From the Domain Management tab, click the Settings icon (highlighted in red, above) to edit one or more domain configurations.
The Domain Configuration Settings page lets you modify API protection general attributes, including:
- Session Timeout – Set the amount of time (measured in seconds) a user can be inactive for before their session expires.
- dstlSecure Header – Enter the corresponding header to authenticate requests coming from Distil.
Token Settings let you to set token-specific API traits for the API, including:
- Priority – Raise or lower the priority of the token.
- Name of Token – Enter the token name the origin server should expect with a request.
- Token Locations – This setting tells Distil where to check for your custom tokens.
- HTTP Status Code for Invalid Tokens – Enter the HTTP status code the origin server will issue to indicate a token is invalid. Tokens are flagged as invalid until the Session Timeout passes without traffic.
In the above example, the server first looks in the header for the distil_token token. If it doesn’t find it there, it then looks for the auth_token in the argument, followed by the session_id token in the cookie, and lastly the tracking token in the header.
The Gzip Settings section can be configured to allow/deny the ability to zip outgoing content requests and unzip incoming content requests. Additionally, you are able to select specific file types to zip for outgoing requests.
The Upstream Settings lets you route and proxy traffic for specific API domains through alternate servers that are closer to the actual origin of the request. It’s primarily of use for on-premise customers.