiedDate`, returning all CVEs modified after that time.}\n@returns(200) {cves: [map]} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 401: [Unauthorized](https://techdocs.akamai.com/application-security/reference/401)., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed., 405: [Method not allowed](https://techdocs.akamai.com/application-security/reference/405)., 406: [Not acceptable](https://techdocs.akamai.com/application-security/reference/406).}\n\n@endpoint POST /cves/subscribe\n@desc Subscribe to CVEs\n@required {cveIds: [str] # Identifiers for the CVEs you want to subscribe to.}\n@returns(200) {cveIds: [str]} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 401: [Unauthorized](https://techdocs.akamai.com/application-security/reference/401)., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed., 405: [Method not allowed](https://techdocs.akamai.com/application-security/reference/405)., 406: [Not acceptable](https://techdocs.akamai.com/application-security/reference/406).}\n@example_request {\"cveIds\":[\"CVE-2023-46589\",\"CVE-2023-24023\"]}\n\n@endpoint GET /cves/subscribed\n@desc List subscribed CVEs\n@returns(200) {cves: [map]} # Successful response.\n@errors {401: [Unauthorized](https://techdocs.akamai.com/application-security/reference/401)., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed., 405: [Method not allowed](https://techdocs.akamai.com/application-security/reference/405)., 406: [Not acceptable](https://techdocs.akamai.com/application-security/reference/406).}\n\n@endpoint POST /cves/unsubscribe\n@desc Unsubscribe from CVEs\n@optional {all: bool=false # Whether to unsubscribe from all CVEs, `false` by default.}\n@returns(200) {cveIds: [str]} # Successful response.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 401: [Unauthorized](https://techdocs.akamai.com/application-security/reference/401)., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed., 405: [Method not allowed](https://techdocs.akamai.com/application-security/reference/405)., 406: [Not acceptable](https://techdocs.akamai.com/application-security/reference/406).}\n@example_request {}\n\n@endpoint GET /cves/{cveId}\n@desc Get a CVE\n@returns(200) {affectedSystems: [map], coverage: str, cveId: str, description: str, impactScore: num(float), impactSeverity: str, mitigation: map{attackGroups: [map]}, modifiedDate: str(date-time), publishedDate: str(date-time), weaknessIds: [str]} # Successful response.\n@errors {401: [Unauthorized](https://techdocs.akamai.com/application-security/reference/401)., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed., 405: [Method not allowed](https://techdocs.akamai.com/application-security/reference/405)., 406: [Not acceptable](https://techdocs.akamai.com/application-security/reference/406).}\n\n@endpoint GET /cves/{cveId}/security-coverage\n@desc Get CVE coverage\n@returns(200) {configurations: [map]} # Successful response.\n@errors {401: [Unauthorized](https://techdocs.akamai.com/application-security/reference/401)., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed., 405: [Method not allowed](https://techdocs.akamai.com/application-security/reference/405)., 406: [Not acceptable](https://techdocs.akamai.com/application-security/reference/406)., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endgroup\n\n@group export\n@endpoint GET /export/configs/{configId}/versions/{versionNumber}\n@desc Export a configuration version\n@returns(200) {advancedOptions: [map], basedOn: int, configId: int, configName: str, createDate: str, createdBy: str, customDenyList: [map], customRules: [map], errorHosts: [map], evaluating: map{securityPolicies: [map]}, malwarePolicies: [map], matchTargets: [map], production: map{action: str, status: str, time: str}, ratePolicies: [map], reputationProfiles: [map], ruleSets: [map], securityPolicies: [map], selectableHosts: [str], selectedHosts: [str], siem: [map], staging: map{action: str, status: str, time: str}, version: int, versionNotes: str} # Successfully returned resource.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endgroup\n\n@group hostname-coverage\n@endpoint GET /hostname-coverage\n@desc Get hostname coverage\n@returns(200) {configuration: map{id: int, name: str, version: str}, hasMatchTarget: bool, hostname: str, policyNames: [str], status: str} # Successfully retrieved the Hostname Coverage.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Client error, such as invalid or malformed input., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The named security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy., 500: [Internal server error](https://techdocs.akamai.com/application-security/reference/500). Something went wrong on our side. Try again in a few minutes, and contact support if the error persists.}\n\n@endgroup\n\n@group onboardings\n@endpoint POST /onboardings\n@desc Create an onboarding\n@required {contractId: str # A unique identifier for a contract. Run [List contracts and groups](https://techdocs.akamai.com/application-security/docs/get-contracts-groups) to get the `contractId` if you don't have one already., groupId: int(int32) # A unique identifier for a group., hostnames: [str] # List of hostnames you are setting up with Akamai services.