Forum Discussion

MVP

Oct 04, 2023

F5 AWAF/ASM support for wildcard url and parameter names with a swagger/openapi file

Hello to everyone, I have a project where I am trying to make use of the F5 wildcard options for parameter names and url paths by importing a swagger/openapi file but I do not know if F5 have e...

devops

security

F5_Design_Engineer

MVP

Oct 09, 2023

Can you please refer

https://f5-agility-labs-waf.readthedocs.io/en/latest/class7/module2/lab4/lab4.html

https://f5-agility-labs-waf.readthedocs.io/en/latest/class7/class7.html

https://docs.cloud.f5.com/docs/how-to/advanced-security/import-swagger-control-api-access

HTH

🙏

Nikoolayy1
MVP
Oct 09, 2023
Thanks for the links but they seem not the thing I need at the moment.

I want to create wildcard parameter with importing a swagger/openapi file that will create the wildcard parameter not just creating it from the GUI/CLI or the F5 BIG-IP API as I am aware how to do this as I have many years for experience with AWAF/ASM and as of now I played a lot with Swagger/OpenAPI file imports in ASM/AWAF/XC 🙂 .

Also the last link that you provided is for XC Distributed Cloud for the WAAP API protection cloud service not F5 BIG-IP AWAF/ASM as the two products have swagger/openapi import that works in completely different ways.

The correct link is:

https://my.f5.com/manage/s/article/K07241201

If you decide, you can review the two features at the links below as they show feature on AWAF and XC:

https://www.youtube.com/watch?v=F-OwVLsCw-M

https://www.youtube.com/watch?v=fT6i_HDRt9Q

Outside of that I managed to create a parameter with location any from a swagger file , so only the wildcard parameter (except the possible complex workaround of using JSON profile for a parameter match that I mentioned that is a parameter type object in the Swagger file) or using request method "any" or no request method at all (In the F5 GUI you do not need to specify one) seems an issue at the moment.

"parameters": [
{
"name": "test",
"in": "any",
"description": "wildcard path",
"required": true,
"type": "string"
}
],

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

F5 AWAF/ASM support for wildcard url and parameter names with a swagger/openapi file

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

Need Advice on below issue

SSO login for APM Profiles

Virtual Server Configuration requirements for ISO 8583 traffic (Single persistent TCP session)

threat hunting guide

Webtop which has VNC for macos users

Related Content

F5 ASM/AWAF Preventing unauthorized users accessing admin path using iRule script

F5 ICAP over SSL/TLS (Secure ICAP) with F5 ASM/AWAF Antivirus Protection feature

F5 BIG-IP Automatic email notification for system update events (ASM/AWAF)

Generating irule logs, emails and reports for Shadow API Endpoints on the F5 BIG-IP AWAF/ASM device

Exporting and importing ASM/AWAF security policies with Ansible and Terraform

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS