Update Forwarded IP Header
Endpoint
PATCH /apiops/projects/{projectName}/apiProxies/{apiProxyName}/settings/forwarded-ip-header/
Authentication
Requires a Personal API Access Token.
Header
Authorization: Bearer YOUR_TOKEN
Request
Headers
| Header | Value | Required |
|---|---|---|
| Authorization | Bearer {token} | Yes |
| Content-Type | application/json | Yes |
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| projectName | string | Yes | Project name |
| apiProxyName | string | Yes | API Proxy name |
Request Body
Full JSON Body Example
{
"forwardedIpHeaderParam": {
"forwardedIpHeaderParamActive": true,
"value": "X-Forwarded-For",
"xffOrder": "FIRST"
},
"deploy": false,
"deployTargetEnvironmentNameList": []
}
Request Body Fields
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| forwardedIpHeaderParam | object | Yes | - | Forwarded IP header settings object (see fields below) |
| deploy | boolean | No | false | If true, deploy the API proxy after saving changes |
| deployTargetEnvironmentNameList | array[string] | No | - | List of environment names to deploy to (required when deploy=true) |
forwardedIpHeaderParam Fields
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| forwardedIpHeaderParamActive | boolean | No | false | Enable/disable forwarded IP header |
| value | string | No | X-Forwarded-For | Header name to use for forwarded IP |
| xffOrder | string | No | FIRST | Order of IP address in X-Forwarded-For header |
EnumPolicyXFFOrder
FIRST- Use first IP address in X-Forwarded-For headerSECOND- Use second IP address in X-Forwarded-For headerTHIRD- Use third IP address in X-Forwarded-For headerFOURTH- Use fourth IP address in X-Forwarded-For headerFIFTH- Use fifth IP address in X-Forwarded-For headerLAST- Use last IP address in X-Forwarded-For header
Note: All fields are optional. Only provided fields are updated.
X-Forwarded-For Header
The X-Forwarded-For header contains a comma-separated list of IP addresses:
X-Forwarded-For: client-ip, proxy1-ip, proxy2-ip
The xffOrder determines which IP address is used:
FIRST- Usesclient-ip(original client)LAST- Usesproxy2-ip(last proxy)SECOND,THIRD, etc. - Uses IP at specified position
Response
Success Response (200 OK)
{
"success": true
}
When deploy=true is specified:
{
"success": true,
"deploymentResult": {
"success": true,
"deploymentResults": [
{
"environmentName": "production",
"success": true,
"message": "Deployment successful"
}
]
}
}
Response Fields
| Field | Type | Description |
|---|---|---|
| success | boolean | Indicates if the request was successful |
| deploymentResult | object | Deployment result (only present when deploy=true) |
| deploymentResult.success | boolean | Overall deployment success |
| deploymentResult.deploymentResults | array | Individual environment deployment results |
Error Response (400 Bad Request)
{
"error": "bad_request",
"error_description": "Invalid forwarded IP header settings"
}
Error Response (401 Unauthorized)
{
"error": "unauthorized_client",
"error_description": "Invalid token"
}
Error Response (404 Not Found)
{
"error": "not_found",
"error_description": "ApiProxy (name: MyAPI) was not found!"
}
cURL Example
Example 1: Enable Forwarded IP Header
curl -X PATCH \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/settings/forwarded-ip-header/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"forwardedIpHeaderParam": {
"forwardedIpHeaderParamActive": true,
"value": "X-Forwarded-For",
"xffOrder": "FIRST"
}
}'
Example 2: Use Custom Header Name
curl -X PATCH \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/settings/forwarded-ip-header/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"forwardedIpHeaderParam": {
"forwardedIpHeaderParamActive": true,
"value": "X-Real-IP",
"xffOrder": "LAST"
}
}'
Example 3: Save and Deploy
curl -X PATCH \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/settings/forwarded-ip-header/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"forwardedIpHeaderParam": {
"forwardedIpHeaderParamActive": true,
"value": "X-Forwarded-For",
"xffOrder": "FIRST"
},
"deploy": true,
"deployTargetEnvironmentNameList": ["production"]
}'
Notes and Warnings
- Header Name: Default is
X-Forwarded-For. Can be customized (e.g.,X-Real-IP) - IP Order:
FIRSTgets original client IP,LASTgets last proxy IP - Use Cases:
- Forward client IP for logging/analytics
- Forward client IP for rate limiting
- Forward client IP for geolocation
- Chain: X-Forwarded-For contains comma-separated IP chain
- Deploy: When
deploy=true, the API proxy is automatically deployed to the specified environments after saving
Permissions
User must have API_MANAGEMENT + MANAGE permission in the project.
Related Documentation
- Get API Proxy - Get API proxy details