F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Jun 06, 2023

Difference between Rest API security protection and API Security ASM template ?

Hi, I have to protect some Rest API with ASM. I saw that there are 2 different API protection features : 1) Create an ASM policy with the API security template where you just import the swagger fi...

Icon for MVP rank

MVP

Jun 06, 2023

the APM Policy can

import an Open API Spec file
verify that the API call is made to an allowed API endpoint.
verify that clients makes only unauthenticated API calls and verify JWT access tokens
do Rate Limiting

The AWAF Policy can

import an Open API Spec file and validate that the API request conforms to the spec file
protect against Web Application Threats

To my surprise the AWAF Policy can import an Open API Spec file but does not build a list of allowed URLs (methods / endpoints) from it.

KR
Daniel

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5