}\n@optional {createNewResourcesOnly: bool=false # This creates an onboarding with a new CPS certificate and security protections. If your contract limits how many certificates you create, the API responds with an error.}\n@returns(201) {accountId: str, activations: [map], contractId: str, createdBy: str, createdDate: str(date-time), currentStep: num, groupId: int, hostnames: [str], modifiedBy: str, modifiedDate: str(date-time), nextSteps: [map], onboardingId: int, onboardingLink: str(uri), onboardingStatus: str, product: str, settings: map{certificate: map{adminContact: map{email: str, firstName: str, lastName: str, phone: str}, certificateType: str, commonName: str, enrollmentId: int, enrollmentLink: str(uri)}, delivery: map{origins: [map]}, security: map{cloneVersion: int, configId: int, configLink: str(uri), configName: str, configType: str, evalRequired: bool, policyId: str, policyLink: str(uri), policyName: str, policyType: str, protections: map{applyApplicationLayerControls: bool, applyBotmanControls: bool, applyNetworkLayerControls: bool, applyRateControls: bool, applyReputationControls: bool, applySlowPostControls: bool}}, settingsLink: str(uri)}, totalSteps: num} # Successfully created an onboarding object.\n@errors {400: [Bad request](https://techdocs.akamai.com/application-security/reference/400). Invalid request body or URL parameter input., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have create Self Serviceability onboarding.}\n@example_request {\"contractId\":\"C-0N7RAC7\",\"groupId\":12345,\"hostnames\":[\"www.example.com\",\"www.test.example.org\"]}\n\n@endpoint GET /onboardings\n@desc List onboardings\n@optional {onboardingStatuses: [str] # Lists onboardings for a specific status., hostnames: [str] # Returns onboardings containing the specified hostnames.}\n@returns(200) {onboardings: [map]} # Successful response.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). That resource doesn't exist, or the URL is malformed.}\n\n@endpoint GET /onboardings/{onboardingId}\n@desc Get an onboarding\n@returns(200) {accountId: str, activations: [map], contractId: str, createdBy: str, createdDate: str(date-time), currentStep: num, groupId: int, hostnames: [str], modifiedBy: str, modifiedDate: str(date-time), nextSteps: [map], onboardingId: int, onboardingLink: str(uri), onboardingStatus: str, product: str, settings: map{certificate: map{adminContact: map{email: str, firstName: str, lastName: str, phone: str}, certificateType: str, commonName: str, enrollmentId: int, enrollmentLink: str(uri)}, delivery: map{origins: [map]}, security: map{cloneVersion: int, configId: int, configLink: str(uri), configName: str, configType: str, evalRequired: bool, policyId: str, policyLink: str(uri), policyName: str, policyType: str, protections: map{applyApplicationLayerControls: bool, applyBotmanControls: bool, applyNetworkLayerControls: bool, applyRateControls: bool, applyReputationControls: bool, applySlowPostControls: bool}}, settingsLink: str(uri)}, totalSteps: num} # Successful response.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Onboarding wasn't found.}\n\n@endpoint DELETE /onboardings/{onboardingId}\n@desc Delete an onboarding\n@returns(204) Successfully deleted the onboarding.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). This onboarding object is activating on a network and not editable., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to this onboarding object., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Onboarding object wasn't found.}\n\n@endpoint POST /onboardings/{onboardingId}/activations\n@desc Activate an onboarding\n@required {network: str(STAGING/PRODUCTION) # The target Akamai activation environment, either `STAGING`` or `PRODUCTION``., notificationEmails: [str] # The email addresses to receive notifications regarding the activation.}\n@returns(202) {activationId: int, activationStatus: str, activationStatusLink: str(uri), completedDate: str(date-time), createdBy: str, createdDate: str(date-time), network: str, onboardingLink: str, percentComplete: int, retryAfter: int} # Successfully updated the onboarding settings.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You are not authorized to use this API., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Onboarding was not found., 409: [Conflict](https://techdocs.akamai.com/application-security/reference/409). Invalid onboarding Activation Request. See the `fieldErrors` and other fields provided in the response for more information., 422: [Unprocessable content](https://techdocs.akamai.com/application-security/reference/422). Onboarding can't be activated in the Production Network before Staging.