Token-Based Authentication should either be configured to secure content by directory (Token Auth page) or by request via Rules Engine. However, both methods should not be used.
Token-Based Authentication can be enabled or disabled based on the type of request that was received. Rules Engine, which must be purchased separately, provides this functionality. Rules Engine allows an administrator to set up rules that determine how requests that meet predefined criteria will be handled.
For example, the following sample configure enables Token-Based Authentication for HTML files. This means that a valid token must be included for any request served via the CDN for an HTML file.
Rules Engine functionality is not limited to determining whether a request will require Token-Based Authentication. There are a wide range of features that can be applied to a request that matches the criteria specified in a rule.
More Information
- Rules Engine
- Extending/Overriding CDN Behavior
- Creating a Draft
- Token Auth [HTTP Rules Engine feature]
- Token Auth Denial Code [HTTP Rules Engine feature]
- Token Auth Ignore URL Case [HTTP Rules Engine feature]
- Token Auth Parameter [HTTP Rules Engine feature]
Edgecast CDN