Respond to API PII recommendations
When the network finds data that looks like personally identifiable information in parameters outside your API definition, it recommends you add the parameter to your definition.
Your response to the recommendation dictates how that information is later handled.
Recommendation status | Definition | Notes |
---|---|---|
Discovered | The network found this data that might be PII. You'll need to look at the parameter and decide what to do with it. If you choose to leave the recommendation status set to Discovered, it automatically updates to Confirmed the next time you activate your version. | This is a network-generated recommendation status that applies only to newly-discovered PII. |
Confirmed | This parameter contains PII and you expect it to contain PII. Once the recommendation status is Confirmed, firewall rules do not trip for confirmed parameters when they contain PII. | |
Declined | The parameter is not meant to contain PII. If any is found, trigger the firewall action set. | |
Deferred | Choose whether to confirm or decline this recommendation at a later time. | This option remains in a deferred state until you actively choose otherwise, and does not automatically update to Confirmed at the next activation. |
To set a recommendation status:
- Log into Akamai Control Center.
- Go to ☰ > CDN > API definitions.
- Select your API and version.
- Go to API PII security settings > API parameters with PII.
- Expand a parameter with a Recommendation status of Discovered and select a new status.
Your selection saves automatically and deploys to the network the next time you activate your version.
Updated about 1 year ago