JSON elements for login page

Question

Hello team! I need to configure login page for brute-force protection of application.

It was easy for a web browser because the HTML form is easy to configure and works well.

But the authentication type for the mobile app is JSON / AJAX. I'm facing a problem: I'm unable to select the correct values for the username and password JSON elements from the entire server response. Should I use <map>, <string> and other tags in these fields, or should I only use keywords? I only found one example using JSON / AJAX authentication https://clouddocs.f5.com/training/community/waf/html/waf241/module4-login-protect/lab1/lab1.html, without any tags, but this example doesn't work in our environment.

Thanks!

maksym · Answer

For example, after trying to sign in from a mobile app with incorrect credentials, ASM received a large request. I found the password I entered, in the following context:

<string>password</string><string>value</string><string>Igxiguodufjffuu</string>

Which part of this line should we insert into the Password field? Same question about the the login field.

Forum Discussion

JSON elements for login page

1 Reply

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

NGINX event logs send to F5 Data Collection Device and analysis from BIG-IQ it possible or not?

Cannot ping external interface

Dump all host running services during APM logon

Failed to execute iptable cmd: ," CMD="iptables -A SSH_ALLOW_RULES error

HA Failover between two Datacenters

Related Content

Json parsing with iRules

IPFIX Elements

Simple iRulesLX JSON rewrite

F5 Network Map to Json with Python

JSON Web Token (JWT) Parser

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS