Manual Chapter :
Creating keys for classifying requests
Applies To:
Show VersionsBIG-IP APM
- 15.0.1, 15.0.0
Creating keys for classifying requests
You create keys within an API protection
profile so you need to have created a profile.
You create identity keys to classify requests
for the purpose of rate limiting. Keys are used in rate limiting configurations,
blacklists, and whitelists.
When you create an API protection profile, the system
automatically generates five commonly used key objects for rate limiting. These key
objects are also shown in the display data on the API Protection Dashboard, but you
need to specify a
Key Value
for the ones you plan to
use.- On the Main tab, click.
- Click the name of the API protection profile for which you are configuring rate limiting.
- On the Rate Limiting tab, in the Keys section, review the automatically created rate limiting keys to see if any of them are appropriate for classifying requests.The system automatically creates five key objects called <profilename>_auto_rate_limiting_key<1-5> for UserID, UserGroupID, ClientAppID, ServiceTier, and OrganizationID.
- To use any of the keys provided, click the key object name and specify aKey Value. Type the subsession or perflow variable that specifies the source of the key value collected earlier in the policy flow.For example, a key value for a username could specify the subsession variable %{subsession.logon.last.username}.
- To create an additional custom key, in the Keys section, clickCreate.The Identity Key section opens where you define the key.
- ForName, type a unique name for the identity key.
- ForKey Name, type a user friendly name for the identity key. The name must be unique within the API protection profile.
- ForKey Value, type the subsession or perflow variable that specifies the source of the key value collected earlier in the policy flow.
- ClickAdd.
- When you are done adding and defining keys, at the bottom of the screen, clickSave.
You have created one or more keys that help to
classify requests for rate limiting.
Next, you can assign quotas and spike arrest
limits to the keys in the rate limiting configuration.