Adding the Akamai Account ID to the Application

Before you activate SIEM delivery feeds for an application you must add the Akamai account ID to that application’s global settings. That’s because the Akamai account ID is the key that tells the event delivery system, yes, SIEM events need to be collected and delivered for this application.

Note. Well, OK: in order for events to be delivered, the Akamai account ID must be added to the application and SIEM event feeds must be enabled for that application. See Activating/Deactivating SIEM Delivery Feeds for more information.

If you aren’t sure whether or not your Akamai account ID has been added to your application, you can verify that by using the Console, going to the Manage Application page, and checking for the presence of the akamai_account_id setting:

If the setting isn’t there (which it won’t be for applications that predate SIEM Event Delivery), you can use the Console or the config//settings endpoint to add the Akamai account ID to an application: simply name the setting akamai_account_id and configure the setting value to be the account ID. For example, this command adds the Akamai account ID c18051a-524b-44fb-9762-65cf284f0e12 to the application htb8fuhxnf8e38jrzub3c7pfrr:


curl -X PUT \
 https://v1.api.us.janrain.com/config/applications/htb8fuhxnf8e38jrzub3c7pfrr/settings \
  -H 'Authorization: Basic e3t1c2VybmFtZX19Ont7cGFzc3dvcmR9fQ==' \
  -H 'Content-Type: application/json' \
  -d '{
   "email_method": "ses_sync",
    "custom": {
        "akamai_account_id": "c18051a-524b-44fb-9762-65cf284f0e12"
    },
    "rpx_realm": "documentation",
    "rpx_server": "https://rpxnow.com",
    "rpx_app_id": "123"
}'

If you use the config//settings endpoint to configure the account ID, keep in mind that the settings and values you pass with this endpoint replace any existing settings and values assigned to the application. For example, suppose you have an application with the following three global settings:

color1: red
color2: white
color3: blue

You then use this command to pass only the new Akamai account ID setting:


curl -X PUT \
 https://v1.api.us.janrain.com/config/applications/htb8fuhxnf8e38jrzub3c7pfrr/settings \
  -H 'Authorization: Basic e3t1c2VybmFtZX19Ont7cGFzc3dvcmR9fQ==' \
  -H 'Content-Type: application/json' \
  -d '{
    "custom": {
        "akamai_account_id": "c18051a-524b-44fb-9762-65cf284f0e12"
    }
}'

When your command completes, the application’s global settings will look like this:

akamai_account_id

What happened to the other three settings? That’s right: they were replaced by the settings included in your latest API call. To prevent existing settings from being erased, be sure that you include all of those settings in the API call that adds the Akamai account ID:


curl -X PUT \
 https://v1.api.us.janrain.com/config/applications/htb8fuhxnf8e38jrzub3c7pfrr/settings \
  -H 'Authorization: Basic e3t1c2VybmFtZX19Ont7cGFzc3dvcmR9fQ==' \
  -H 'Content-Type: application/json' \
  -d '{
    "custom": {
        "akamai_account_id": "c18051a-524b-44fb-9762-65cf284f0e12",
        "color1": "red",
        "color2": "white",
        "color3": "blue"
    }
}'


And don’t forget to configure akamai_account_id as a custom setting: 


"custom": {
    "akamai_account_id": "c18051a-524b-44fb-9762-65cf284f0e12"
}
 

If you do forget, the new setting won’t actually be added to the application.

Server Caching and the Akamai Account ID

Let’s say you forgot to add your Akamai account ID to an application, but you try to activate SIEM Event Delivery anyway. When you do that, your API call will fail because the account ID could not be found. OK: fair enough. You immediately add the account ID and call the /activate endpoint a second time. That call also fails because the account ID could not be found, even though you just added the account ID! What gives?

What gives is the fact that event delivery configuration information is temporarily cached on the SIEM event servers: yes, you did add the account ID, but that change won’t take effect until the cache is refreshed, something that happens every 10 minutes or so. In other words, after you add the account ID it could take as long as 10 minutes before you can activate the application. However, this only applies to instances in which activation has failed and you’re trying again. If you haven’t attempted to activate an application yet then you can add the account ID and immediately SIEM Event Delivery. In that case you don’t have to worry about the cache, because the cache will be empty.