PingIntelligence

ASE-generated error messages for blocked requests

The API Security Enforcer (ASE) blocks certain requests based on application programming interface (API) Mapping or API Behavioral Security (ABS)-detected attacks. For these blocked requests, it sends a standard error message back to the client.

The following table describes the error messages.

Blocked Connection HTTP Error Code Error Definition Message Body

Unknown API

503

Service Unavailable

Error: Unknown API

Unknown Hostname

503

Service Unavailable

Error: Unknown Hostname

Malformed Request

400

Bad Request

Error: Malformed Request

IP attack

403

Unauthorized

Error: Unauthorized

Cookie attack

403

Unauthorized

Error: Unauthorized

OAuth2 Token attack

403

Unauthorized

Error: Unauthorized

API Key attack

403

Unauthorized

Error: Unauthorized

Username attack

403

Unauthorized

Error: Unauthorized
Diagram of ASE returning a standard error message: 401 Unauthorized following bad request