For customers who are already using the Akamai Network, Site Shield provides an additional layer of protection that helps prevent attackers from bypassing cloud-based protections to target the application origin. Site Shield cloaks websites and applications from the public Internet and restricts clients from directly accessing the origin. It is designed to complement the existing network infrastructure as well as advanced cloud security technologies available on the globally-distributed Akamai Intelligent Platform to mitigate the risks associated with network and application-layer threats that directly target the origin infrastructure.

The goal of the Site Shield API is to provide a Site Shield interface for consumption by nonbrowser clients. This API allows you to access and acknowledge Site Shield maps, which are sets of IP addresses and/or CIDR blocks. You must add these to the origin host's firewall so as to able to serve requests only to traffic originating from the IPs belonging to the map. Once completed, you then acknowledge the map, confirming the new IP blocks/CIDRs have been added to the firewall.


Here's the syntax template for the Authorization header:

Authorization: EG1-HMAC-SHA256 client_token=[value];access_token=[value];timestamp=[value];nonce=[value];signature=[value]
  • This is RFC2616-standard, with proprietary specifics.
  • SDKs will be available for some languages.


Authorization: EG1-HMAC-SHA256 client_token=akaa-275ca6de04b11b91-cf46074bf3b52950;access_token=akaa-d6cfbdb2d0594ae4-ad000cf3a5473a08;timestamp=20130817T02:49:13+0000;nonce=dd9957e2-4fe5-48ca-8d32-16a772ac6d8f;signature=Q3uWyssCz9qsNxekOX+PXP0WrtGT+J5qd6ssN1UmUmw=