}\n@example_request {\"network\":\"STAGING\",\"notificationEmails\":[\"test_user@akamai.com\",\"test_user2@akamai.com\"]}\n\n@endpoint GET /onboardings/{onboardingId}/activations/{activationId}\n@desc Get an onboarding activation\n@returns(200) {activationId: int, activationStatus: str, activationStatusLink: str(uri), completedDate: str(date-time), createdBy: str, createdDate: str(date-time), network: str, onboardingLink: str, percentComplete: int, retryAfter: int} # Onboarding Activation is completed.\n@returns(202) {activationId: int, activationStatus: str, activationStatusLink: str(uri), completedDate: str(date-time), createdBy: str, createdDate: str(date-time), network: str, onboardingLink: str, percentComplete: int, retryAfter: int} # Onboarding activation is in progress.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You are not authorized to use this API., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The `onboardingId` or `activationId` was not found., 500: [Conflict](https://techdocs.akamai.com/application-security/reference/500). Onboarding activation failed.}\n\n@endpoint GET /onboardings/{onboardingId}/certificate-validation\n@desc List onboarding certificate challenges\n@returns(200) {certificateValidateLink: str(uri), certificateValidationStatus: str, description: str, onboardingLink: str(uri), records: [map]} # Successfully retrieved certificate Challenges.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You are not authorized to use this API., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The `onboardingId` was not found., 500: [Conflict](https://techdocs.akamai.com/application-security/reference/500). Failure to retrieve certificate challenges.}\n\n@endpoint POST /onboardings/{onboardingId}/certificate-validation/validate\n@desc Validate onboarding certificate\n@returns(200) {certificateValidateLink: str(uri), certificateValidationStatus: str, description: str, onboardingLink: str(uri), records: [map]} # Successfully validated certificate challenges.\n@returns(207) {certificateValidateLink: str(uri), certificateValidationStatus: str, description: str, onboardingLink: str(uri), records: [map]} # Partially validated\tCertificate Challenges.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You are not authorized to use this API., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The `onboardingId` was not found, 500: [Conflict](https://techdocs.akamai.com/application-security/reference/500). Validating certificate challenges failed.}\n\n@endpoint GET /onboardings/{onboardingId}/cname-to-akamai\n@desc List hostname CNAME DNS records\n@returns(200) {cnameValidateLink: str(uri), cnameValidationStatus: str, description: str, onboardingLink: str(uri), records: [map]} # Successfully retrieved cname DNS records.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You are not authorized to use this API., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The `onboardingId` was not found., 500: [Conflict](https://techdocs.akamai.com/application-security/reference/500). Retrieving cname records failed}\n\n@endpoint POST /onboardings/{onboardingId}/cname-to-akamai/validate\n@desc Validate hostname CNAME DNS records\n@returns(200) {cnameValidationStatus: str, description: str, onboardingLink: str(uri), records: [map]} # Successfully validated CNAME DNS records.\n@returns(202) {cnameValidateLink: str(uri), cnameValidationStatus: str, description: str, onboardingLink: str(uri), records: [map]} # Pending DNS record validation.\n@returns(207) {cnameValidateLink: str(uri), cnameValidationStatus: str, description: str, onboardingLink: str(uri), records: [map]} # Partially validated CNAME DNS records.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You are not authorized to use this API., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The `onboardingId` was not found., 500: [Conflict](https://techdocs.akamai.com/application-security/reference/500). Retrieving CNAME records failed.}\n\n@endpoint GET /onboardings/{onboardingId}/origin-validation\n@desc List origin hostname DNS records\n@returns(200) {description: str, onboardingLink: str(uri), originSkipLink: str(uri), originValidateLink: str(uri), originValidationStatus: str, records: [map]} # Successfully retrieved origin hostnames DNS records.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You are not authorized to use this API., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The `onboardingId` was not found., 500: [Conflict](https://techdocs.akamai.com/application-security/reference/500). Retrieving certificate challenges failed.}\n\n@endpoint POST /onboardings/{onboardingId}/origin-validation/skip\n@desc Skip origin hostnames DNS record validation\n@returns(200) {description: str, onboardingLink: str(uri), originValidationStatus: str, records: [map]} # Successfully skipped Origin Record Validation.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You are not authorized to use this API., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The `onboardingId` was not found., 500: [Conflict](https://techdocs.akamai.com/application-security/reference/500). Call to validate origin records failed.