Manual Chapter : Creating keys for classifying requests

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 15.0.1, 15.0.0
Manual Chapter

Creating keys for classifying requests

You create keys within an API protection profile so you need to have created a profile.
You create identity keys to classify requests for the purpose of rate limiting. Keys are used in rate limiting configurations, blacklists, and whitelists.
When you create an API protection profile, the system automatically generates five commonly used key objects for rate limiting. These key objects are also shown in the display data on the API Protection Dashboard, but you need to specify a
Key Value
for the ones you plan to use.
  1. On the Main tab, click
    Access
    API Protection
    Profile
    .
  2. Click the name of the API protection profile for which you are configuring rate limiting.
  3. On the Rate Limiting tab, in the Keys section, review the automatically created rate limiting keys to see if any of them are appropriate for classifying requests.
    The system automatically creates five key objects called <profilename>_auto_rate_limiting_key<1-5> for UserID, UserGroupID, ClientAppID, ServiceTier, and OrganizationID.
  4. To use any of the keys provided, click the key object name and specify a
    Key Value
    . Type the subsession or perflow variable that specifies the source of the key value collected earlier in the policy flow.
    For example, a key value for a username could specify the subsession variable %{subsession.logon.last.username}.
  5. To create an additional custom key, in the Keys section, click
    Create
    .
    The Identity Key section opens where you define the key.
  6. For
    Name
    , type a unique name for the identity key.
  7. For
    Key Name
    , type a user friendly name for the identity key. The name must be unique within the API protection profile.
  8. For
    Key Value
    , type the subsession or perflow variable that specifies the source of the key value collected earlier in the policy flow.
  9. Click
    Add
    .
  10. When you are done adding and defining keys, at the bottom of the screen, click
    Save
    .
You have created one or more keys that help to classify requests for rate limiting.
Next, you can assign quotas and spike arrest limits to the keys in the rate limiting configuration.