Home B2Core API REST API The Back Office API Black and White lists

Black and White lists

Use these methods to manage Black and White lists and configure security policies specifying access permissions for specific IP addresses.

GET[host]/api/v2/security/policies

Get a list of security policies

GET[host]/api/v2/security/policies/{policyId}

Get security policy details

POST[host]/api/v2/security/policies

Create a new security policy

PUT[host]/api/v2/security/policies/{policyId}

PATCH[host]/api/v2/security/policies/{policyId}

Update a security policy

DELETE[host]/api/v2/security/policies/{policyId}

Delete a security policy

Get a list of security policies

Use this method to obtain a list of configured security polices.

To obtain detailed information about a specific security policy, use a separate method to get security policy details.

Request

Header parameters:

  • Authorization: Bearer <access_token>

Query parameters:

The following filter parameters are available for this method:

active

If true, a security policy is enabled; otherwise, false.

ip

The IP address to which a security policy is applied.

permission

The access permission. Possible values:

  • allow — indicates that access from a specified IP address is allowed.

  • deny — indicates that access from a specified IP address is prohibited.

rout

The URL of a resource to which access from a specified IP address is allowed or prohibited.

Refer to the Query parameters section of the API Overview for details on applying filter and sorting parameters.

GET[host]/api/v2/security/policies

curl --location -g --request GET 'https://host.name/api/v2/security/policies?limit=10&offset=0&sort_order=desc&sort_by=createTime&filter[active]=true&filter[ip]=192.168.1.1&filter[permission]=allow&filter[route]=platform_proxy' \
--header 'Authorization: Bearer <token>'

Response

A response contains an array of Security Policy objects providing information about the policies matching the request parameters.

Get security policy details

Use this method to obtain detailed information about a specified security policy.

To obtain a list of configured security policies, use a separate method to get a list of security policies.

Request

Header parameters:

  • Authorization: Bearer <access_token>

Path parameters:

policyId required

The security policy identifier.

GET[host]/api/v2/security/policies/{policyId}

curl --location --request GET 'https://host.name/api/v2/security/policies/1' \
--header 'Authorization: Bearer <token>'

Response

A response contains a Security Policy object providing information about a specified policy.

Create a new security policy

Use this method to create new security policies.

Request

Header parameters:

  • Authorization: Bearer <access_token>

Body:

Specify the following parameters for a new security policy:

active boolean

If true, a security policy is enabled; otherwise, false.

comment string

The optional internal comment added to a security policy.

ip string

The IP address to which a security policy is applied.

isBlack boolean

  • If true, a specified IP address is added to the Black list.

  • If false, a specified IP address is added to the White list.

rout string

The URL of a resource to which access from a specified IP address is either allowed or prohibited.

POST[host]/api/v2/security/policies

curl --location --request POST 'https://host.name/api/v2/security/policies' \
--header 'Authorization: Bearer <token>' \
--data-raw '{
  "active": true,
  "comment": "Internal route for authenticating clients on platforms",
  "ip": "127.0 0.1",
  "isBlack": true,
  "route": "platform_proxy"
}'

Response

A response includes a Security Policy object providing information about the created policy.

Update a security policy

Use this method to update a specified security policy.

Note

Instead of the method described below, you can use a similar method that uses the HTTP verb PATCH.

Request

Header parameters:

  • Authorization: Bearer <access_token>

Path parameters:

policyId required

The security policy identifier.

Body:

The following field values can be updated for a specified security policy:

active boolean

If true, a security policy is enabled; otherwise, false.

comment string

The optional internal comment added to a security policy.

ip string

The IP address to which a security policy is applied.

isBlack boolean

  • If true, a specified IP address is added to the Black list.

  • If false, a specified IP address is added to the White list.

rout string

The URL of a resource to which access from a specified IP address is either allowed or prohibited.

PUT[host]/api/v2/security/policies/{policyId}

curl --location --request PUT 'https://host.name/api/v2/security/policies/1' \
--header 'Authorization: Bearer <token>' \
--data-raw '{
  "active": true,
  "comment": "Internal route for authenticating clients on platforms",
  "ip": "127.0 0.1",
  "isBlack": true,
  "route": "platform_proxy"
}'

Response

A response includes a Security Policy object providing information about the policy that was updated.

Delete a security policy

Use this method to remove a specified security policy.

Request

Header parameters:

  • Authorization: Bearer <token>

Path parameters:

policyId required

The security policy identifier.

DELETE[host]/api/v2/security/policies/{policyId}

curl --location --request DELETE 'https://host.name/api/v2/security/policies/1' \
--header 'Authorization: Bearer <token>'

Response

In case of success, no response body is returned.