Edge Server Identification

With this behavior enabled, your origin server can use a cookie to verify if requests from ​Akamai​ servers to your origin are genuine.

How it works

You set up a cookie name-value pair, such as akamai=true that the edge server will send to the origin to verify that it's an ​Akamai​ edge server.

Features and options

FieldWhat it does
EnableEnables or disables the cookie-authorization behavior.
Cookie NameSpecifies the name of the cookie to use for authorization.
Cookie ValueSpecifies the value of the authorization cookie.
Cookie DomainSpecify the cookie’s domain, which must match the top-level domain of the Host header the origin server receives.

Tips and best practices

Edge Server Identification should be used inside a rule that has the requested hostname specified as matching criteria, since the cookie domain must be the top level domain of the host header forwarded to the origin, and this forward hostname is associated with the requested hostname.

For example, if the forwarded host is www.images.example.com, the cookie domain should be example.com.

When not explicitly defined within a rule with a hostname match, there is a limitation if one origin accepts multiple hostnames (that may occur with, for example, virtual servers) that do not have a common top level domain, for example www.domainA.com and www.domainB.com.
If this occurs, the identifying cookie isn't sent to any origin that doesn't forward host top level domain.

If there are multiple origins used in this property configuration and those origins serve hostnames with different top level domains (domainA, domainB, domainC, etc.), the cookie using cookie domain domainA may not be forwarded to the others.