401 unauthorized return if header doesn't match

Question

Is there a way I can write an irule so when a GET request comes to a VS on a specific URL: https://abctest1234.com/general/api, if a header value does not match on multiple ClientID such as (ClientID: RealCategory, ClientID: TrueCategory, or ClientID: BlueCategory), we want to return a 401 unauthorize response back to the client?

andrew-f5 · Accepted Answer

when HTTP_REQUEST {
	if { [[HTTP::host][HTTP::uri] eq "abctest1234.com/general/api"] &amp;&amp; [[HTTP::header value "ClientID"] ne "RealCategory" || [HTTP::header value "ClientID"] ne "TrueCategory" || [HTTP::header value "ClientID"] ne "BlueCategory"]}{
		HTTP::respond 401
	} 
}

tny81 · Answer

Thanks Andrew!  This seems to work.

Forum Discussion

401 unauthorized return if header doesn't match

2 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

The return of DevCentral CodeShare.

how do I detect the rst returned by the server?

https://{{host}}/mgmt/shared/telemetry/info returns 404

Return default favicon.ico

The Disadvantages of DSR (Direct Server Return)