First Party Configuration

In First-Party Mode, the Enforcer acts as a reverse proxy for client requests and sensor activity.

The Enforcer is configured with First-Party mode enabled by default.

To confirm that you have configured your Enforcer in First-Party mode, review the perimeterx http_filters in your config.yaml.

First-Party Enabled Example (default value)

Below is an example of a http_filters entry from a config.yaml file that contains the minimum settings for the Enforcer:

http_filters:
      ...
      - name: perimeterx
        typed_config:
          "@type": type.googleapis.com/udpa.type.v1.TypedStruct
          type_url: type.googleapis.com/envoy.extensions.filters.http.perimeterx
          value:
            px_enabled: true
            px_appid: "<APP_ID>"
            px_cookie_secret: "<COOKIE_SECRET>"
            px_auth_token: "<AUTH_TOKEN>"

• If px_first_party_disabled is not found in the http_filters config, the First-Party Mode is enabled in the Enforcer. (Continue to the Next Steps below.
• Otherwise, proceed to the First Party Mode Disabled Example.

First-Party Mode Disabled Example

Below is an example of a http_filters entry from a config.yaml file that contains the minimum settings for the Enforcer

The presence of the px_first_party_disabled with a value of true confirms that the default configuration has been changed and First-Party mode is disabled.

http_filters:
      ...
      - name: perimeterx
        typed_config:
          "@type": type.googleapis.com/udpa.type.v1.TypedStruct
          type_url: type.googleapis.com/envoy.extensions.filters.http.perimeterx
          value:
           px_enabled: true
            px_appid: "<APP_ID>"
            px_cookie_secret: "<COOKIE_SECRET>"
            px_auth_token: "<AUTH_TOKEN>"
            px_first_party_disabled: true
...

In order to enable First-Party Mode, you need to set the px_first_party_disabled to false (or remove that configuration parameter at all) and redeploy your configuration and continue to the Next Steps below.

Next Steps

After configuring the enforcer to handle First-Party requests, complete the steps listed on the Integrate 1st-Party JS Snippet to confirm your snippet is setup to serve the Javascript Sensor via First-Party.