First Party Configuration

In First Party Mode, the PerimeterX Node.JS Enforcer acts as a reverse proxy for client requests and sensor activity.

mod_perimeterx is configured with First-Party mode enabled by default.

To confirm that you have configured your PerimeterX Node.JS Enforcer in First-Party mode, review the pxConfig block.

First Party Enabled Example (default value)

Below is an example of a basic pxConfig block. The absence of the FirstPartyEnabled confirms that the default setting of enable First Party Mode is active.

const pxConfig = {
    pxAppId: 'PX_APP_ID',
    cookieSecretKey: 'PX_COOKIE_ENCRYPTION_KEY',
    authToken: 'PX_TOKEN'
};

First Party Mode Disabled Example

Below is an example of a basic configuration for the Node.JS Enforcer with First Party mode disabled. The presence of FirstPartyEnabled with a value of false confirms that the default configuration has been changed and First Party mode is disabled.

const pxConfig = {
    pxAppId: 'PX_APP_ID',
    cookieSecretKey: 'PX_COOKIE_ENCRYPTION_KEY',
    authToken: 'PX_TOKEN',
    firstPartyEnabled: false
};

In order to enable First Party Mode, set FirstPartyEnabled to true in the pxConfig block.

Additional Routes (Optional)

If you have implemented the Node.JS Enforcer on all routes as shown in [Setting the PerimeterX Middleware on all Server Routes](https://docs.perimeterx.com/pxconsole/docs/installation-1#section-setting-the-perimeterx-middleware-on-all-server-routes, you can proceed to the Next Steps section of this page. If you implemented the Node.JS Enforcer only on specific routes as shown in the Basic Configuration, you need to add the route below to your application before moving onto the Next Steps.

In First Party mode, sensor calls are made to yourdomain.com/<PerimeterX-appid-without-PX>/*. For example, if your AppID is PX1234567 the path would be yourdomain/1234567/*. This new route must be added to your application.

Below is an example of the Basic Configuration that includes an example of the route needed for First Party requests.

"use strict";

const express = require('express');
const perimeterx = require('perimeterx-node-express');

const server = express();

/* px-module and cookie parser need to be initiated before any route usage */
const pxConfig = {
    pxAppId: 'PX_APP_ID',
    cookieSecretKey: 'PX_COOKIE_ENCRYPTION_KEY',
    authToken: 'PX_TOKEN',
    firstPartyEnabled: true
};
perimeterx.init(pxConfig);

/* handle first party  requests */
server.use('/1234567', perimeterx.middleware);

/*  block users with high bot scores using px-module for the route /helloWorld */
server.get('/helloWorld', perimeterx.middleware, (req, res) => {
    res.send('Hello from PX');
});

server.listen(8081, () => {
    console.log('server started');
});

Next Steps

After configuring the enforcer to handle First Party requests, complete the steps listed on the Integrate 1st-Party JS Snippet to make sure your snippet is setup to serve the Javascript Sensor via First Party.


Did this page help you?