}\n\n@endpoint POST /onboardings/{onboardingId}/origin-validation/validate\n@desc Validate origin hostnames DNS records\n@returns(200) {description: str, onboardingLink: str(uri), originValidationStatus: str, records: [map]} # Successfully validated origin records.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You are not authorized to use this API., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The `onboardingId` was not found., 500: [Conflict](https://techdocs.akamai.com/application-security/reference/500). Call to validate origin records failed}\n\n@endpoint GET /onboardings/{onboardingId}/settings\n@desc Get onboarding settings\n@returns(200) {certificate: map{adminContact: map{email: str, firstName: str, lastName: str, phone: str}, certificateType: str, commonName: str, enrollmentId: int, enrollmentLink: str(uri)}, delivery: map{origins: [map]}, onboardingLink: str(uri), security: map{cloneVersion: int, configId: int, configLink: str(uri), configName: str, configType: str, evalRequired: bool, policyId: str, policyLink: str(uri), policyName: str, policyType: str, protections: map{applyApplicationLayerControls: bool, applyBotmanControls: bool, applyNetworkLayerControls: bool, applyRateControls: bool, applyReputationControls: bool, applySlowPostControls: bool}}, settingsLink: str(uri)} # Successfully returned onboarding settings.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You are not authorized to use this API., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). Onboarding Id wasn't found.}\n\n@endpoint PUT /onboardings/{onboardingId}/settings\n@desc Modify onboarding settings\n@required {certificate: map{adminContact!: map, certificateType!: str, commonName: str, enrollmentId: int, enrollmentLink: str(uri)} # The certificate settings to secure your site., delivery: map{origins!: [map]} # The delivery settings for your site traffic., onboardingLink: str(uri) # The URL to call when you want to access this onboarding at a later time., security: map{cloneVersion: int, configId: int, configLink: str(uri), configName: str, configType!: str, evalRequired: bool, policyId: str, policyLink: str(uri), policyName: str, policyType!: str, protections!: map} # The security settings for your site., settingsLink: str(uri) # The URL to call to manage onboarding settings after you finishing the initial creation.}\n@returns(200) {certificate: map{adminContact: map{email: str, firstName: str, lastName: str, phone: str}, certificateType: str, commonName: str, enrollmentId: int, enrollmentLink: str(uri)}, delivery: map{origins: [map]}, onboardingLink: str(uri), security: map{cloneVersion: int, configId: int, configLink: str(uri), configName: str, configType: str, evalRequired: bool, policyId: str, policyLink: str(uri), policyName: str, policyType: str, protections: map{applyApplicationLayerControls: bool, applyBotmanControls: bool, applyNetworkLayerControls: bool, applyRateControls: bool, applyReputationControls: bool, applySlowPostControls: bool}}, settingsLink: str(uri)} # Successfully updated the onboarding settings.\n@errors {400: [Invalid](https://techdocs.akamai.com/application-security/reference/400). Invalid onboarding settings. See the `fieldErrors` and other fields provided in the response for more information., 403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You are not authorized to use this API., 404: [Not found](https://techdocs.akamai.com/application-security/reference/404). The onboarding object wasn't found., 422: [Unprocessable content](https://techdocs.akamai.com/application-security/reference/422). Onboarding settings can't be updated after activation.}\n@example_request {\"certificate\":{\"adminContact\":{\"email\":\"adminContact@nomail-akamai.com\",\"firstName\":\"AdminUser\",\"lastName\":\"User\",\"phone\":\"+919090909090\"},\"certificateType\":\"CUSTOM_EXISTING\",\"commonName\":\"www.commonName.com\",\"enrollmentId\":87902,\"enrollmentLink\":\"/cps/v2/enrollments/87902\"},\"delivery\":{\"origins\":[{\"hostname\":\"www.example.com\",\"origin\":\"origin-ea0ac1-.www.example.com\"},{\"hostname\":\"www.example.net\",\"origin\":\"origin-8eeeba-.www.example.net\"}]},\"onboardingLink\":\"/appsec/v1/onboardings/101\",\"security\":{\"cloneVersion\":25,\"configId\":24335,\"configLink\":\"/appsec/v1/configs/24335\",\"configName\":\"sec-config\",\"configType\":\"EXISTING\",\"evalRequired\":true,\"policyId\":\"000Q_475674\",\"policyLink\":\"/appsec/v1/configs/243359/versions/25/security-policies/000Q_475674\",\"policyName\":\"sec-policy\",\"policyType\":\"EXISTING\",\"protections\":{\"applyApplicationLayerControls\":true,\"applyBotmanControls\":false,\"applyNetworkLayerControls\":true,\"applyRateControls\":true,\"applyReputationControls\":true,\"applySlowPostControls\":true}},\"settingsLink\":\"/appsec/v1/onboardings/101/settings\"}\n\n@endgroup\n\n@group siem-definitions\n@endpoint GET /siem-definitions\n@desc Get SIEM versions\n@returns(200) {siemDefinitions: [map]} # Successfully retrieved SIEM versions.\n@errors {403: [Forbidden](https://techdocs.akamai.com/application-security/reference/403). You don't have access to the resource.}\n\n@endgroup\n\n@end\n"}