AWAF Path Parameters with OPENAPI json file
Hi, Iam securing a API with a JSON OPENAPI file it mostly works fine however I have two positional parameters used in one url that seems to mask the following paths "/dqm/v1/projects/{customerId}/{pageNumber} &/dqm/v1/projects/projectDetails/{workRequestId}" The result is illegal parameter length violations on a url that is actually valid. the two paths have different operationId headers associated with them Does the WAF use the operationId to match the Path? It appears not as if I delete the operation Id from the api file then the policy matches the correct URL. Any assistance in ubderstanding what is happening and why is appreaciated. Allowed URL's extract from JSON openAPI file /dqm/v1/projects/{customerId}/{pageNumber}: get: tags: - customer-projects-controller operationId: getCustomerProjectsForIdperPage parameters: - name: customerId in: path required: true schema: type: string - name: pageNumber in: path required: true schema: type: string responses: '200': description: OK content: '*/*': schema: $ref: '#/components/schemas/CustomerProjectsResponse' /dqm/v1/projects/projectDetails/{workRequestId}: get: tags: - customer-projects-controller operationId: getProjectDetailswithID parameters: - name: workRequestId in: path required: true schema: type: string responses: '200': description: OK content: '*/*': schema: $ref: '#/components/schemas/ProjectDetailsResponse'Solved1.8KViews1like5CommentsAdvWAF, OpenAPI - how to update security profile as APIs are added?
Hi - We have an integration in which we want to create a security profile via Guided Configuration for an API server, and plan on importing the OpenAPI specification as the starting point. But - this server will be adding more APIs on a regular basis for the foreseeable future ... and it's not clear to us how we can add new APIs to the security policy. The documentation on importing an OpenAPI spec says that all of the APIs supported by the virtual server involved must be described ... what is the procedure to add single APIs, one by one as they become relevant, over time? Thank you!969Views1like3Comments