Centinel AnalyticaPlatforms
Akamai EdgeWorkers
Deploy Centinel Analytica protection on your Akamai property using EdgeWorkers.
Overview
This quickstart guides you through deploying Centinel Analytica server-side validation on Akamai using EdgeWorkers. Allow 15-30 minutes for Property Manager changes to propagate across the Akamai network.
Prerequisites
- Centinel secret key
- Akamai Control Center access
- Property Manager access for the property you want to protect
Download the package
- Download
centinel-akamai-edgeworker.zip. - Extract the archive to get
main.jsandbundle.json.
Create the EdgeWorker
- Log into Akamai Control Center.
- Go to CDN → EdgeWorkers.
- Click Create EdgeWorker ID.
- Enter a name (for example
centinel-protection). - Select your Group and Resource tier.
- Click Create EdgeWorker ID.
Upload the code
- Select the EdgeWorker you just created.
- Click Create Version.
- Upload the
main.jsandbundle.jsonfiles from the extracted archive. - Click Create Version.
Configure the validator route
The EdgeWorker calls the Centinel validator via an internal path. You need to route /centinel-validate to the Centinel API.
- Go to CDN → Properties and select your property.
- Click Edit New Version to create a draft.
- Under Property Configuration, click Add Rule.
- Name the rule
Centinel Validator. - Add a Criteria:
- Match Type: Path
- Match Operator: matches one of
- Value:
/centinel-validate
- Add a Behavior → Origin Server:
- Origin Server Hostname:
validator.centinelanalytica.com - Forward Host Header: Origin Hostname
- Origin SSL Certificate Verification: Yes
- Origin Server Hostname:
- Add a Behavior → Modify Outgoing Request Path:
- Action: Replace Entire Path
- Replace With:
/validate
- Add a Behavior → Caching:
- Caching Option: No Store
- Click Save.
Important
Make sure the EdgeWorker behavior is not applied to the /centinel-validate rule to avoid recursion.
Set Property Manager variables
- In your property configuration, go to Property Variables.
- Add the following variables:
| Variable | Value |
|---|---|
PMUSER_EW_CENTINEL_SECRET_KEY | Your Centinel secret key |
- (Optional) Add additional variables from the Configuration Reference below.
- Click Save.
Attach the EdgeWorker
- In your property, add or edit a rule where you want Centinel protection.
- Add a Behavior → EdgeWorkers.
- Select your
centinel-protectionEdgeWorker ID. - Click Save.
Tip
Apply the EdgeWorker to your default rule to protect all paths, or add it to specific rules to protect only certain sections of your site.
Activate the property
- Click Activate in Property Manager.
- Select Staging for initial testing, or Production when ready.
- Add activation notes and click Activate.
- Wait for the activation to complete (approximately 15-30 minutes).
Verify deployment
- Browse your website to confirm normal traffic flow.
- Verify that static assets (
.js,.css,.png, etc.) load without delays. - Set
PMUSER_EW_CENTINEL_ENABLE_LOGGINGtotrueand check theX-Centinel-Logresponse header for validation outcomes.
Configuration Reference
Required Variables
| Variable | Type | Description |
|---|---|---|
PMUSER_EW_CENTINEL_SECRET_KEY | string | Your Centinel secret key for API authentication. |
Optional Variables
| Variable | Type | Default | Description |
|---|---|---|---|
PMUSER_EW_CENTINEL_TIMEOUT | number | 300 | Validator API timeout in milliseconds. |
PMUSER_EW_CENTINEL_ENABLE_LOGGING | boolean | false | Set to true to add X-Centinel-Log response header for debugging. |
PMUSER_EW_CENTINEL_PROTECTED_PATHS_INCLUSION | string | – | Regex pattern to protect only matching paths. Leave empty to protect all paths. |
PMUSER_EW_CENTINEL_PROTECTED_PATHS_EXCLUSION | string | – | Regex pattern to skip validation. Static assets are excluded by default. |
Changelog
- 1.0.0 - Initial release.