Ban IPs via API?

Hello there, I’d like to build a mechanism that will allow users to ban specific IPs through internal admin console. I was looking at Swagger UI docs, but I did not see a method to POST a decision. Are there any other ways that anybody has came up with?

Thank you.

You dont add decisions without an alert, so you would create an alert and embed the decision within the alert.

1 Like

Also forgot to mention that you need to authenticate the request to the push alerts endpoint via the watchers login, you can either create a JWT per request or handle the caching of JWT on the server side up to you. the per request is easier

Hmm, makes sense, then it seems like there’s no need to add an additional scenario to manage that ban category? As the API is able to ban the IP address at the first place, or is recommended to facilitate that scenario in order to have a better setup?

You wouldnt need to have a scenario, but if you was banning something others than IP addresses then you would need to add a custom profile as each alert is evaluated agaisnt the profiles. However, if there is an decision already within the alert then the local profiles are not evaluated.

1 Like