Forum Discussion

Nimbostratus

Nov 06, 2023

Guided Configuration on API security

Hi Folks, We are using ASM module for some time and there are many application security policies that are in block mode. We have some api related application in our environment, now wanted to prot...

application delivery

security

Daniel_Wolf

MVP

Nov 07, 2023

Hi kkuzhal,

the guided configuration for AWAF API protection offers two variants.
1. You have an OpenAPI Specification (formerly Swagger Specification)
2. You don't

If you have, it will allow only the specified API endpoint and methods. If you don't, you have to specify them manually. That's pretty much it.

I like API Protection with APM better, because it includes authentication and rate limiting.

KR
Daniel

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Guided Configuration on API security

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Quarterly Security Notification October 2025

Orchestrated Infrastructure Security - Guided Configuration

threat hunting guide

iRules Style Guide

Implementing SSL Orchestrator - Guided Configuration

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS