This article provides step-by-step instructions for adding Cequence EdgeWorker to an Akamai property and configuring the property's variables for use with Cequence EdgeWorker.
Prerequisites
Before you add Cequence EdgeWorker to an Akamai property, confirm that your environment meets the following prerequisites.
- Access to Akamai Control Center
- Appropriate permissions to manage EdgeWorkers and Properties
- A Cequence account and access to Cequence UAP Portal
- In the Cequence UAP Portal, generate Client Id (say akamai-edgeworker-client) and Client Secret with Traffic Management permissions and Token Lifespan of 1800 seconds
- The compressed tgz file that contains the Cequence EdgeWorker
Cequence Akamai EdgeWorker
Creating an EdgeWorker in Akamai
- Log in to the Akamai Control Center.
- Navigate to EdgeWorkers from the left sidebar.
- Click on Create EdgeWorker button.
- Fill in the required information.
- Name: "Cequence EdgeWorker 1"
- Description: "Cequence API Security and Bot Protection EdgeWorker"
- Choose the defaults for Group, Contract ID and Resource tier.
- Click Create.
Uploading Cequence EdgeWorker Code
- Click the ID associated with the newly created EdgeWorker.
- In the EdgeWorker ID details page, select the Versions tab.
- Click Create Version.
- Choose the Cequence EdgeWorker code file (.tgz) you downloaded earlier.
- Click Create Version.
Activating EdgeWorker Version
- Select the version to activate
- Click Activate version and choose the network.
Network options are Staging or Production. - Confirm the activation.
Attaching the Cequence EdgeWorker to a Property
- In the Property Manager, select the the property you want to attach the EdgeWorker to; say api.mycompany.com
- Click "New Version" under "Active Staging Version" or "Active Production Version"
- Under Property Variables, click + Variables to add each of the following variables
- Name: "CEQUENCE_CLIENT_ID"
Type: String
Value: Your Cequence Client ID generated from the UAP Portal in the prerequisites phase - Name: "CEQUENCE_CLIENT_SECRET"
Type: String
Value: Your Cequence Client Secret generated from the UAP Portal in the prerequisites phase - Name: "CEQUENCE_HOSTNAME"
Type: String
Value: Copy and paste the value from "Property Hostname" - (Optional) Name: "CEQUENCE_AUTH_TOKEN_URI"
Type: String
Value: Alternative token URI for authentication, if not /auth/realms/cequence/protocol/openid-connect/token
- Name: "CEQUENCE_CLIENT_ID"
- Confirm that sensitive variables, such as CEQUENCE_CLIENT_SECRET, are marked Hidden.
- Click Save to save the variables.
- Add Cequence EdgeWorker Rule
- In Property Configuration Settings, click + Rules.
- Select Blank Rule Template.
- In Name, type Cequence EdgeWorker and click Insert Rule.
- In the Behaviors section, add a new Standard property behavior.
- Search for and select EdgeWorkers, then click Insert Behavior.
- In EdgeWorker Identifier, select the ID or name of the EdgeWorker assigned, such as Cequence EdgeWorker 1.
- Click + Match, If: Path matches one of
/*
- Add Cequence Edge Origin Rule
- In Property Configuration Settings, click + Rules.
- Select Blank Rule Template, call the new rule "Cequence Edge Origin Rule", then click Insert Rule.
- In the Behaviors section of this rule, add a new Standard property behavior.
- Click Add Behavior.
- Search for and select Origin Server.
- Configure the following behavior settings.
- Click + Match, If: Path matches one of:
/api-transactions
- Origin Type: Your Origin
- Origin Server Hostname: The hostname for Cequence Edge, for example, edge.yourcompany.1.cequence.cloud
- Forward Host Header: Origin Hostname
- Cache Key Hostname: Origin Hostname
- Click + Match, If: Path matches one of:
- Add Cequence Auth Origin Rule
- In Property Configuration Settings, click + Rules.
- Select the Blank Rule Template, call the new rule Cequence Auth Origin Rule, and click Insert Rule.
- In the Behaviors section, add a new Standard property behavior.
- Click "Add Behavior"
- Search for and select Origin Server
- Configure the behavior as follows:
- Click + Match, If: Path matches one of:
/auth/realms/cequence/protocol/openid-connect/token
- Origin Type: Your Origin
- Origin Server Hostname: The hostname for Cequence Auth (e.g., auth.yourcompany.1.cequence.cloud)
- Forward Host Header: Origin Hostname
- Cache Key Hostname: Origin Hostname
- Click + Match, If: Path matches one of:
- Add another behavior to cache post responses, click "Add Behavior"
- Search for and select Cache POST Responses
- Configure the behavior as follows:
- Status: On
- POST Body: Include the MD5 hash in cache key
- Add another behavior to set cache TTL, click "Add Behavior"
- Search for and select Caching
- Configure the behavior as follows:
- Caching option: Cache
- Force revalidation of stale objects: Always revalidate with origin
- Maxage: 1700 seconds (this assumes the token lifespan set for CEQUENCE_CLIENT_ID is greater that 1700 seconds; default is 1800 seconds)
Saving and Activating Property
- Save your property changes
- Go through the validation process
- Activate the property on Staging for testing
- Once tested and verified with Cequence, activate on Production
Troubleshooting
If you encounter issues:
- Check the EdgeWorker logs in the Akamai Control Center
- Verify that the EdgeWorker ID in the property matches your Cequence EdgeWorker
- Ensure all required Cequence variables are correctly defined and not exposed
- Confirm that your Cequence account is active and properly configured
- Verify that the CEQUENCE_CLIENT_ID and CEQUENCE_CLIENT_SECRET match the credentials provided by Cequence