Update Forwarded IP Header
Overview
Updates forwarded IP header parameter settings for an API proxy. Forwarded IP header settings control how client IP addresses are forwarded to backend services.
Endpoint
PATCH /apiops/projects/{projectName}/apiProxies/{apiProxyName}/settings/forwarded-ip-header/
Authentication
Requires a Personal API Access Token.
Header
Authorization: Bearer YOUR_TOKEN
Request
Headers
| Header | Value | Required |
|---|---|---|
| Authorization | Bearer {token} | Yes |
| Content-Type | application/json | Yes |
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| projectName | string | Yes | Project name |
| apiProxyName | string | Yes | API Proxy name |
Request Body
Full JSON Body Example
{
"forwardedIpHeaderParamActive": true,
"value": "X-Forwarded-For",
"xffOrder": "FIRST"
}
Request Body Fields
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| forwardedIpHeaderParamActive | boolean | No | false | Enable/disable forwarded IP header |
| value | string | No | X-Forwarded-For | Header name to use for forwarded IP |
| xffOrder | string | No | FIRST | Order of IP address in X-Forwarded-For header |
EnumPolicyXFFOrder
FIRST- Use first IP address in X-Forwarded-For headerSECOND- Use second IP address in X-Forwarded-For headerTHIRD- Use third IP address in X-Forwarded-For headerFOURTH- Use fourth IP address in X-Forwarded-For headerFIFTH- Use fifth IP address in X-Forwarded-For headerLAST- Use last IP address in X-Forwarded-For header
Note: All fields are optional. Only provided fields are updated.
X-Forwarded-For Header
The X-Forwarded-For header contains a comma-separated list of IP addresses:
X-Forwarded-For: client-ip, proxy1-ip, proxy2-ip
The xffOrder determines which IP address is used:
FIRST- Usesclient-ip(original client)LAST- Usesproxy2-ip(last proxy)SECOND,THIRD, etc. - Uses IP at specified position
Response
Success Response (200 OK)
{
"success": true
}
Response Fields
| Field | Type | Description |
|---|---|---|
| success | boolean | Indicates if the request was successful |
Error Response (400 Bad Request)
{
"error": "bad_request",
"error_description": "Invalid forwarded IP header settings"
}
Error Response (401 Unauthorized)
{
"error": "unauthorized_client",
"error_description": "Invalid token"
}
Error Response (404 Not Found)
{
"error": "not_found",
"error_description": "ApiProxy (name: MyAPI) was not found!"
}
cURL Example
Example 1: Enable Forwarded IP Header
curl -X PATCH \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/settings/forwarded-ip-header/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"forwardedIpHeaderParamActive": true,
"value": "X-Forwarded-For",
"xffOrder": "FIRST"
}'
Example 2: Use Custom Header Name
curl -X PATCH \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/settings/forwarded-ip-header/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"forwardedIpHeaderParamActive": true,
"value": "X-Real-IP",
"xffOrder": "LAST"
}'
Notes and Warnings
- Header Name: Default is
X-Forwarded-For. Can be customized (e.g.,X-Real-IP) - IP Order:
FIRSTgets original client IP,LASTgets last proxy IP - Use Cases:
- Forward client IP for logging/analytics
- Forward client IP for rate limiting
- Forward client IP for geolocation
- Chain: X-Forwarded-For contains comma-separated IP chain
- Permissions: Requires
ROLE_MANAGE_PROXIESpermission
Related Documentation
- Get API Proxy - Get API proxy details