Add an Event to the SIEM Event Block List

Endpoint URL: {identityDomain} /config/applications/{appId} /eventdelivery/addBlocklist


Adds one or more events to an application’s SIEM Event Delivery service block list. If an event type has been blocked, event messages for that type will not be delivered by the SIEM Event Delivery service; however, all other event types will be delivered. By default, block lists are empty, meaning that applications receive event messages for all available event types.

Important. This endpoint was previously known as the "addBlacklist" endpoint. The name has been changed, but the functionality remains exactly the same.

Respects the API Client Allow List: No

Base URL

The base URL for this endpoint is your Identity Cloud Configuration API URL (including the appropriate region) followed by your application ID. For example, if you are in the US region and your application ID is htb8fuhxnf8e38jrzub3c7pfrr then your base URL will look like this:

If you are in the Australian (AU) region your URL will look like this:

URL path parameters








Identity Cloud geographic region that hosts the application. Allowed values are:

  • us
  • eu
  • au
  • sg
  • cc




Unique identifier of the Identity Cloud application whose block list is being updated. For example:


Request Parameters

Request parameters must be formatted as JSON objects and included in your API call’s body parameter. Valid request parameters include the following:






Array (string)


JSON array of the event types being added to the block list. For example:


Note that you do not need to include the parameter name in the body request. The parameter value (the events to be blocked) is all that’s needed.


This endpoint requires Basic authentication and an API client with the owner feature. When configuring authentication, use your client ID as the username and your client secret as the password.

Sample Request (curl)

The following command adds a pair of event types – config_change and email_verification to the event type block list for the application htb8fuhxnf8e38jrzub3c7pfrr:

curl -X POST \ \
  -H 'Authorization: Basic M2dmYmdycmE3dzI4MmhndHJ5cGZxeDlwemhxaGpnZDU6Y2dkY3A3bWhjeWszYmZocnl2d2NmY2c3NTdqdzRhb3E=' \
  -H 'Content-Type: application/json' 
  -d '[


201 Created

If your call to this endpoint succeeds, you'll get back the following response:

     "message": "The event type(s) were successfully added to the blocklist."

Error Response Codes

The following table includes information about some of the other response codes that you might encounter when calling this endpoint.

Response Code



The request payload is not valid JSON. Your API request did not pass the JSON schema validation. Verify that you are using correctly-formatted JSON in the request parameter and then try again.


Not authorized. Your client credentials may be invalid. You have specified an invalid client name and/or an invalid client secret.


Forbidden. Your credentials are valid for the application but not for this endpoint. For example, if you have read-only credentials those credentials can only be used with GET endpoints.


The Akamai account ID was not found. Check your application settings for 'akamai_account_id'. Your Akamai account ID must be listed in the application settings for the application specified in your API call. You can use the /{appId}/settings/options API endpoint or the Console to verify your application settings.