Management API - Setting "Custom" Threshold Option for "Suspicious IP Throttling"

Overview

This article explains how to change the Suspicious IP throttling configuration via API to “Custom” via the API/Terraform.


Example body (to note there are no visible options to change to the “Custom” option):

{
  "enabled": true,
  "shields": [
    "block"
  ],
  "allowlist": [
    "198.51.100.42",
    "10.0.0.0/24",
    "2001:0db8:5b96:0000:0000:426f:8e17:642a",
    "2002::1234:abcd:ffff:c0a8:101/64"
  ],
  "stage": {
    "pre-login": {
      "max_attempts": 0,
      "rate": 0
    },
    "pre-user-registration": {
      "max_attempts": 0,
      "rate": 0
    }
  }
}

Solution

There is no direct way to do this via the Management API. See this link for more details.

Changing the Suspicious IP throttling configuration via API to “Custom” Suspicious IP thresholds requires changing one of the underlying values within the “stage” object to a new value (as in it needs to be set to a value that is not currently set). Please see the bolded section below to indicate on the body of the Suspicious IP API call.

ENDPOINT

PATCH /api/v2/attack-protection/suspicious-ip-throttling

{
  "enabled": true,
  "shields": [
    "block"
  ],
  "allowlist": [
    "198.51.100.42",
    "10.0.0.0/24",
    "2001:0db8:5b96:0000:0000:426f:8e17:642a",
    "2002::1234:abcd:ffff:c0a8:101/64"
  ],
  "stage": {
    "pre-login": {
      "max_attempts": 0,
      "rate": 0
    },
    "pre-user-registration": {
      "max_attempts": 0,
      "rate": 0
    }
  }
}

Related References